[Git][security-tracker-team/security-tracker][master] Sync status for some linux CVEs with kernel-sec triage
Salvatore Bonaccorso
carnil at debian.org
Thu May 28 20:34:33 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
604af624 by Salvatore Bonaccorso at 2020-05-28T21:34:03+02:00
Sync status for some linux CVEs with kernel-sec triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1932,6 +1932,8 @@ CVE-2020-12769 (An issue was discovered in the Linux kernel before 5.4.17. drive
NOTE: https://git.kernel.org/linus/19b61392c5a852b4e8a0bf35aecb969983c5932d (5.5-rc6)
CVE-2020-12768 (** DISPUTED ** An issue was discovered in the Linux kernel before 5.6. ...)
- linux 5.6.7-1 (unimportant)
+ [stretch] - linux <not-affected> (Vulnerability introduced later)
+ [jessie] - linux <not-affected> (Vulnerability introduced later)
NOTE: https://git.kernel.org/linus/d80b64ff297e40c2b6f7d7abc1b3eba70d22a068 (5.6-rc4)
CVE-2020-12766 (Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via t ...)
NOT-FOR-US: Gnuteca
@@ -2216,12 +2218,16 @@ CVE-2020-12660
CVE-2020-12659 (An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg ...)
- linux 5.6.7-1
[buster] - linux 4.19.118-1
+ [stretch] - linux <not-affected> (Vulnerable code not present)
+ [jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/99e3a236dd43d06c65af0a2ef9cb44306aef6e02 (5.7-rc2)
CVE-2020-12658
RESERVED
CVE-2020-12657 (An issue was discovered in the Linux kernel before 5.6.5. There is a u ...)
- linux 5.6.7-1
[buster] - linux 4.19.118-1
+ [stretch] - linux <not-affected> (Vulnerable code not present)
+ [jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9 (5.7-rc1)
CVE-2020-12656 (** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c ...)
- linux <unfixed> (unimportant)
@@ -2640,6 +2646,8 @@ CVE-2020-12466
CVE-2020-12465 (An array overflow was discovered in mt76_add_fragment in drivers/net/w ...)
- linux 5.5.13-1
[buster] - linux 4.19.118-1
+ [stretch] - linux <not-affected> (Vulnerable code not present)
+ [jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b102f0c522cf668c8382c56a4f771b37d011cda2 (5.6-rc6)
CVE-2020-12464 (usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before ...)
- linux 5.6.14-1
@@ -8359,6 +8367,7 @@ CVE-2020-10712 (A flaw was found in OpenShift Container Platform version 4.1 and
NOT-FOR-US: image registry operator in OpenShift Container Platform
CVE-2020-10711 (A NULL pointer dereference flaw was found in the Linux kernel's SELinu ...)
- linux 5.6.14-1
+ [jessie] - linux <not-affected> (Vulnerability introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2020/05/12/2
CVE-2020-10710
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/604af624fd2c06d2f5947b654ca43d59c9fe0cc4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/604af624fd2c06d2f5947b654ca43d59c9fe0cc4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200528/47bb931f/attachment.html>
More information about the debian-security-tracker-commits
mailing list