[Git][security-tracker-team/security-tracker][master] Track fixes for linux upload via unstable

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c71c0f6a by Salvatore Bonaccorso at 2023-04-22T21:07:51+02:00
Track fixes for linux upload via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -373,7 +373,7 @@ CVE-2023-2196
 CVE-2023-2195
        RESERVED
 CVE-2023-2194 (An out-of-bounds write vulnerability was found in the Linux 
kernel's S ...)
-       - linux <unfixed>
+       - linux 6.1.25-1
        NOTE: 
https://git.kernel.org/linus/92fbb6d1296f81f41f65effd7f5f8c0f74943d15 (6.3-rc4)
 CVE-2023-2193 (Mattermost fails to invalidate existing authorization codes 
when deaut ...)
        - mattermost-server <itp> (bug #823556)
@@ -936,7 +936,7 @@ CVE-2023-2078
 CVE-2021-46880 (x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD 
before 7.0 er ...)
        - libressl <itp> (bug #754513)
 CVE-2023-30772 (The Linux kernel before 6.2.9 has a race condition and 
resultant use-a ...)
-       - linux <unfixed> (unimportant)
+       - linux 6.1.25-1 (unimportant)
        NOTE: 
https://git.kernel.org/linus/06615d11cc78162dfd5116efb71f29eb29502d37 (6.3-rc4)
        NOTE: CONFIG_CHARGER_DA9150 not enabled in Debian.
 CVE-2023-30770 (A stack-based buffer overflow vulnerability was found in the 
ASUSTOR D ...)
@@ -1820,12 +1820,12 @@ CVE-2023-30471
 CVE-2023-30470
        RESERVED
 CVE-2023-1990 (A use-after-free flaw was found in ndlc_remove in 
drivers/nfc/st-nci/n ...)
-       - linux <unfixed> (unimportant)
+       - linux 6.1.25-1
        NOTE: 
https://git.kernel.org/linus/5000fe6c27827a61d8250a7e4a1d26c3298ef4f6 (6.3-rc3)
        NOTE: STMicroelectronics ST NCI NFC driver (NFC_ST_NCI_I2C, 
NFC_ST_NCI_SPI) not
        NOTE: enabled in Debian
 CVE-2023-1989 (A use-after-free flaw was found in btsdio_remove in 
drivers\bluetooth\ ...)
-       - linux <unfixed>
+       - linux 6.1.25-1
        NOTE: 
https://git.kernel.org/linus/1e9ac114c4428fdb7ff4635b45d4f46017e8916f (6.3-rc4)
 CVE-2023-1988 (A vulnerability was found in SourceCodester Online Computer and 
Laptop ...)
        NOT-FOR-US: SourceCodester Online Computer and Laptop Store
@@ -1910,7 +1910,7 @@ CVE-2023-30458
 CVE-2023-30457
        RESERVED
 CVE-2023-30456 (An issue was discovered in arch/x86/kvm/vmx/nested.c in the 
Linux kern ...)
-       - linux <unfixed>
+       - linux 6.1.25-1
        NOTE: 
https://git.kernel.org/linus/112e66017bff7f2837030f34c2bc19501e9212d5 (6.3-rc3)
 CVE-2023-30455
        RESERVED
@@ -4704,7 +4704,7 @@ CVE-2023-1860 (A vulnerability was found in Keysight IXIA 
Hawkeye 3.3.16.28. It
        NOT-FOR-US: Keysight IXIA Hawkeye
 CVE-2023-1859
        RESERVED
-       - linux <unfixed>
+       - linux 6.1.25-1
        NOTE: 
https://lore.kernel.org/all/20230313090002.3308025-1-zyytlz...@163.com/
 CVE-2023-1858 (A vulnerability was found in SourceCodester Earnings and 
Expense Track ...)
        NOT-FOR-US: SourceCodester Earnings and Expense Tracker App
@@ -6402,7 +6402,7 @@ CVE-2023-1613 (A vulnerability has been found in Rebuild 
up to 3.2.3 and classif
 CVE-2023-1612 (A vulnerability, which was classified as critical, was found in 
Rebuil ...)
        NOT-FOR-US: Rebuild
 CVE-2023-1611 (A use-after-free flaw was found in btrfs_search_slot in 
fs/btrfs/ctree ...)
-       - linux <unfixed>
+       - linux 6.1.25-1
        NOTE: 
https://lore.kernel.org/linux-btrfs/35b9a70650ea947387cf352914a8774b4f7e8a6f.1679481128.git.fdman...@suse.com/
 CVE-2023-1610 (A vulnerability, which was classified as critical, has been 
found in R ...)
        NOT-FOR-US: Rebuild
@@ -6530,7 +6530,7 @@ CVE-2023-28731 (AnyMailing Joomla Plugin is vulnerable to 
unauthenticated remote
 CVE-2023-27882
        RESERVED
 CVE-2023-1583 (A NULL pointer dereference was found in io_file_bitmap_get in 
io_uring ...)
-       - linux <unfixed>
+       - linux 6.1.25-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        [buster] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-block.git/commit/?h=io_uring-6.3&id=761efd55a0227aca3a69deacdaa112fffd44fe37



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c71c0f6a9177e1c68f490f7e442a3582ae26a452

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c71c0f6a9177e1c68f490f7e442a3582ae26a452
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits