diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2020-06-07 23:42:08 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2020-06-08 00:12:44 +0100 |
commit | 4cc0ec706f55b39998cfc376dc4162bc74738921 (patch) | |
tree | ad174b7e8489e73b2590a7183adcb60d98dc292e | |
parent | 4879976bc0757f0d3910a28f31e96baef9641ce1 (diff) |
dsa-texts: Fill in more issue descriptions
-rw-r--r-- | dsa-texts/3.16.84-1 | 51 | ||||
-rw-r--r-- | dsa-texts/4.19.118-2+deb10u1 | 11 | ||||
-rw-r--r-- | dsa-texts/4.9.210-1+deb9u1 | 42 |
3 files changed, 77 insertions, 27 deletions
diff --git a/dsa-texts/3.16.84-1 b/dsa-texts/3.16.84-1 index b0a8124b..da2e9381 100644 --- a/dsa-texts/3.16.84-1 +++ b/dsa-texts/3.16.84-1 @@ -60,7 +60,7 @@ CVE-2019-19768 CVE-2019-20636 - The syzkaller tool found that the input subsystem did not fully + The syzbot tool found that the input subsystem did not fully validate keycode changes, which could result in a heap out-of-bounds write. A local user permitted to access the device node for an input or VT device could possibly use this to cause a @@ -106,25 +106,36 @@ CVE-2020-2732 L2 guest to cause privilege escalation, denial of service, or information leaks in the L1 guest. -CVE-2020-8647 +CVE-2020-8647, CVE-2020-8649 - Description + The Hulk Robot tool found a potential MMIO out-of-bounds access in + the vgacon driver. A local user permitted to access a virtual + terminal (/dev/tty1 etc.) on a system using the vgacon driver + could use this to cause a denial of service (crash or memory + corruption) or possibly for privilege escalation. CVE-2020-8648 - Description - -CVE-2020-8649 - - Description + The syzbot tool found a race condition in the the virtual terminal + driver, which could result in a use-after-free. A local user + permitted to access a virtual terminal could use this to cause a + denial of service (crash or memory corruption) or possibly for + privilege escalation. CVE-2020-9383 - Description + Jordy Zomer reported an incorrect range check in the floppy driver + which could lead to a static out-of-bounds access. A local user + permitted to access a floppy drive could use this to cause a + denial of service (crash or memory corruption) or possibly for + privilege escalation. CVE-2020-10690 - Description + It was discovered that the PTP hardware clock subsystem did not + properly manage device lifetimes. Removing a PTP hardware clock + from the system while a user process was using it could lead to a + use-after-free. The security impact of this is unclear. CVE-2020-10751 @@ -188,15 +199,29 @@ CVE-2020-12769 CVE-2020-12770 - Description + It was discovered that the sg (SCSI generic) driver did not + correctly release internal resources in a particular error case. + A local user permitted to access an sg device could possibly use + this to cause a denial of service (resource exhaustion). CVE-2020-12826 - Description + Adam Zabrocki reported a weakness in the signal subsystem's + permission checks. A parent process can choose an arbitary signal + for a child process to send when it exits, but if the parent has + executed a new program then the default SIGCHLD signal is sent. A + local user permitted to run a program for several days could + bypass this check, execute a setuid program, and then send an + arbitrary signal to it. Depending on the setuid programs + installed, this could have some security impact. CVE-2020-13143 - Description + Kyungtae Kim reported a potential heap out-of-bounds write in + the USB gadget subsystem. A local user permitted to write to + the gadget configuration filesystem could use this to cause a + denial of service (crash or memory corruption) or potentially + for privilege escalation. For Debian 8 "Jessie", these problems have been fixed in version 3.16.84-1. diff --git a/dsa-texts/4.19.118-2+deb10u1 b/dsa-texts/4.19.118-2+deb10u1 index cd5590ef..55b7c443 100644 --- a/dsa-texts/4.19.118-2+deb10u1 +++ b/dsa-texts/4.19.118-2+deb10u1 @@ -73,11 +73,18 @@ CVE-2020-12768 CVE-2020-12770 - Description + It was discovered that the sg (SCSI generic) driver did not + correctly release internal resources in a particular error case. + A local user permitted to access an sg device could possibly use + this to cause a denial of service (resource exhaustion). CVE-2020-13143 - Description + Kyungtae Kim reported a potential heap out-of-bounds write in + the USB gadget subsystem. A local user permitted to write to + the gadget configuration filesystem could use this to cause a + denial of service (crash or memory corruption) or potentially + for privilege escalation. For the stable distribution (buster), these problems have been fixed in version 4.19.118-2+deb10u1. diff --git a/dsa-texts/4.9.210-1+deb9u1 b/dsa-texts/4.9.210-1+deb9u1 index 3bb1e48f..496144ea 100644 --- a/dsa-texts/4.9.210-1+deb9u1 +++ b/dsa-texts/4.9.210-1+deb9u1 @@ -43,7 +43,7 @@ CVE-2019-19319 CVE-2019-19462 - The syzkaller tool found a missing error check in the 'relay' + The syzbot tool found a missing error check in the 'relay' library used to implement various files under debugfs. A local user permitted to access debugfs could use this to cause a denial of service (crash) or possibly for privilege escalation. @@ -92,23 +92,34 @@ CVE-2020-2732 CVE-2020-8428 - Description + Al Viro discovered a potential use-after-free in the filesystem + core (vfs). A local user could exploit this to cause a denial of + service (crash) or possibly to obtain sensitive information from + the kernel. -CVE-2020-8647 +CVE-2020-8647, CVE-2020-8649 - Description + The Hulk Robot tool found a potential MMIO out-of-bounds access in + the vgacon driver. A local user permitted to access a virtual + terminal (/dev/tty1 etc.) on a system using the vgacon driver + could use this to cause a denial of service (crash or memory + corruption) or possibly for privilege escalation. CVE-2020-8648 - Description - -CVE-2020-8649 - - Description + The syzbot tool found a race condition in the the virtual terminal + driver, which could result in a use-after-free. A local user + permitted to access a virtual terminal could use this to cause a + denial of service (crash or memory corruption) or possibly for + privilege escalation. CVE-2020-9383 - Description + Jordy Zomer reported an incorrect range check in the floppy driver + which could lead to a static out-of-bounds access. A local user + permitted to access a floppy drive could use this to cause a + denial of service (crash or memory corruption) or possibly for + privilege escalation. CVE-2020-10711 @@ -180,11 +191,18 @@ CVE-2020-12654 CVE-2020-12770 - Description + It was discovered that the sg (SCSI generic) driver did not + correctly release internal resources in a particular error case. + A local user permitted to access an sg device could possibly use + this to cause a denial of service (resource exhaustion). CVE-2020-13143 - Description + Kyungtae Kim reported a potential heap out-of-bounds write in + the USB gadget subsystem. A local user permitted to write to + the gadget configuration filesystem could use this to cause a + denial of service (crash or memory corruption) or potentially + for privilege escalation. For the oldstable distribution (stretch), these problems have been fixed in version 4.9.210-1+deb9u1. |