[Git][security-tracker-team/security-tracker][master] Add references to the not yet openend openanolis bugzilla entries

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Sep 17 16:32:19 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1ade738c by Salvatore Bonaccorso at 2022-09-17T17:29:02+02:00
Add references to the not yet openend openanolis bugzilla entries

Interestingly the scope of the OpenAnolis CNA is very specific to
OpenAnolis issues only. Still though the issues seem related to changes
to the Linux kernel. So the scope is puzzling.

Link: https://www.cve.org/PartnerInformation/ListofPartners/partner/Anolis

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1512,18 +1512,23 @@ CVE-2022-40138
 	RESERVED
 CVE-2022-40133 (A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf ...)
 	- linux <undetermined>
+	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=2075
 	NOTE: Might be OpenAnolis specific issues, check when Bugzilla entries are public
 CVE-2022-38457 (A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res ...)
 	- linux <undetermined>
+	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=2074
 	NOTE: Might be OpenAnolis specific issues, check when Bugzilla entries are public
 CVE-2022-38096 (A NULL pointer dereference vulnerability was found in vmwgfx driver in ...)
 	- linux <undetermined>
+	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=2073
 	NOTE: Might be OpenAnolis specific issues, check when Bugzilla entries are public
 CVE-2022-36402 (An integer overflow vulnerability was found in vmwgfx driver in driver ...)
 	- linux <undetermined>
+	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=2072
 	NOTE: Might be OpenAnolis specific issues, check when Bugzilla entries are public
 CVE-2022-36280 (An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx  ...)
 	- linux <undetermined>
+	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=2071
 	NOTE: Might be OpenAnolis specific issues, check when Bugzilla entries are public
 CVE-2022-3147 (Mattermost version 7.0.x and earlier fails to sufficiently limit the i ...)
 	- mattermost-server <itp> (bug #823556)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ade738cb62cd8bcb64cfbb3a0b4c890ca07785a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ade738cb62cd8bcb64cfbb3a0b4c890ca07785a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220917/9862c717/attachment.htm>


More information about the debian-security-tracker-commits mailing list