[Git][security-tracker-team/security-tracker][master] Sync some linux CVEs with kernel-sec

Salvatore Bonaccorso carnil at debian.org
Mon Sep 21 18:38:14 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
24747377 by Salvatore Bonaccorso at 2020-09-21T19:37:39+02:00
Sync some linux CVEs with kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -64913,19 +64913,24 @@ CVE-2020-0432 (In skb_to_mamac of networking.c, there is a possible out of bound
 	NOTE: https://git.kernel.org/linus/4d1356ac12f4d5180d0df345d85ff0ee42b89c72
 	NOTE: Staging driver, not enabled/built
 CVE-2020-0431 (In kbd_keycode of keyboard.c, there is a possible out of bounds write  ...)
-	- linux 5.5.13-1
+	- linux 5.4.13-1
+	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/4f3882177240a1f55e45a3d241d3121341bead78
 CVE-2020-0430 (In skb_headlen of /include/linux/skbuff.h, there is a possible out of  ...)
-	- linux 4.18.6-1
+	- linux 4.17.8-1
+	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/58990d1ff3f7896ee341030e9a7c2e4002570683
 CVE-2020-0429 (In l2tp_session_delete and related functions of l2tp_core.c, there is  ...)
 	- linux 4.14.2-1
+	[stretch] - linux 4.9.228-1
 	NOTE: https://git.kernel.org/linus/b228a94066406b6c456321d69643b0d7ce11cfa6
 	NOTE: https://git.kernel.org/linus/cdd10c9627496ad25c87ce6394e29752253c69d3
 CVE-2020-0428 (In CamX code, there is a possible use after free due to a race conditi ...)
 	NOT-FOR-US: Android on Pixel
 CVE-2020-0427 (In create_pinctrl of core.c, there is a possible out of bounds read du ...)
-	- linux 5.5.13-1
+	- linux 5.4.8-1
+	[buster] - linux 4.19.98-1
 	NOTE: https://git.kernel.org/linus/be4c60b563edee3712d392aaeb0943a768df7023
 CVE-2020-0426 (In SyncManager, there is a possible permission bypass due to an unsafe ...)
 	NOT-FOR-US: Android



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/247473779fcca41871dc99a2a229a135584acedd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/247473779fcca41871dc99a2a229a135584acedd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200921/df38ae94/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list