diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-12-18 22:38:16 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-12-18 22:38:16 +0100 |
commit | b143cc6c1566652534c3a40b583adf54e3d92f96 (patch) | |
tree | 46fe93c09825fce68bd98d54072df44058748b9f /active/CVE-2021-3752 | |
parent | 974f2754945c659d72c354643399f8b095a40708 (diff) |
Update status for CVE-2021-3752
According to SUSE research the upstream fix is 1bff51ea59a9 ("Bluetooth:
fix use-after-free error in lock_sock_nested()"). There were earlier
mitigations which make the bug less easy to trigger. The 1bff51ea59a9
was backportd to several stable series.
Link: https://bugzilla.suse.com/show_bug.cgi?id=1190023#c3
Diffstat (limited to 'active/CVE-2021-3752')
-rw-r--r-- | active/CVE-2021-3752 | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/active/CVE-2021-3752 b/active/CVE-2021-3752 index e05e3e7f..983a5b31 100644 --- a/active/CVE-2021-3752 +++ b/active/CVE-2021-3752 @@ -8,11 +8,11 @@ Notes: carnil> sk before connecting") in 5.13-rc1 (and 5.10.38, 4.19.191) this carnil> bug is not easy to trigger itself. Bugs: -upstream: -5.10-upstream-stable: -4.19-upstream-stable: -4.9-upstream-stable: -sid: -5.10-bullseye-security: -4.19-buster-security: -4.9-stretch-security: +upstream: released (5.16-rc1) [1bff51ea59a9afb67d2dd78518ab0582a54a472c] +5.10-upstream-stable: released (5.10.80) [c10465f6d6208db2e45a6dac1db312b9589b2583] +4.19-upstream-stable: released (4.19.218) [72bb30165337b7bce77578ad151fbfab6c8e693c] +4.9-upstream-stable: released (4.9.291) [d19ea7da0eeb61be28ec05d8b8bddec3dde71610] +sid: released (5.15.3-1) +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: needed +4.9-stretch-security: needed |