Add note for CVE-2019-19377

author: Salvatore Bonaccorso <carnil@debian.org> 2020-04-18 08:21:24 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-04-18 08:21:24 +0200
commit: ccf5afcaaac8a27b9e640c3de59071935fbe3885 (patch)
tree: 6924b50424f384856d748a59097e86910bc6f14f /active/CVE-2019-19377
parent: cf05cbdffe7323cc2fa66bba07f5f251168a7824 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/active/CVE-2019-19377 b/active/CVE-2019-19377
index f1ed498e..8e09f247 100644
--- a/active/CVE-2019-19377
+++ b/active/CVE-2019-19377
@@ -2,6 +2,9 @@ Description: btrfs: crafted image causes use-after-free in btrfs_queue_work
 References:
  https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19377
 Notes:
+ carnil> This might affect only 5.4+ stable releases, the fix at least
+ carnil> was submitted for those only and addressed in 5.4.33, 5.5.18
+ carnil> and 5.6.5 as well. This needs to be verified/confirmed.
 Bugs:
 upstream: released (5.7-rc1) [b3ff8f1d380e65dddd772542aa9bff6c86bf715a]
 4.19-upstream-stable:
author	Salvatore Bonaccorso <carnil@debian.org>	2020-04-18 08:21:24 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-04-18 08:21:24 +0200
commit	ccf5afcaaac8a27b9e640c3de59071935fbe3885 (patch)
tree	6924b50424f384856d748a59097e86910bc6f14f /active/CVE-2019-19377
parent	cf05cbdffe7323cc2fa66bba07f5f251168a7824 (diff)