Update status for CVE-2021-3752

According to SUSE research the upstream fix is 1bff51ea59a9 ("Bluetooth: fix use-after-free error in lock_sock_nested()"). There were earlier mitigations which make the bug less easy to trigger. The 1bff51ea59a9 was backportd to several stable series. Link: https://bugzilla.suse.com/show_bug.cgi?id=1190023#c3
author: Salvatore Bonaccorso <carnil@debian.org> 2021-12-18 22:38:16 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-12-18 22:38:16 +0100
commit: b143cc6c1566652534c3a40b583adf54e3d92f96 (patch)
tree: 46fe93c09825fce68bd98d54072df44058748b9f /active/CVE-2021-3752
parent: 974f2754945c659d72c354643399f8b095a40708 (diff)
1 files changed, 8 insertions, 8 deletions
diff --git a/active/CVE-2021-3752 b/active/CVE-2021-3752
index e05e3e7f..983a5b31 100644
--- a/active/CVE-2021-3752
+++ b/active/CVE-2021-3752
@@ -8,11 +8,11 @@ Notes:
  carnil> sk before connecting") in 5.13-rc1 (and 5.10.38, 4.19.191) this
  carnil> bug is not easy to trigger itself.
 Bugs:
-upstream:
-5.10-upstream-stable:
-4.19-upstream-stable:
-4.9-upstream-stable:
-sid:
-5.10-bullseye-security:
-4.19-buster-security:
-4.9-stretch-security:
+upstream: released (5.16-rc1) [1bff51ea59a9afb67d2dd78518ab0582a54a472c]
+5.10-upstream-stable: released (5.10.80) [c10465f6d6208db2e45a6dac1db312b9589b2583]
+4.19-upstream-stable: released (4.19.218) [72bb30165337b7bce77578ad151fbfab6c8e693c]
+4.9-upstream-stable: released (4.9.291) [d19ea7da0eeb61be28ec05d8b8bddec3dde71610]
+sid: released (5.15.3-1)
+5.10-bullseye-security: released (5.10.84-1)
+4.19-buster-security: needed
+4.9-stretch-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2021-12-18 22:38:16 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-12-18 22:38:16 +0100
commit	b143cc6c1566652534c3a40b583adf54e3d92f96 (patch)
tree	46fe93c09825fce68bd98d54072df44058748b9f /active/CVE-2021-3752
parent	974f2754945c659d72c354643399f8b095a40708 (diff)