[Git][security-tracker-team/security-tracker][master] Since some CVEs for linux fixed with the unstable upload with kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 20 07:02:31 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
37b652f2 by Salvatore Bonaccorso at 2021-05-20T08:02:01+02:00
Since some CVEs for linux fixed with the unstable upload with kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -368,7 +368,7 @@ CVE-2021-33036
CVE-2021-33035
RESERVED
CVE-2021-33034 (In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://git.kernel.org/linus/5c4c8c9544099bb9043a10a5318130a943e32fc3
CVE-2021-33032
RESERVED
@@ -383,7 +383,7 @@ CVE-2021-33028
CVE-2021-33027
RESERVED
CVE-2021-33033 (The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genop ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://git.kernel.org/linus/ad5d07f4a9cd671233ae20983848874731102c08
NOTE: https://git.kernel.org/linus/1165affd484889d4986cf3b724318935a0b120d8
CVE-2021-33026 (The Flask-Caching extension through 1.10.1 for Flask relies on Pickle ...)
@@ -1358,7 +1358,7 @@ CVE-2021-3548 [OOB in dmg2img.c memcpy() causing undefined behavior]
NOTE: Crash in CLI tool, no security impact
CVE-2021-3543 [nitro_enclaves stale file descriptors on failed usercopy]
RESERVED
- - linux <unfixed> (unimportant)
+ - linux 5.10.38-1 (unimportant)
[buster] - linux <not-affected> (Vulnerable code introduced later)
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://git.kernel.org/linus/f1ce3986baa62cffc3c5be156994de87524bab99
@@ -1748,7 +1748,7 @@ CVE-2021-32401
CVE-2021-32400
RESERVED
CVE-2021-32399 (net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a r ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://www.openwall.com/lists/oss-security/2021/05/11/2
CVE-2021-32398
RESERVED
@@ -3182,7 +3182,7 @@ CVE-2021-3514 [sync_repl NULL pointer dereference in sync_create_state_control()
- 389-ds-base 1.4.4.11-2 (bug #988727)
NOTE: https://github.com/389ds/389-ds-base/issues/4711
CVE-2021-31829 (kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs unde ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/4
CVE-2021-31828 (An SSRF issue in Open Distro for Elasticsearch (ODFE) before 1.13.1.0 ...)
NOT-FOR-US: OpenDistro for Elasticsearch
@@ -3937,7 +3937,7 @@ CVE-2021-3507 (A heap buffer overflow was found in the floppy disk emulator of Q
[stretch] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1951118
CVE-2021-3506 (An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://www.openwall.com/lists/oss-security/2021/03/28/2
NOTE: https://lore.kernel.org/lkml/20210322114730.71103-1-yuchao0@huawei.com/
CVE-2021-31523 (The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_ ...)
@@ -4161,7 +4161,7 @@ CVE-2021-31418 (This vulnerability allows local attackers to disclose sensitive
CVE-2021-31417 (This vulnerability allows local attackers to disclose sensitive inform ...)
NOT-FOR-US: Parallels Desktop
CVE-2021-3501 (A flaw was found in the Linux kernel in versions before 5.12. The valu ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://git.kernel.org/linus/04c4f2ee3f68c9a4bf1653d15f1a9a435ae33f7a
CVE-2021-31416
RESERVED
@@ -6202,7 +6202,7 @@ CVE-2021-3495
CVE-2021-3494 (A smart proxy that provides a restful API to various sub-systems of th ...)
- foreman <itp> (bug #663101)
CVE-2021-3493 (The overlayfs implementation in the linux kernel did not properly vali ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://www.openwall.com/lists/oss-security/2021/04/16/1
CVE-2021-30501
RESERVED
@@ -6287,20 +6287,20 @@ CVE-2021-3492 (Shiftfs, an out-of-tree stacking file system included in Ubuntu L
NOTE: Debian does not include the (not yet upstream accepted) shiftfs
CVE-2021-3491
RESERVED
- - linux <unfixed>
+ - linux 5.10.38-1
[buster] - linux <not-affected> (Vulnerable code introduced later)
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2021/05/11/13
NOTE: https://git.kernel.org/linus/d1f82808877bb10d3deee7cf3374a4eb3fb582db
CVE-2021-3490
RESERVED
- - linux <unfixed>
+ - linux 5.10.38-1
[buster] - linux <not-affected> (Vulnerable code introduced later)
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2021/05/11/11
CVE-2021-3489
RESERVED
- - linux <unfixed>
+ - linux 5.10.38-1
[buster] - linux <not-affected> (Vulnerable code introduced later)
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2021/05/11/10
@@ -9487,7 +9487,7 @@ CVE-2021-29157
CVE-2021-29156 (ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger ...)
NOT-FOR-US: ForgeRock OpenAM
CVE-2021-29155 (An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://www.openwall.com/lists/oss-security/2021/04/18/4
CVE-2021-29154 (BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect c ...)
- linux 5.10.28-1
@@ -23612,11 +23612,11 @@ CVE-2021-23234
CVE-2021-23135 (Exposure of System Data to an Unauthorized Control Sphere vulnerabilit ...)
NOT-FOR-US: Argo CD
CVE-2021-23134 (Use After Free vulnerability in nfc sockets in the Linux Kernel before ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://git.kernel.org/linus/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6
NOTE: https://www.openwall.com/lists/oss-security/2021/05/11/4
CVE-2021-23133 (A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) befo ...)
- - linux <unfixed>
+ - linux 5.10.38-1
NOTE: https://git.kernel.org/linus/34e5b01186858b36c4d7c87e1a025071e8e2401f
NOTE: https://www.openwall.com/lists/oss-security/2021/04/18/2
CVE-2021-23132 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media all ...)
@@ -48298,19 +48298,19 @@ CVE-2020-25673
NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
CVE-2020-25672
RESERVED
- - linux <unfixed>
+ - linux 5.10.38-1
[bullseye] - linux <postponed> (Minor issue, revisit once fixed upstream)
[buster] - linux <postponed> (Minor issue, revisit once fixed upstream)
NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
CVE-2020-25671
RESERVED
- - linux <unfixed>
+ - linux 5.10.38-1
[bullseye] - linux <postponed> (Minor issue, revisit once fixed upstream)
[buster] - linux <postponed> (Minor issue, revisit once fixed upstream)
NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
CVE-2020-25670
RESERVED
- - linux <unfixed>
+ - linux 5.10.38-1
[bullseye] - linux <postponed> (Minor issue, revisit once fixed upstream)
[buster] - linux <postponed> (Minor issue, revisit once fixed upstream)
NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37b652f278b5ff54e13dd9ccb2b8c38c335cb3f6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37b652f278b5ff54e13dd9ccb2b8c38c335cb3f6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210520/1a0287ee/attachment.htm>
More information about the debian-security-tracker-commits
mailing list