diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-01-31 14:48:47 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-01-31 14:48:47 +0100 |
| commit | 472d8bc739cf431efa49dd087a3a599df1e87392 (patch) | |
| tree | 04822bab33f5e10a4212e6e5c1000521e6548bd9 /dsa-texts/4.19.171-2 | |
| parent | c7fc8cc4ffcf229e449ff199368bda2d4c35754d (diff) | |
Add draft text for 4.19.171-2 based DSA
Diffstat (limited to 'dsa-texts/4.19.171-2')
| -rw-r--r-- | dsa-texts/4.19.171-2 | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/dsa-texts/4.19.171-2 b/dsa-texts/4.19.171-2 new file mode 100644 index 00000000..0c058f56 --- /dev/null +++ b/dsa-texts/4.19.171-2 @@ -0,0 +1,82 @@ +Package: linux +CVE ID: CVE-2020-27815 CVE-2020-27825 CVE-2020-27830 CVE-2020-28374 CVE-2020-29568 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2020-36158 CVE-2021-3347 CVE-2021-20177 + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a privilege escalation, denial of service or information +leaks. + +CVE-2020-27815 + + A flaw was reported in the JFS filesystem code allowing a local + attacker with the ability to set extended attributes to cause a + denial of service. + +CVE-2020-27825 + + Adam 'pi3' Zabrocki reported a use-after-free flaw the ftrace ring + buffer resizing logic due to a race condition, which could result in + denial of service or information leak. + +CVE-2020-27830 + + Shisong Qin reported a NULL pointer dereference flaw in the Speakup + screen reader core driver. + +CVE-2020-28374 + + David Disseldorp discovered that the LIO SCSI target implementation + performed insufficient checking in certain XCOPY requests. An + attacker with access to a LUN and knowledge of Unit Serial Number + assignments can take advantage of this flaw to read and write to any + LIO backstore, regardless of the SCSI transport settings. + +CVE-2020-29568 (XSA-349) + + Michael Kurth and Pawel Wieczorkiewicz reported that frontends can + trigger OOM in backends by updating a watched path. + +CVE-2020-29569 (XSA-350) + + Olivier Benjamin and Pawel Wieczorkiewicz reported a use-after-free + flaw which can be triggered block frontend in Linux blkback. A + misbehaving guest can trigger a dom0 crash by continuously + connecting / disconnecting a block frontend. + +CVE-2020-29660 + + Jann Horn reported a locking inconsistency issue in the tty + subsystem which may allow a local attacker to mount a + read-after-free attack against TIOCGSID. + +CVE-2020-29661 + + Jann Horn reported a locking issue in the tty subsystem which + can result in a use-after-free. A local attacker can take + advantage of this flaw for memory corruption or privilege + escalation. + +CVE-2020-36158 + + A buffer overflow flaw was discovered in the mwifiex WiFi driver + which could result in denial of service or the execution of + arbitrary code via a long SSID value. + +CVE-2021-3347 + + It was discovered that PI futexes have a kernel stack use-after-free + during fault handling. An unprivileged user could use this flaw to + crash the kernel (resulting in denial of service) or for privilege + escalation. + +CVE-2021-20177 + + A flaw was discovered in the Linux implementation of string matching + within a packet. A privileged user (with root or CAP_NET_ADMIN) can + take advantage of this flaw to cause a kernel panic when inserting + iptables rules. + +Do not list CVE-2021-3178 for DSA but add directly to data/CVE/list (as +unimportant severity and disputed, but just track the fix). + +CVE-2021-3178 + [buster] - linux 4.19.171-1 |