[Git][security-tracker-team/security-tracker][master] Add new qt issues CVE-2022-40983 and CVE-2022-43591

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 19 07:35:24 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f9cad1c by Salvatore Bonaccorso at 2023-01-19T08:33:29+01:00
Add new qt issues CVE-2022-40983 and CVE-2022-43591

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22088,7 +22088,10 @@ CVE-2022-43592 (An information disclosure vulnerability exists in the DPXOutput:
 	- openimageio <unfixed> (bug #1027143)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1651
 CVE-2022-43591 (A buffer overflow vulnerability exists in the QML QtScript Reflect API ...)
-	TODO: check
+	- qt6-declarative <unfixed>
+	- qtdeclarative-opensource-src <undetermined>
+	- qtdeclarative-opensource-src-gles <undetermined>
+	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1650
 CVE-2022-43590 (A null pointer dereference vulnerability exists in the handle_ioctl_0x ...)
 	NOT-FOR-US: Callback technologies CBFS Filter
 CVE-2022-43589 (A null pointer dereference vulnerability exists in the handle_ioctl_83 ...)
@@ -28820,7 +28823,10 @@ CVE-2022-41141
 CVE-2022-41140
 	RESERVED
 CVE-2022-40983 (An integer overflow vulnerability exists in the QML QtScript Reflect A ...)
-	TODO: check
+	- qt6-declarative <unfixed>
+	- qtdeclarative-opensource-src <undetermined>
+	- qtdeclarative-opensource-src-gles <undetermined>
+	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1617
 CVE-2022-40693
 	RESERVED
 CVE-2022-41222 (mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f9cad1c0baf7624cc79084546acc117dbdf4e10

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f9cad1c0baf7624cc79084546acc117dbdf4e10
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230119/7f4e040e/attachment.htm>

More information about the debian-security-tracker-commits mailing list