[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 9 09:10:29 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5997a6c6 by security tracker role at 2021-08-09T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,215 @@
-CVE-2021-38209
+CVE-2021-38294
+ RESERVED
+CVE-2021-38293
+ RESERVED
+CVE-2021-38292
+ RESERVED
+CVE-2021-38291
+ RESERVED
+CVE-2021-38290
+ RESERVED
+CVE-2021-38289
+ RESERVED
+CVE-2021-38288
+ RESERVED
+CVE-2021-38287
+ RESERVED
+CVE-2021-38286
+ RESERVED
+CVE-2021-38285
+ RESERVED
+CVE-2021-38284
+ RESERVED
+CVE-2021-38283
+ RESERVED
+CVE-2021-38282
+ RESERVED
+CVE-2021-38281
+ RESERVED
+CVE-2021-38280
+ RESERVED
+CVE-2021-38279
+ RESERVED
+CVE-2021-38278
+ RESERVED
+CVE-2021-38277
+ RESERVED
+CVE-2021-38276
+ RESERVED
+CVE-2021-38275
+ RESERVED
+CVE-2021-38274
+ RESERVED
+CVE-2021-38273
+ RESERVED
+CVE-2021-38272
+ RESERVED
+CVE-2021-38271
+ RESERVED
+CVE-2021-38270
+ RESERVED
+CVE-2021-38269
+ RESERVED
+CVE-2021-38268
+ RESERVED
+CVE-2021-38267
+ RESERVED
+CVE-2021-38266
+ RESERVED
+CVE-2021-38265
+ RESERVED
+CVE-2021-38264
+ RESERVED
+CVE-2021-38263
+ RESERVED
+CVE-2021-38262
+ RESERVED
+CVE-2021-38261
+ RESERVED
+CVE-2021-38260
+ RESERVED
+CVE-2021-38259
+ RESERVED
+CVE-2021-38258
+ RESERVED
+CVE-2021-38257
+ RESERVED
+CVE-2021-38256
+ RESERVED
+CVE-2021-38255
+ RESERVED
+CVE-2021-38254
+ RESERVED
+CVE-2021-38253
+ RESERVED
+CVE-2021-38252
+ RESERVED
+CVE-2021-38251
+ RESERVED
+CVE-2021-38250
+ RESERVED
+CVE-2021-38249
+ RESERVED
+CVE-2021-38248
+ RESERVED
+CVE-2021-38247
+ RESERVED
+CVE-2021-38246
+ RESERVED
+CVE-2021-38245
+ RESERVED
+CVE-2021-38244
+ RESERVED
+CVE-2021-38243
+ RESERVED
+CVE-2021-38242
+ RESERVED
+CVE-2021-38241
+ RESERVED
+CVE-2021-38240
+ RESERVED
+CVE-2021-38239
+ RESERVED
+CVE-2021-38238
+ RESERVED
+CVE-2021-38237
+ RESERVED
+CVE-2021-38236
+ RESERVED
+CVE-2021-38235
+ RESERVED
+CVE-2021-38234
+ RESERVED
+CVE-2021-38233
+ RESERVED
+CVE-2021-38232
+ RESERVED
+CVE-2021-38231
+ RESERVED
+CVE-2021-38230
+ RESERVED
+CVE-2021-38229
+ RESERVED
+CVE-2021-38228
+ RESERVED
+CVE-2021-38227
+ RESERVED
+CVE-2021-38226
+ RESERVED
+CVE-2021-38225
+ RESERVED
+CVE-2021-38224
+ RESERVED
+CVE-2021-38223
+ RESERVED
+CVE-2021-38222
+ RESERVED
+CVE-2021-38221
+ RESERVED
+CVE-2021-38220
+ RESERVED
+CVE-2021-38219
+ RESERVED
+CVE-2021-38218
+ RESERVED
+CVE-2021-38217
+ RESERVED
+CVE-2021-38216
+ RESERVED
+CVE-2021-38215
+ RESERVED
+CVE-2021-38214
+ RESERVED
+CVE-2021-38213
+ RESERVED
+CVE-2021-38212
+ RESERVED
+CVE-2021-38211
+ RESERVED
+CVE-2021-38210
+ RESERVED
+CVE-2021-3691
+ RESERVED
+CVE-2021-3690
+ RESERVED
+CVE-2021-38209 (net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.1 ...)
- linux 5.10.38-1
[buster] - linux 4.19.194-1
[stretch] - linux 4.9.272-1
NOTE: https://git.kernel.org/linus/2671fa4dc0109d3fb581bc3078fdf17b5d9080f6
-CVE-2021-38208
+CVE-2021-38208 (net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local un ...)
- linux 5.10.46-1
[buster] - linux 4.19.194-1
[stretch] - linux 4.9.272-1
NOTE: https://git.kernel.org/linus/4ac06a1e013cf5fdd963317ffd3b968560f33bba
-CVE-2021-38207
+CVE-2021-38207 (drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before ...)
- linux 5.10.46-1
NOTE: https://git.kernel.org/linus/c364df2489b8ef2f5e3159b1dff1ff1fdb16040d
-CVE-2021-38206
+CVE-2021-38206 (The mac80211 subsystem in the Linux kernel before 5.12.13, when a devi ...)
- linux 5.10.46-1
NOTE: https://git.kernel.org/linus/bddc0c411a45d3718ac535a070f349be8eca8d48
-CVE-2021-38205
+CVE-2021-38205 (drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel befo ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/d0d62baa7f505bd4c59cd169692ff07ec49dde37
-CVE-2021-38204
+CVE-2021-38204 (drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allow ...)
- linux <unfixed> (unimportant)
NOTE: https://git.kernel.org/linus/b5fdf5c6e6bee35837e160c00ac89327bdad031b
-CVE-2021-38203
+CVE-2021-38203 (btrfs in the Linux kernel before 5.13.4 allows attackers to cause a de ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/1cb3db1cf383a3c7dbda1aa0ce748b0958759947
-CVE-2021-38202
+CVE-2021-38202 (fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote a ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/7b08cf62b1239a4322427d677ea9363f0ab677c6
-CVE-2021-38201
+CVE-2021-38201 (net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attac ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/6d1c0f3d28f98ea2736128ed3e46821496dc3a8c
-CVE-2021-38200
+CVE-2021-38200 (arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/60b7ed54a41b550d50caf7f2418db4a7e75b5bdc
-CVE-2021-38199
+CVE-2021-38199 (fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect co ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/dd99e9f98fbf423ff6d365b37a98e8879170f17c
-CVE-2021-38198
+CVE-2021-38198 (arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 inco ...)
- linux 5.10.46-1
NOTE: https://git.kernel.org/linus/b1bd5cba3306691c771d558e94baa73e8b0b96b7
CVE-2021-38197 (unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Director ...)
@@ -36472,6 +36646,7 @@ CVE-2021-22925 (curl supports the `-t` command line option, known as `CURLOPT_TE
NOTE: CVE is assigned because previous attempt to address CVE-2021-22898 resulted to be
NOTE: insufficient and the security vulnerability remained.
CVE-2021-22924 (libcurl keeps previously used connections in a connection pool for sub ...)
+ {DLA-2734-1}
- curl <unfixed> (bug #991492)
NOTE: https://curl.se/docs/CVE-2021-22924.html
NOTE: Introduced by: https://github.com/curl/curl/commit/89721ff04af70f527baae1368f3b992777bf6526 (curl-7_10_4)
@@ -36555,6 +36730,7 @@ CVE-2021-22900 (A vulnerability allowed multiple unrestricted uploads in Pulse C
CVE-2021-22899 (A command injection vulnerability exists in Pulse Connect Secure befor ...)
NOT-FOR-US: Pulse Connect Secure
CVE-2021-22898 (curl 7.7 through 7.76.1 suffers from an information disclosure when th ...)
+ {DLA-2734-1}
- curl <unfixed> (bug #989228)
[bullseye] - curl <no-dsa> (Minor issue)
[buster] - curl <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5997a6c64e1944107daa413c4d2d0f8fc5973c23
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5997a6c64e1944107daa413c4d2d0f8fc5973c23
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210809/c422688f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list