[Git][security-tracker-team/security-tracker][master] Track fixed version for linux upload via unstable

Salvatore Bonaccorso (@carnil) Mon, 18 Apr 2022 05:49:35 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c69c1aba by Salvatore Bonaccorso at 2022-04-18T14:47:31+02:00
Track fixed version for linux upload via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -358,7 +358,7 @@ CVE-2022-1354
        RESERVED
 CVE-2022-1353 [af_key: add __GFP_ZERO flag for compose_sadb_supported in 
function pfkey_register]
        RESERVED
-       - linux <unfixed>
+       - linux 5.17.3-1
        NOTE: 
https://git.kernel.org/linus/9a564bccb78a76740ea9d75a259942df8143d02c (5.17)
 CVE-2022-1352
        RESERVED
@@ -1292,7 +1292,7 @@ CVE-2022-28895
 CVE-2022-28894
        RESERVED
 CVE-2022-28893 (The SUNRPC subsystem in the Linux kernel through 5.17.2 can 
call xs_xp ...)
-       - linux <unfixed>
+       - linux 5.17.3-1
        [buster] - linux <not-affected> (Vulnerable code not present)
        [stretch] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/f00432063db1a0db484e85193eccc6845435b80e (5.18-rc2)
@@ -2519,14 +2519,14 @@ CVE-2022-28392
 CVE-2022-28391 (BusyBox through 1.35.0 allows remote attackers to execute 
arbitrary co ...)
        TODO: check
 CVE-2022-28390 (ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the 
Linux kerne ...)
-       - linux <unfixed>
+       - linux 5.17.3-1
        NOTE: 
https://git.kernel.org/linus/c70222752228a62135cee3409dccefd494a24646 (5.18-rc1)
 CVE-2022-28389 (mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the 
Linux ker ...)
-       - linux <unfixed>
+       - linux 5.17.3-1
        [stretch] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/04c9b00ba83594a29813d6b1fb8fdc93a3915174 (5.18-rc1)
 CVE-2022-28388 (usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the 
Linux ker ...)
-       - linux <unfixed>
+       - linux 5.17.3-1
        NOTE: 
https://git.kernel.org/linus/3d3925ff6433f98992685a9679613a2cc97f3ce2 (5.18-rc1)
 CVE-2022-28387
        RESERVED
@@ -2700,11 +2700,11 @@ CVE-2022-1206
        RESERVED
 CVE-2022-1205
        RESERVED
-       - linux <unfixed>
+       - linux 5.17.3-1
        NOTE: https://www.openwall.com/lists/oss-security/2022/04/02/4
 CVE-2022-1204
        RESERVED
-       - linux <unfixed>
+       - linux 5.17.3-1
        NOTE: https://www.openwall.com/lists/oss-security/2022/04/02/2
 CVE-2022-1203
        RESERVED
@@ -3308,7 +3308,7 @@ CVE-2022-1159 (Rockwell Automation Studio 5000 Logix 
Designer (all versions) are
        NOT-FOR-US: Rockwell Automation
 CVE-2022-1158
        RESERVED
-       - linux <unfixed>
+       - linux 5.17.3-1
        [buster] - linux <not-affected> (Vulnerable code not present)
        [stretch] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/2a8859f373b0a86f0ece8ec8312607eacf12485d (5.18-rc1)
@@ -18979,7 +18979,7 @@ CVE-2022-0177
        REJECTED
 CVE-2021-4204 [eBPF Improper Input Validation Vulnerability]
        RESERVED
-       - linux <unfixed>
+       - linux 5.17.3-1
        [buster] - linux <not-affected> (Vulnerable code introduced later)
        [stretch] - linux <not-affected> (Vulnerable code introduced later)
        NOTE: https://www.openwall.com/lists/oss-security/2022/01/11/4
@@ -19329,7 +19329,7 @@ CVE-2022-0169 (The Photo Gallery by 10Web WordPress 
plugin before 1.6.0 does not
        NOT-FOR-US: WordPress plugin
 CVE-2022-0168
        RESERVED
-       - linux <unfixed>
+       - linux 5.17.3-1
        [buster] - linux <not-affected> (Vulnerable code not present)
        [stretch] - linux <not-affected> (Vulnerable code not present)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2037386
@@ -26204,7 +26204,7 @@ CVE-2021-44790 (A carefully crafted request body can 
cause a buffer overflow in
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-44790
        NOTE: Fixed by: https://svn.apache.org/r1896039
 CVE-2021-4095 (A NULL pointer dereference was found in the Linux kernel's KVM 
when di ...)
-       - linux <unfixed>
+       - linux 5.17.3-1
        [bullseye] - linux <not-affected> (Vulnerable code introduced later)
        [buster] - linux <not-affected> (Vulnerable code introduced later)
        [stretch] - linux <not-affected> (Vulnerable code introduced later)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c69c1aba889bb3488ee4098420e76a9876d02c48

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c69c1aba889bb3488ee4098420e76a9876d02c48
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version for linux upload via unstable

Reply via email to