[Git][security-tracker-team/security-tracker][master] Track fixes for linux upload via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 22 20:09:02 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c71c0f6a by Salvatore Bonaccorso at 2023-04-22T21:07:51+02:00
Track fixes for linux upload via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -373,7 +373,7 @@ CVE-2023-2196
 CVE-2023-2195
 	RESERVED
 CVE-2023-2194 (An out-of-bounds write vulnerability was found in the Linux kernel's S ...)
-	- linux <unfixed>
+	- linux 6.1.25-1
 	NOTE: https://git.kernel.org/linus/92fbb6d1296f81f41f65effd7f5f8c0f74943d15 (6.3-rc4)
 CVE-2023-2193 (Mattermost fails to invalidate existing authorization codes when deaut ...)
 	- mattermost-server <itp> (bug #823556)
@@ -936,7 +936,7 @@ CVE-2023-2078
 CVE-2021-46880 (x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 er ...)
 	- libressl <itp> (bug #754513)
 CVE-2023-30772 (The Linux kernel before 6.2.9 has a race condition and resultant use-a ...)
-	- linux <unfixed> (unimportant)
+	- linux 6.1.25-1 (unimportant)
 	NOTE: https://git.kernel.org/linus/06615d11cc78162dfd5116efb71f29eb29502d37 (6.3-rc4)
 	NOTE: CONFIG_CHARGER_DA9150 not enabled in Debian.
 CVE-2023-30770 (A stack-based buffer overflow vulnerability was found in the ASUSTOR D ...)
@@ -1820,12 +1820,12 @@ CVE-2023-30471
 CVE-2023-30470
 	RESERVED
 CVE-2023-1990 (A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/n ...)
-	- linux <unfixed> (unimportant)
+	- linux 6.1.25-1
 	NOTE: https://git.kernel.org/linus/5000fe6c27827a61d8250a7e4a1d26c3298ef4f6 (6.3-rc3)
 	NOTE: STMicroelectronics ST NCI NFC driver (NFC_ST_NCI_I2C, NFC_ST_NCI_SPI) not
 	NOTE: enabled in Debian
 CVE-2023-1989 (A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\ ...)
-	- linux <unfixed>
+	- linux 6.1.25-1
 	NOTE: https://git.kernel.org/linus/1e9ac114c4428fdb7ff4635b45d4f46017e8916f (6.3-rc4)
 CVE-2023-1988 (A vulnerability was found in SourceCodester Online Computer and Laptop ...)
 	NOT-FOR-US: SourceCodester Online Computer and Laptop Store
@@ -1910,7 +1910,7 @@ CVE-2023-30458
 CVE-2023-30457
 	RESERVED
 CVE-2023-30456 (An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kern ...)
-	- linux <unfixed>
+	- linux 6.1.25-1
 	NOTE: https://git.kernel.org/linus/112e66017bff7f2837030f34c2bc19501e9212d5 (6.3-rc3)
 CVE-2023-30455
 	RESERVED
@@ -4704,7 +4704,7 @@ CVE-2023-1860 (A vulnerability was found in Keysight IXIA Hawkeye 3.3.16.28. It
 	NOT-FOR-US: Keysight IXIA Hawkeye
 CVE-2023-1859
 	RESERVED
-	- linux <unfixed>
+	- linux 6.1.25-1
 	NOTE: https://lore.kernel.org/all/20230313090002.3308025-1-zyytlz.wz@163.com/
 CVE-2023-1858 (A vulnerability was found in SourceCodester Earnings and Expense Track ...)
 	NOT-FOR-US: SourceCodester Earnings and Expense Tracker App
@@ -6402,7 +6402,7 @@ CVE-2023-1613 (A vulnerability has been found in Rebuild up to 3.2.3 and classif
 CVE-2023-1612 (A vulnerability, which was classified as critical, was found in Rebuil ...)
 	NOT-FOR-US: Rebuild
 CVE-2023-1611 (A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree ...)
-	- linux <unfixed>
+	- linux 6.1.25-1
 	NOTE: https://lore.kernel.org/linux-btrfs/35b9a70650ea947387cf352914a8774b4f7e8a6f.1679481128.git.fdmanana@suse.com/
 CVE-2023-1610 (A vulnerability, which was classified as critical, has been found in R ...)
 	NOT-FOR-US: Rebuild
@@ -6530,7 +6530,7 @@ CVE-2023-28731 (AnyMailing Joomla Plugin is vulnerable to unauthenticated remote
 CVE-2023-27882
 	RESERVED
 CVE-2023-1583 (A NULL pointer dereference was found in io_file_bitmap_get in io_uring ...)
-	- linux <unfixed>
+	- linux 6.1.25-1
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-block.git/commit/?h=io_uring-6.3&id=761efd55a0227aca3a69deacdaa112fffd44fe37



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c71c0f6a9177e1c68f490f7e442a3582ae26a452

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c71c0f6a9177e1c68f490f7e442a3582ae26a452
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230422/59e88857/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list