[Git][security-tracker-team/security-tracker][master] Sync some linux CVE with kernel-sec triaging from Ben Hutchings

Salvatore Bonaccorso carnil at debian.org
Thu Apr 23 21:45:20 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e2812487 by Salvatore Bonaccorso at 2020-04-23T22:44:34+02:00
Sync some linux CVE with kernel-sec triaging from Ben Hutchings

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33785,6 +33785,7 @@ CVE-2020-0068 (In crus_afe_get_param of msm-cirrus-playback.c, there is a possib
 	NOT-FOR-US: Android
 CVE-2020-0067 (In f2fs_xattr_generic_list of xattr.c, there is a possible out of boun ...)
 	- linux 5.5.13-1
+	[jessie] - linux <ignored> (f2fs is not supportable)
 	NOTE: https://git.kernel.org/linus/688078e7f36c293dae25b338ddc9e0a2790f6e06
 CVE-2020-0066 (In the netlink driver, there is a possible out of bounds write due to  ...)
 	- linux 4.2.5-1
@@ -61494,6 +61495,7 @@ CVE-2019-9454 (In the Android kernel in i2c driver there is a possible out of bo
 CVE-2019-9453 (In the Android kernel in F2FS touch driver there is a possible out of  ...)
 	- linux 5.2.6-1
 	[buster] - linux 4.19.67-1
+	[jessie] - linux <ignored> (f2fs is not supportable)
 	NOTE: https://git.kernel.org/linus/2777e654371dd4207a3a7f4fb5fa39550053a080
 CVE-2019-9452 (In the Android kernel in SEC_TS touch driver there is a possible out o ...)
 	NOT-FOR-US: Android kernel (sec_ts not in mainline)
@@ -61512,6 +61514,7 @@ CVE-2019-9446 (In the Android kernel in the FingerTipS touchscreen driver there
 CVE-2019-9445 (In the Android kernel in F2FS driver there is a possible out of bounds ...)
 	- linux 5.2.6-1
 	[buster] - linux 4.19.98-1
+	[jessie] - linux <ignored> (f2fs is not supportable)
 	NOTE: https://git.kernel.org/linus/720db068634c91553a8e1d9a0fcd8c7050e06d2b
 CVE-2019-9444 (In the Android kernel in sync debug fs driver there is a kernel pointe ...)
 	- linux 4.15.4-1
@@ -61935,6 +61938,7 @@ CVE-2019-9246 (In NFC, there is a possible out of bounds read due to a missing b
 	NOT-FOR-US: Android
 CVE-2019-9245 (In the Android kernel in the f2fs driver there is a possible out of bo ...)
 	- linux 4.19.16-1
+	[jessie] - linux <ignored> (f2fs is not supportable)
 	NOTE: https://git.kernel.org/linus/64beba0558fce7b59e9a8a7afd77290e82a22163
 CVE-2019-9244 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
 	NOT-FOR-US: Android
@@ -81207,6 +81211,7 @@ CVE-2019-2214 (In binder_transaction of binder.c, there is a possible out of bou
 CVE-2019-2213 (In binder_free_transaction of binder.c, there is a possible use-after- ...)
 	- linux 5.2.6-1
 	[buster] - linux 4.19.67-1
+	[jessie] - linux <ignored> (Android drivers not supported)
 	NOTE: https://lore.kernel.org/patchwork/patch/1087916/
 CVE-2019-2212 (In poisson_distribution of random, there is an out of bounds read. Thi ...)
 	- libc++ <removed>
@@ -104332,10 +104337,13 @@ CVE-2018-12932 (PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attack
 	NOTE: https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949
 CVE-2018-12931 (ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4. ...)
 	- linux 4.19.37-1
+	[jessie] - linux <ignored> (ntfs is not supportable)
 CVE-2018-12930 (ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Lin ...)
 	- linux 4.19.37-1
+	[jessie] - linux <ignored> (ntfs is not supportable)
 CVE-2018-12929 (ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux k ...)
 	- linux 4.19.37-1
+	[jessie] - linux <ignored> (ntfs is not supportable)
 CVE-2018-12928 (In the Linux kernel 4.15.0, a NULL pointer dereference was discovered  ...)
 	- linux <unfixed> (low)
 	[buster] - linux <ignored> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2812487a38c9d12790b75f9ee7112391e06f157

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2812487a38c9d12790b75f9ee7112391e06f157
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200423/5e64b675/attachment.html>

More information about the debian-security-tracker-commits mailing list