[Git][security-tracker-team/security-tracker][master] Sync some linux issues with kernel-sec triaging
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 21 05:57:08 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7a889c27 by Salvatore Bonaccorso at 2022-06-21T06:56:21+02:00
Sync some linux issues with kernel-sec triaging
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8005,6 +8005,8 @@ CVE-2022-1790 (The New User Email Set Up WordPress plugin through 0.5.2 does not
CVE-2022-1789 (With shadow paging enabled, the INVPCID instruction results in a call ...)
{DSA-5161-1}
- linux 5.17.11-1
+ [buster] - linux <not-affected> (Vulnerable code introduced later)
+ [stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://git.kernel.org/linus/9f46c187e2e680ecd9de7983e4d081c3391acc76
CVE-2022-1788 (Due to missing checks the Change Uploaded File Permissions WordPress p ...)
NOT-FOR-US: WordPress plugin
@@ -49440,6 +49442,8 @@ CVE-2022-20167 (Product: AndroidVersions: Android kernelAndroid ID: A-204956204R
NOT-FOR-US: Google Pixel
CVE-2022-20166 (In various methods of kernel base drivers, there is a possible out of ...)
- linux 5.10.4-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ [stretch] - linux <not-affected> (Vulnerable code not present)
NOTE: https://source.android.com/security/bulletin/pixel/2022-06-01
NOTE: https://git.kernel.org/linus/aa838896d87af561a33ecefea1caa4c15a68bc47 (5.10-rc1)
CVE-2022-20165 (In asn1_parse of asn1.c, there is a possible out of bounds read due to ...)
@@ -49468,6 +49472,7 @@ CVE-2022-20154 (In lock_sock_nested of sock.c, there is a possible use after fre
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
+ [stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://source.android.com/security/bulletin/pixel/2022-06-01
NOTE: https://git.kernel.org/linus/5ec7d18d1813a5bead0b495045606c93873aecbb (5.16-rc8)
CVE-2022-20153 (In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-afte ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a889c27006af3eac63c3359d30c48fc0a04aad6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a889c27006af3eac63c3359d30c48fc0a04aad6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220621/181427a6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list