Note some issues that have minimal or no security impact

3 files changed, 9 insertions, 2 deletions

diff --git a/active/CVE-2019-19072 b/active/CVE-2019-19072
index caf67ffa2..f7039b545 100644
--- a/active/CVE-2019-19072
+++ b/active/CVE-2019-19072
@@ -3,6 +3,8 @@ References:
 Notes:
  carnil> Introduced in 80765597bc58 ("tracing: Rewrite filter logic to
  carnil> be simpler and faster") in 4.17-rc1.
+ bwh> This doesn't seem to have a security impact since tracing is a
+ bwh> privileged operation.
 Bugs:
 upstream: released (5.4-rc1) [96c5c6e6a5b6db592acae039fed54b5c8844cd35]
 4.19-upstream-stable: needed
diff --git a/active/CVE-2019-19082 b/active/CVE-2019-19082
index d08b55d63..1eb4818e9 100644
--- a/active/CVE-2019-19082
+++ b/active/CVE-2019-19082
@@ -1,6 +1,8 @@
 Description: drm/amd/display: prevent memory leak
 References:
 Notes:
+ bwh> This has minimal security imapct since it is triggered by
+ bwh> an error during device probing or reinitialisation.
 Bugs:
 upstream: released (5.4-rc1) [104c307147ad379617472dd91a5bcb368d72bd6d]
 4.19-upstream-stable: needed
diff --git a/active/CVE-2019-20810 b/active/CVE-2019-20810
index ef1c9b87d..ef75ef134 100644
--- a/active/CVE-2019-20810
+++ b/active/CVE-2019-20810
@@ -1,12 +1,15 @@
 Description: media: go7007: fix a miss of snd_card_free
 References:
 Notes:
+ bwh> This has minimal security imapct since it is triggered by
+ bwh> an error during device probing.
+ bwh> In 3.16, this driver is in drivers/staging/media/go7007.
 Bugs:
 upstream: released (5.6-rc1) [9453264ef58638ce8976121ac44c07a3ef375983]
 4.19-upstream-stable: needed
 4.9-upstream-stable: needed
-3.16-upstream-stable:
+3.16-upstream-stable: needed
 sid: released (5.6.7-1)
 4.19-buster-security: needed
 4.9-stretch-security: needed
-3.16-jessie-security:
+3.16-jessie-security: needed