[Git][security-tracker-team/security-tracker][master] linux fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sun Jul 24 12:34:58 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7678f6ec by Moritz Muehlenhoff at 2022-07-24T13:34:37+02:00
linux fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2991,7 +2991,7 @@ CVE-2022-2309 (NULL Pointer Dereference allows attackers to cause a denial of se
CVE-2022-2308
RESERVED
CVE-2022-2318 (There are use-after-free vulnerabilities caused by timer handler in ne ...)
- - linux <unfixed>
+ - linux 5.18.14-1
NOTE: https://www.openwall.com/lists/oss-security/2022/07/03/2
NOTE: https://git.kernel.org/linus/9cc02ede696272c5271a401e4f27c262359bc2f6 (5.19-rc5)
CVE-2022-35215
@@ -3589,7 +3589,7 @@ CVE-2022-34920
CVE-2022-34919
RESERVED
CVE-2022-34918 (An issue was discovered in the Linux kernel through 5.18.9. A type con ...)
- - linux <unfixed>
+ - linux 5.18.14-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2022/07/02/3
CVE-2022-2307
@@ -6993,27 +6993,27 @@ CVE-2022-33746
CVE-2022-33745
RESERVED
CVE-2022-33744 (Arm guests can cause Dom0 DoS via PV devices When mapping pages of gue ...)
- - linux <unfixed>
+ - linux 5.18.14-1
NOTE: https://xenbits.xen.org/xsa/advisory-406.html
CVE-2022-33743 (network backend may cause Linux netfront to use freed SKBs While addin ...)
- - linux <unfixed>
+ - linux 5.18.14-1
NOTE: https://xenbits.xen.org/xsa/advisory-405.html
CVE-2022-33742 (Linux disk/nic frontends data leaks T[his CNA information record relat ...)
- - linux <unfixed>
+ - linux 5.18.14-1
- xen <unfixed>
[bullseye] - xen <ignored> (Too intrusive too backport)
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-403.html
CVE-2022-33741 (Linux disk/nic frontends data leaks T[his CNA information record relat ...)
- - linux <unfixed>
+ - linux 5.18.14-1
- xen <unfixed>
[bullseye] - xen <ignored> (Too intrusive too backport)
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-403.html
CVE-2022-33740 (Linux disk/nic frontends data leaks T[his CNA information record relat ...)
- - linux <unfixed>
+ - linux 5.18.14-1
- xen <unfixed>
[bullseye] - xen <ignored> (Too intrusive too backport)
[buster] - xen <end-of-life> (DSA 4677-1)
@@ -10703,7 +10703,7 @@ CVE-2022-31734 (** Unsupported When Assigned ** Cisco Catalyst 2940 Series Switc
NOT-FOR-US: Cisco
CVE-2022-1976
RESERVED
- - linux <unfixed>
+ - linux 5.18.14-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
[stretch] - linux <not-affected> (Vulnerable code not present)
@@ -17458,13 +17458,13 @@ CVE-2022-29902
CVE-2022-1526 (A vulnerability, which was classified as problematic, was found in Eml ...)
NOT-FOR-US: Emlog Pro
CVE-2022-29901 (Intel microprocessor generations 6 to 8 are affected by a new Spectre ...)
- - linux <unfixed>
+ - linux 5.18.14-1
NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
NOTE: https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
CVE-2022-29900 (AMD microprocessor families 15h to 18h are affected by a new Spectre v ...)
{DSA-5184-1}
- - linux <unfixed>
+ - linux 5.18.14-1
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
@@ -27803,7 +27803,7 @@ CVE-2022-0837 (The Amelia WordPress plugin before 1.0.48 does not have proper au
CVE-2022-0836 (The SEMA API WordPress plugin before 4.02 does not properly sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2022-26365 (Linux disk/nic frontends data leaks T[his CNA information record relat ...)
- - linux <unfixed>
+ - linux 5.18.14-1
- xen <unfixed>
[bullseye] - xen <ignored> (Too intrusive too backport)
[buster] - xen <end-of-life> (DSA 4677-1)
@@ -78321,7 +78321,7 @@ CVE-2021-33656 (When setting font with malicous data by ioctl cmd PIO_FONT,kerne
- linux 5.14.6-1
NOTE: https://git.kernel.org/linus/ff2047fb755d4415ec3c70ac799889371151796d (v5.12-rc1)
CVE-2021-33655 (When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO, ...)
- - linux <unfixed>
+ - linux 5.18.14-1
NOTE: https://git.kernel.org/linus/086ff84617185393a0bbf25830c4f36412a7d3f4 (5.19-rc7)
CVE-2021-33654 (When performing the initialization operation of the Split operator, if ...)
NOT-FOR-US: Mindspore deep learning
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7678f6ec64c6cd46dd5e0ad73d98bb7b9bdfed4f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7678f6ec64c6cd46dd5e0ad73d98bb7b9bdfed4f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220724/dfe1a7eb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list