[Git][security-tracker-team/security-tracker][master] Sync some linux CVEs with kernel-sec triaging

Wed, 23 Mar 2022 14:17:13 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e586f823 by Salvatore Bonaccorso at 2022-03-23T22:16:30+01:00
Sync some linux CVEs with kernel-sec triaging

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -240,6 +240,7 @@ CVE-2021-46739
        RESERVED
 CVE-2022-27666 (In the Linux kernel before 5.16.15, there is a buffer overflow 
in ESP  ...)
        - linux <unfixed>
+       [stretch] - linux <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://git.kernel.org/linus/ebe48d368e97d007bfeb76fcb065d6cfc4c96645 (5.17-rc8)
 CVE-2022-27665
        RESERVED
@@ -1258,8 +1259,11 @@ CVE-2022-0999
        RESERVED
 CVE-2022-0998
        RESERVED
-       - linux <unfixed> (unimportant)
-       NOTE: 
https://git.kernel.org/linus/870aaff92e959e29d40f9cfdb5ed06ba2fc2dae0 (5.17-rc1)
+       - linux 5.15.15-1 (unimportant)
+       [bullseye] - linux 5.10.92-1
+       [buster] - linux <not-affected> (ulnerable code not present)
+       [stretch] - linux <not-affected> (ulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/3ed21c1451a14d139e1ceb18f2fa70865ce3195a (5.16-rc6)
        NOTE: CONFIG_VHOST_VDPA not set in Debian
 CVE-2022-0997
        RESERVED
@@ -1271,6 +1275,8 @@ CVE-2022-0996
 CVE-2022-0995 [kernel bug in the watch_queue subsystem]
        RESERVED
        - linux <unfixed>
+       [buster] - linux <not-affected> (Vulnerable code not present)
+       [stretch] - linux <not-affected> (Vulnerable code not present)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2063786
 CVE-2022-0994
        RESERVED
@@ -10024,6 +10030,7 @@ CVE-2022-0401 (Path Traversal in NPM w-zip prior to 
1.0.12. ...)
 CVE-2022-0400 [Out of bounds read in the smc protocol stack]
        RESERVED
        - linux <unfixed>
+       [stretch] - linux <not-affected> (Vulnerable code not present)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2044575
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2040604 (not public)
 CVE-2022-0399 (The Advanced Product Labels for WooCommerce WordPress plugin 
before 1. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e586f8233fa18b68925139319fee9064c80964f2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e586f8233fa18b68925139319fee9064c80964f2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to