Add two recent issues without CVE IDs

2 files changed, 28 insertions, 0 deletions

diff --git a/active/CVE-2019-ctnl-addr-leak b/active/CVE-2019-ctnl-addr-leak
new file mode 100644
index 00000000..9a149f38
--- /dev/null
+++ b/active/CVE-2019-ctnl-addr-leak
@@ -0,0 +1,13 @@
+Description: ctnetlink uses kernel addresses as user-visible IDs
+References:
+Notes:
+ bwh> Fix depends on adding siphash
+Bugs:
+upstream: released (5.1-rc7) [3c79107631db1f7fd32cf3f7368e4672004a3010]
+4.19-upstream-stable: released (4.19.44) [7b115755fb9d3aff0ddcd18a5c4d83381362acce]
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+sid: released (5.2.6-1)
+4.19-buster-security: needed
+4.9-stretch-security: needed
+3.16-jessie-security: needed
diff --git a/active/CVE-2019-kvm-guest-xcr0 b/active/CVE-2019-kvm-guest-xcr0
new file mode 100644
index 00000000..4d7278da
--- /dev/null
+++ b/active/CVE-2019-kvm-guest-xcr0
@@ -0,0 +1,15 @@
+Description: KVM guest's XCR0 is used in host after MCE
+References:
+Notes:
+ bwh> Branches before 4.14 should probably apply commit b060ca3b2e9e
+ bwh> "kvm: vmx: Handle VMLAUNCH/VMRESUME failure properly" first, if
+ bwh> only to avoid conflicts.
+Bugs:
+upstream: released  (5.1-rc6) [1811d979c71621aafc7b879477202d286f7e863b]
+4.19-upstream-stable: needed
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+sid: released (5.2.6-1)
+4.19-buster-security: needed
+4.9-stretch-security: needed
+3.16-jessie-security: needed