[Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-8832/linux

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a0898d79 by Salvatore Bonaccorso at 2020-04-10T11:11:37+02:00
Update status for CVE-2020-8832/linux

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6967,9 +6967,13 @@ CVE-2020-8834 (KVM in the Linux kernel on Power8 processors has a conflicting us
 CVE-2020-8833
 	RESERVED
 CVE-2020-8832 (The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 (" ...)
-	- linux <undetermined>
-	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1817047
-	TODO: check (in kernel-sec) if we have incomplete fix
+	- linux 4.16.5-1
+	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840
+	NOTE: The CVE is for an incomplete fix for CVE-2019-14615 which technically only
+	NOTE: affects upstream versions (and downstreams) which applied the fix fo
+	NOTE: CVE-2019-14615 which is bc8a76a152c5 ("drm/i915/gen9: Clear residual context
+	NOTE: state on context switch"). But there is need to apply as well the prerequistite
+	NOTE: d2b4b97933f5 ("drm/i915: Record the default hw state after reset upon load").
 CVE-2020-8831
 	RESERVED
 CVE-2019-20451 (The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0898d79633e2821b28c5f667b1295adb83ff001

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0898d79633e2821b28c5f667b1295adb83ff001
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200410/2dd6be59/attachment.html>