diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2020-06-07 19:00:59 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2020-06-07 19:01:39 +0100 |
commit | 98bf7d1af0171e7abab29e9599c0037fe8a357a4 (patch) | |
tree | 1936b86d00ec2ef0874ca9dc7adf293e41b55397 | |
parent | c09c3e2cf54cab80d7bcf0c31a2f70fdc344d5b6 (diff) |
dsa-texts: Fill in more issue descriptions
-rw-r--r-- | dsa-texts/3.16.84-1 | 4 | ||||
-rw-r--r-- | dsa-texts/4.19.118-2+deb10u1 | 5 | ||||
-rw-r--r-- | dsa-texts/4.9.210-1+deb9u1 | 17 |
3 files changed, 21 insertions, 5 deletions
diff --git a/dsa-texts/3.16.84-1 b/dsa-texts/3.16.84-1 index 869b7717..41fa4ee6 100644 --- a/dsa-texts/3.16.84-1 +++ b/dsa-texts/3.16.84-1 @@ -16,7 +16,9 @@ CVE ID : CVE-2015-8839 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612 CVE-2015-8839 - Description + A race condition was found in the ext4 filesystem implementation. + A local user could exploit this to cause a denial of service + (filesystem corruption). CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613 diff --git a/dsa-texts/4.19.118-2+deb10u1 b/dsa-texts/4.19.118-2+deb10u1 index d86e84e0..36740597 100644 --- a/dsa-texts/4.19.118-2+deb10u1 +++ b/dsa-texts/4.19.118-2+deb10u1 @@ -15,7 +15,10 @@ Debian Bug : 960271 CVE-2019-3016 - Description + It was discovered that the KVM implementation for x86 did not + always perform TLB flushes when needed, if the paravirtualised + TLB flush feature was enabled. This could lead to disclosure of + sensitive information within a guest VM. CVE-2019-19462 diff --git a/dsa-texts/4.9.210-1+deb9u1 b/dsa-texts/4.9.210-1+deb9u1 index b0182231..94a59056 100644 --- a/dsa-texts/4.9.210-1+deb9u1 +++ b/dsa-texts/4.9.210-1+deb9u1 @@ -20,15 +20,26 @@ Debian Bug : 952660 CVE-2019-2182 - Description + Hanjun Guo and Lei Li reported a race condition in the arm64 + virtual memory management code, which could lead to an information + disclosure, denial of service (crash), or possibly privilege + escalation. CVE-2019-5108 - Description + Mitchell Frank of Cisco discovered that when the IEEE 802.11 + (WiFi) stack was used in AP mode with roaming, it would trigger + roaming for a newly associated station before the station was + authenticated. An attacker within range of the AP could use this + to cause a denial of service, either by filling up a switching + table or by redirecting traffic away from other stations. CVE-2019-19319 - Description + Jungyeon discovered that a crafted filesystem can cause the ext4 + implementation to deallocate or reallocate journal blocks. A user + permitted to mount filesystems could use this to cause a denial of + service (crash), or possibly for privilege escalation. CVE-2019-19462 |