[Git][security-tracker-team/security-tracker][master] Sync some CVEs for linux with kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun May 1 19:39:23 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d1cf75d0 by Salvatore Bonaccorso at 2022-05-01T20:38:51+02:00
Sync some CVEs for linux with kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -394,6 +394,8 @@ CVE-2022-29811 (In JetBrains Hub before 2022.1.14638 stored XSS via project icon
CVE-2022-1508
RESERVED
- linux 5.15.3-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ [stretch] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/89c2b3b74918200e46699338d7bcc19b1ea12110 (5.15-rc1)
CVE-2022-1507 (chafa: NULL Pointer Dereference in function gif_internal_decode_frame ...)
- chafa 1.10.2-1
@@ -36237,6 +36239,7 @@ CVE-2021-3894 [sctp: local DoS: unprivileged user can cause BUG()]
RESERVED
- linux 5.14.16-1
[bullseye] - linux 5.10.84-1
+ [stretch] - linux <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2014970
CVE-2021-42717 (ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objec ...)
{DSA-5023-1}
@@ -44860,6 +44863,7 @@ CVE-2021-39712 (In TBD of TBD, there is a possible user after free vulnerability
NOT-FOR-US: Pixel
CVE-2021-39711 (In bpf_prog_test_run_skb of test_run.c, there is a possible out of bou ...)
- linux 4.18.6-1
+ [stretch] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6e6fddc78323533be570873abb728b7e0ba7e024
NOTE: https://source.android.com/security/bulletin/pixel/2022-03-01
CVE-2021-39710 (Product: AndroidVersions: Android kernelAndroid ID: A-202160245Referen ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1cf75d0115c1a9925e94161897d0fc4fcc8c5df
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1cf75d0115c1a9925e94161897d0fc4fcc8c5df
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220501/cc3e7111/attachment.htm>
More information about the debian-security-tracker-commits
mailing list