Merge branch 'CVE-2020-8835'

author: Salvatore Bonaccorso <carnil@debian.org> 2020-03-30 18:44:01 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-03-30 18:44:01 +0200
commit: 367a27c0957657031261b3c6880d5448c1c7e9ee (patch)
tree: d2a6191475adde33c0c56984eaf57125669764ca
parent: 156f9fa6b8a1d690bcbcb74b414c124e0d5c854e (diff)
parent: 7b8acbb49fe61691ed37f70de7ba1f1d3f7f7957 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2020-8835 b/active/CVE-2020-8835
new file mode 100644
index 00000000..2af81f62
--- /dev/null
+++ b/active/CVE-2020-8835
@@ -0,0 +1,17 @@
+Description:
+References:
+Notes:
+ carnil> CRD: Monday, March 30th, 16:00 UTC.
+ carnil> Introduced by commit 581738a681b6 ("bpf: Provide better
+ carnil> register bounds after jmp32 instructions") in 5.5-rc1 and was
+ carnil> backported to 5.4.7.
+ carnil> CVE as well known as ZDI-CAN-10780.
+Bugs:
+upstream: needed
+4.19-upstream-stable: N/A "Vulnerable code introduced later"
+4.9-upstream-stable: N/A "Vulnerable code introduced later"
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+sid: needed
+4.19-buster-security: N/A "Vulnerable code introduced later"
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
author	Salvatore Bonaccorso <carnil@debian.org>	2020-03-30 18:44:01 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-03-30 18:44:01 +0200
commit	367a27c0957657031261b3c6880d5448c1c7e9ee (patch)
tree	d2a6191475adde33c0c56984eaf57125669764ca
parent	156f9fa6b8a1d690bcbcb74b414c124e0d5c854e (diff)
parent	7b8acbb49fe61691ed37f70de7ba1f1d3f7f7957 (diff)