summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-10-18 17:06:00 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2020-10-18 17:07:41 +0200
commit872d8bb0a40122543fa1d1a65aea8dedd96085e5 (patch)
tree283133804442403fa6b45345f59c7aa1fb74ee80
parent627cecd5b7d8ecba97fdbb4eb1310cf20f84c602 (diff)
Add draft for 4.19.152-1 upload
-rw-r--r--dsa-texts/4.19.152-145
1 files changed, 45 insertions, 0 deletions
diff --git a/dsa-texts/4.19.152-1 b/dsa-texts/4.19.152-1
new file mode 100644
index 00000000..49351deb
--- /dev/null
+++ b/dsa-texts/4.19.152-1
@@ -0,0 +1,45 @@
+Package: linux
+CVE ID: CVE-2020-12351 CVE-2020-12352 CVE-2020-25211 CVE-2020-25643 CVE-2020-25645
+
+Several vulnerabilities have been discovered in the Linux kernel that
+may lead to a privilege escalation, denial of service or information
+leaks.
+
+CVE-2020-12351
+
+ Andy Nguyen discovered a flaw in the Bluetooth implementation in the
+ way L2CAP packets with A2MP CID are handled. A remote attacker in
+ short distance knowing the victim's bd address can send a malicious
+ l2cap packet and cause denial of service or possibly arbitrary code
+ execution with kernel privileges.
+
+CVE-2020-12352
+
+ Andy Nguyen discovered flaw in the Bluetooth implementation. Stack
+ memory is not properly initialised when handling certain AMP
+ packets. A remote attacker in short distance knowing the victim's bd
+ address can retrieve kernel stack information.
+
+CVE-2020-25211
+
+ A flaw was discovered in netfilter subsystem. A local attacker able
+ to inject conntrack netlink configuration can take advantage of this
+ flaw to cause a denial of service or trigger use of of incorrect
+ protocol numbers.
+
+CVE-2020-25643
+
+ ChenNan Of Chaitin Security Research Lab discovered a flaw in the
+ hdlc_ppp module. Improper input validation in the ppp_cp_parse_cr
+ function leads to memory corruption and read overflow.
+
+CVE-2020-25645
+
+ A flaw was discovered in the interface driver for GENEVE
+ encapsulated traffic when combined with IPsec. When IPsec is
+ configured to encrypt traffic for the specific UDP port used by the
+ GENEVE tunnel, tunneled data isn't correctly routed over the
+ encrypted link and sent unencrypted instead.
+
+The vulnerabilities are fixed by rebasing to the new
+stable upstream version 4.19.152 which includes additional bugfixes.

© 2014-2024 Faster IT GmbH | imprint | privacy policy