[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2021-39802 as not-affected for all versions
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Jul 3 15:34:14 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
47baf252 by Salvatore Bonaccorso at 2022-07-03T16:30:11+02:00
Mark CVE-2021-39802 as not-affected for all versions
- - - - -
40e159fa by Salvatore Bonaccorso at 2022-07-03T16:33:21+02:00
Adjust reason for CVE-2022-21499/linux in buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45974,7 +45974,7 @@ CVE-2022-21500 (Vulnerability in Oracle E-Business Suite (component: Manage Prox
CVE-2022-21499 (KGDB and KDB allow read and write access to kernel memory, and thus sh ...)
{DSA-5161-1}
- linux 5.17.11-1
- [buster] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <ignored> (kgdb not enabled)
[stretch] - linux <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2022/05/24/7
NOTE: https://git.kernel.org/linus/eadb2f47a3ced5c64b23b90fd2a3463f63726066 (5.19-rc1)
@@ -59073,7 +59073,7 @@ CVE-2021-39804 (In reinit of HeifDecoderImpl.cpp, there is a possible crash due
CVE-2021-39803 (In ~Impl of C2AllocatorIon.cpp, there is a possible out of bounds read ...)
NOT-FOR-US: Android
CVE-2021-39802 (In change_pte_range of mprotect.c , there is a possible way to make a ...)
- - linux <undetermined>
+ - linux <not-affected> (Vulnerability never present in upstream; Android specific)
NOTE: https://source.android.com/security/bulletin/2022-04-01
CVE-2021-39801 (In ion_ioctl of ion-ioctl.c, there is a possible use after free due to ...)
- linux <not-affected> (Android-specific driver)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/072f994302d641b04d0f3e56fd14b56f033ae7b0...40e159faed509e94575bad7ea00e83bf630307fb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/072f994302d641b04d0f3e56fd14b56f033ae7b0...40e159faed509e94575bad7ea00e83bf630307fb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220703/ec964e9d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list