[Git][security-tracker-team/security-tracker][master] Track fixed version for various linux CVEs via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 7 13:59:09 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
56175c41 by Salvatore Bonaccorso at 2023-01-07T14:58:00+01:00
Track fixed version for various linux CVEs via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6811,7 +6811,7 @@ CVE-2022-4380
RESERVED
CVE-2022-4379
RESERVED
- - linux <unfixed>
+ - linux 6.1.4-1
[buster] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2022/12/14/3
NOTE: https://lore.kernel.org/all/1670885411-10060-1-git-send-email-dai.ngo@oracle.com/
@@ -9580,7 +9580,7 @@ CVE-2022-4146
CVE-2022-45935 (Usage of temporary files with insecure permissions by the Apache James ...)
NOT-FOR-US: Apache James
CVE-2022-45934 (An issue was discovered in the Linux kernel through 6.0.10. l2cap_conf ...)
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d
CVE-2022-45933 (KubeView through 0.1.31 allows attackers to obtain control of a Kubern ...)
NOT-FOR-US: KubeView
@@ -9925,7 +9925,7 @@ CVE-2022-4131
CVE-2022-4130 (A blind site-to-site request forgery vulnerability was found in Satell ...)
NOT-FOR-US: Red Hat Satellite server
CVE-2022-4129 (A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2T ...)
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://lore.kernel.org/all/20221114191619.124659-1-jakub@cloudflare.com/t
NOTE: https://git.kernel.org/linus/b68777d54fac21fc833ec26ea1a2a84f975ab035 (6.1-rc6)
NOTE: https://git.kernel.org/linus/af295e854a4e3813ffbdef26dbb6a4d6226c3ea1 (6.1-rc7)
@@ -20393,10 +20393,10 @@ CVE-2022-42988
CVE-2022-42987
RESERVED
CVE-2022-3567 (A vulnerability has been found in Linux Kernel and classified as probl ...)
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://git.kernel.org/linus/364f997b5cfe1db0d63a390fe7c801fa2b3115f6 (6.1-rc1)
CVE-2022-3566 (A vulnerability, which was classified as problematic, was found in Lin ...)
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://git.kernel.org/linus/f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57 (6.1-rc1)
CVE-2022-3565 (A vulnerability, which was classified as critical, has been found in L ...)
{DLA-3245-1 DLA-3244-1}
@@ -20561,10 +20561,10 @@ CVE-2022-3524 (A vulnerability was found in Linux Kernel. It has been declared a
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3c52c6bb831f6335c176a0fc7214e26f43adbd11
CVE-2022-3523 (A vulnerability was found in Linux Kernel. It has been classified as p ...)
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://git.kernel.org/linus/16ce101db85db694a91380aa4c89b25530871d33
CVE-2022-3522 (A vulnerability was found in Linux Kernel and classified as problemati ...)
- - linux <unfixed>
+ - linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f9bf6c03eca1077cae8de0e6d86427656fa42a9b
@@ -22019,7 +22019,7 @@ CVE-2022-3425
RESERVED
CVE-2022-3424 [misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os]
RESERVED
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://lore.kernel.org/all/20221006152643.1694235-1-zyytlz.wz@163.com/
NOTE: https://git.kernel.org/linus/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
CVE-2022-3423 (Denial of Service in GitHub repository nocodb/nocodb prior to 0.92.0. ...)
@@ -25396,7 +25396,7 @@ CVE-2022-41220 (** DISPUTED ** md2roff 1.9 has a stack-based buffer overflow via
CVE-2022-41219
RESERVED
CVE-2022-41218 (In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10 ...)
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://lore.kernel.org/all/87sfklgozd.wl-tiwai@suse.de/
NOTE: https://www.openwall.com/lists/oss-security/2022/09/23/4
NOTE: https://git.kernel.org/linus/fd3d91ab1c6ab0628fe642dd570b56302c30a792
@@ -28013,7 +28013,7 @@ CVE-2022-36402 (An integer overflow vulnerability was found in vmwgfx driver in
NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=2072
NOTE: Might be OpenAnolis specific issues, check when Bugzilla entries are public
CVE-2022-36280 (An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx ...)
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=2071
NOTE: https://git.kernel.org/linus/4cf949c7fafe21e085a4ee386bb2dade9067316e
CVE-2022-3147 (Mattermost version 7.0.x and earlier fails to sufficiently limit the i ...)
@@ -32786,7 +32786,7 @@ CVE-2022-2874 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.
NOTE: https://github.com/vim/vim/commit/4875d6ab068f09df88d24d81de40dcd8d56e243d (v9.0.0224)
NOTE: Crash in CLI tool, no security impact
CVE-2022-2873 (An out-of-bounds memory access flaw was found in the Linux kernel Inte ...)
- - linux <unfixed>
+ - linux 6.1.4-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2119048
NOTE: https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97@gmail.com/T/
NOTE: https://git.kernel.org/linus/39244cc754829bf707dccd12e2ce37510f5b1f8d
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56175c418727ce0aa67fd94bad2cb5488f3dc0cc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56175c418727ce0aa67fd94bad2cb5488f3dc0cc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230107/496d6e24/attachment.htm>
More information about the debian-security-tracker-commits
mailing list