[Git][security-tracker-team/security-tracker][master] Add two issues from INTEL-SA-00690 in mdadm

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 17 07:47:13 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a557ee82 by Salvatore Bonaccorso at 2023-08-17T08:43:28+02:00
Add two issues from INTEL-SA-00690 in mdadm

Unfortunately no clear information from the intel advisories, apart to
get the fixes one should update to at least mdadm-4.2-rc2.

There are as well not commits with "Reported-by: Nimish Verma", which
probably was not added to the respective commits.

Link: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18483,9 +18483,13 @@ CVE-2023-1791 (A vulnerability has been found in SourceCodester Simple Task Allo
 CVE-2023-1790 (A vulnerability, which was classified as problematic, was found in Sou ...)
 	NOT-FOR-US: SourceCodester Simple Task Allocation System
 CVE-2023-28938 (Uncontrolled resource consumption in some Intel(R) SSD Tools software  ...)
-	TODO: check
+	- mdadm <unfixed>
+	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html
+	TODO: check details, fixes should be somewhere prior to mdadm-4.2-rc2
 CVE-2023-28736 (Buffer overflow in some Intel(R) SSD Tools software before version mda ...)
-	TODO: check
+	- mdadm <unfixed>
+	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html
+	TODO: check details, fixes should be somewhere prior to mdadm-4.2-rc2
 CVE-2023-28717
 	RESERVED
 CVE-2023-28711 (Insufficient control flow management in the Hyperscan Library maintain ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a557ee827ada57100ce565f82e00f02516a9306f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a557ee827ada57100ce565f82e00f02516a9306f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230817/340c19a1/attachment.htm>

More information about the debian-security-tracker-commits mailing list