dsa-texts: Fill in more issue descriptions

3 files changed, 77 insertions, 27 deletions

diff --git a/dsa-texts/3.16.84-1 b/dsa-texts/3.16.84-1
index b0a8124b..da2e9381 100644
--- a/dsa-texts/3.16.84-1
+++ b/dsa-texts/3.16.84-1
@@ -60,7 +60,7 @@ CVE-2019-19768
 
 CVE-2019-20636
 
-    The syzkaller tool found that the input subsystem did not fully
+    The syzbot tool found that the input subsystem did not fully
     validate keycode changes, which could result in a heap
     out-of-bounds write.  A local user permitted to access the device
     node for an input or VT device could possibly use this to cause a
@@ -106,25 +106,36 @@ CVE-2020-2732
     L2 guest to cause privilege escalation, denial of service, or
     information leaks in the L1 guest.
 
-CVE-2020-8647
+CVE-2020-8647, CVE-2020-8649
 
-    Description
+    The Hulk Robot tool found a potential MMIO out-of-bounds access in
+    the vgacon driver.  A local user permitted to access a virtual
+    terminal (/dev/tty1 etc.) on a system using the vgacon driver
+    could use this to cause a denial of service (crash or memory
+    corruption) or possibly for privilege escalation.
 
 CVE-2020-8648
 
-    Description
-
-CVE-2020-8649
-
-    Description
+    The syzbot tool found a race condition in the the virtual terminal
+    driver, which could result in a use-after-free.  A local user
+    permitted to access a virtual terminal could use this to cause a
+    denial of service (crash or memory corruption) or possibly for
+    privilege escalation.
 
 CVE-2020-9383
 
-    Description
+    Jordy Zomer reported an incorrect range check in the floppy driver
+    which could lead to a static out-of-bounds access.  A local user
+    permitted to access a floppy drive could use this to cause a
+    denial of service (crash or memory corruption) or possibly for
+    privilege escalation.
 
 CVE-2020-10690
 
-    Description
+    It was discovered that the PTP hardware clock subsystem did not
+    properly manage device lifetimes.  Removing a PTP hardware clock
+    from the system while a user process was using it could lead to a
+    use-after-free.  The security impact of this is unclear.
 
 CVE-2020-10751
 
@@ -188,15 +199,29 @@ CVE-2020-12769
 
 CVE-2020-12770
 
-    Description
+    It was discovered that the sg (SCSI generic) driver did not
+    correctly release internal resources in a particular error case.
+    A local user permitted to access an sg device could possibly use
+    this to cause a denial of service (resource exhaustion).
 
 CVE-2020-12826
 
-    Description
+    Adam Zabrocki reported a weakness in the signal subsystem's
+    permission checks.  A parent process can choose an arbitary signal
+    for a child process to send when it exits, but if the parent has
+    executed a new program then the default SIGCHLD signal is sent.  A
+    local user permitted to run a program for several days could
+    bypass this check, execute a setuid program, and then send an
+    arbitrary signal to it.  Depending on the setuid programs
+    installed, this could have some security impact.
 
 CVE-2020-13143
 
-    Description
+    Kyungtae Kim reported a potential heap out-of-bounds write in
+    the USB gadget subsystem.  A local user permitted to write to
+    the gadget configuration filesystem could use this to cause a
+    denial of service (crash or memory corruption) or potentially
+    for privilege escalation.
 
 For Debian 8 "Jessie", these problems have been fixed in version
 3.16.84-1.
diff --git a/dsa-texts/4.19.118-2+deb10u1 b/dsa-texts/4.19.118-2+deb10u1
index cd5590ef..55b7c443 100644
--- a/dsa-texts/4.19.118-2+deb10u1
+++ b/dsa-texts/4.19.118-2+deb10u1
@@ -73,11 +73,18 @@ CVE-2020-12768
 
 CVE-2020-12770
 
-    Description
+    It was discovered that the sg (SCSI generic) driver did not
+    correctly release internal resources in a particular error case.
+    A local user permitted to access an sg device could possibly use
+    this to cause a denial of service (resource exhaustion).
 
 CVE-2020-13143
 
-    Description
+    Kyungtae Kim reported a potential heap out-of-bounds write in
+    the USB gadget subsystem.  A local user permitted to write to
+    the gadget configuration filesystem could use this to cause a
+    denial of service (crash or memory corruption) or potentially
+    for privilege escalation.
 
 For the stable distribution (buster), these problems have been fixed in
 version 4.19.118-2+deb10u1.
diff --git a/dsa-texts/4.9.210-1+deb9u1 b/dsa-texts/4.9.210-1+deb9u1
index 3bb1e48f..496144ea 100644
--- a/dsa-texts/4.9.210-1+deb9u1
+++ b/dsa-texts/4.9.210-1+deb9u1
@@ -43,7 +43,7 @@ CVE-2019-19319
 
 CVE-2019-19462
 
-    The syzkaller tool found a missing error check in the 'relay'
+    The syzbot tool found a missing error check in the 'relay'
     library used to implement various files under debugfs.  A local
     user permitted to access debugfs could use this to cause a denial
     of service (crash) or possibly for privilege escalation.
@@ -92,23 +92,34 @@ CVE-2020-2732
 
 CVE-2020-8428
 
-    Description
+    Al Viro discovered a potential use-after-free in the filesystem
+    core (vfs).  A local user could exploit this to cause a denial of
+    service (crash) or possibly to obtain sensitive information from
+    the kernel.
 
-CVE-2020-8647
+CVE-2020-8647, CVE-2020-8649
 
-    Description
+    The Hulk Robot tool found a potential MMIO out-of-bounds access in
+    the vgacon driver.  A local user permitted to access a virtual
+    terminal (/dev/tty1 etc.) on a system using the vgacon driver
+    could use this to cause a denial of service (crash or memory
+    corruption) or possibly for privilege escalation.
 
 CVE-2020-8648
 
-    Description
-
-CVE-2020-8649
-
-    Description
+    The syzbot tool found a race condition in the the virtual terminal
+    driver, which could result in a use-after-free.  A local user
+    permitted to access a virtual terminal could use this to cause a
+    denial of service (crash or memory corruption) or possibly for
+    privilege escalation.
 
 CVE-2020-9383
 
-    Description
+    Jordy Zomer reported an incorrect range check in the floppy driver
+    which could lead to a static out-of-bounds access.  A local user
+    permitted to access a floppy drive could use this to cause a
+    denial of service (crash or memory corruption) or possibly for
+    privilege escalation.
 
 CVE-2020-10711
 
@@ -180,11 +191,18 @@ CVE-2020-12654
 
 CVE-2020-12770
 
-    Description
+    It was discovered that the sg (SCSI generic) driver did not
+    correctly release internal resources in a particular error case.
+    A local user permitted to access an sg device could possibly use
+    this to cause a denial of service (resource exhaustion).
 
 CVE-2020-13143
 
-    Description
+    Kyungtae Kim reported a potential heap out-of-bounds write in
+    the USB gadget subsystem.  A local user permitted to write to
+    the gadget configuration filesystem could use this to cause a
+    denial of service (crash or memory corruption) or potentially
+    for privilege escalation.
 
 For the oldstable distribution (stretch), these problems have been fixed
 in version 4.9.210-1+deb9u1.