Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c4be556e by Salvatore Bonaccorso at 2022-01-21T15:52:58+01:00
Add CVE-2022-23220/usbview
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1632,8 +1632,14 @@ CVE-2022-23223
RESERVED
CVE-2022-23221 (H2 Console before 2.1.210 allows remote attackers to execute
arbitrary ...)
TODO: check
-CVE-2022-23220
- RESERVED
+CVE-2022-23220 [usbview polkit policy local root exploit]
+ RESERVED
+ - usbview <unfixed>
+ [stretch] - usbview <not-affected> (Vulnerable code introduced later)
+ NOTE: https://www.openwall.com/lists/oss-security/2022/01/21/1
+ NOTE: Introduced by:
https://github.com/gregkh/usbview/commit/ddefeba3f67d6a6f394eb57352254c1c8a312671
(v2.1)
+ NOTE: Fixed by:
https://github.com/gregkh/usbview/commit/bf374fa4e5b9a756789dfd88efa93806a395463b
(v2.2)
+ NOTE: Hardening:
https://github.com/gregkh/usbview/commit/1282782301570b3ee27f82f4f34c2c1a82bfd91a
(v2.2)
CVE-2022-0237
RESERVED
CVE-2022-0236 (The WP Import Export WordPress plugin (both free and premium
versions) ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4be556e8b8bb63a91c7bd6dba749bb8852aa10d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4be556e8b8bb63a91c7bd6dba749bb8852aa10d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
