[Git][security-tracker-team/security-tracker][master] mark three additional kernel bugs as non issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Mar 7 15:35:10 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
62470399 by Moritz Muehlenhoff at 2023-03-07T16:34:07+01:00
mark three additional kernel bugs as non issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24122,8 +24122,9 @@ CVE-2022-45921 (FusionAuth before 1.41.3 allows a file outside of the applicatio
CVE-2022-45920 (In Softing uaToolkit Embedded before 1.41, a malformed CreateMonitored ...)
NOT-FOR-US: Softing uaToolkit Embedded
CVE-2022-45919 (An issue was discovered in the Linux kernel through 6.0.10. In drivers ...)
- - linux <unfixed>
+ - linux <unfixed> (unimportant)
NOTE: https://lore.kernel.org/linux-media/20221121063308.GA33821%40ubuntu/T/#u
+ NOTE: Negligible security impact, would need physical access to "exploit"
CVE-2022-45918 (ILIAS before 7.16 allows External Control of File Name or Path. ...)
NOT-FOR-US: ILIAS
CVE-2022-45917 (ILIAS before 7.16 has an Open Redirect. ...)
@@ -24217,13 +24218,17 @@ CVE-2022-45890 (In Planet eStream before 6.72.10.07, a Reflected Cross-Site Scri
CVE-2022-45889 (Planet eStream before 6.72.10.07 allows a remote attacker (who is a pu ...)
NOT-FOR-US: Planet eStream
CVE-2022-45888 (An issue was discovered in the Linux kernel through 6.0.9. drivers/cha ...)
- - linux <unfixed>
+ - linux <unfixed> (unimportant)
[bullseye] - linux <not-affected> (Vulnerable code introduced later)
[buster] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://lore.kernel.org/all/20221022175404.GA375335@ubuntu/
+ NOTE: Negligible security impact, would need physical access to "exploit"
CVE-2022-45887 (An issue was discovered in the Linux kernel through 6.0.9. drivers/med ...)
- - linux <unfixed>
+ - linux <unfixed> (unimportant)
+ [bookworm] - linux <postponed> (Minor issue, revisit when fixed upstream)
+ [bullseye] - linux <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel@gmail.com/
+ NOTE: Negligible security impact, would need physical access to "exploit"
CVE-2022-45886 (An issue was discovered in the Linux kernel through 6.0.9. drivers/med ...)
- linux <unfixed> (unimportant)
NOTE: https://lore.kernel.org/linux-media/20221115131822.6640-3-imv4bel@gmail.com/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6247039907a29de9fb32c8a55b95aebe91dd740a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6247039907a29de9fb32c8a55b95aebe91dd740a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230307/d04283dc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list