Copy descriptions for issues previously fixed in other suites

2 files changed, 40 insertions, 21 deletions

diff --git a/dsa-texts/3.16.84-1 b/dsa-texts/3.16.84-1
index 7d14f550..869b7717 100644
--- a/dsa-texts/3.16.84-1
+++ b/dsa-texts/3.16.84-1
@@ -18,21 +18,12 @@ CVE-2015-8839
 
     Description
 
-CVE-2018-14610
+CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613
 
-    Description
-
-CVE-2018-14611
-
-    Description
-
-CVE-2018-14612
-
-    Description
-
-CVE-2018-14613
-
-    Description
+    Wen Xu from SSLab at Gatech reported that crafted Btrfs volumes
+    could trigger a crash (Oops) and/or out-of-bounds memory access.
+    An attacker able to mount such a volume could use this to cause a
+    denial of service or possibly for privilege escalation.
 
 CVE-2019-5108
 
@@ -44,7 +35,11 @@ CVE-2019-19319
 
 CVE-2019-19447
 
-    Description
+    It was discovered that the ext4 filesystem driver did not safely
+    handle unlinking of an inode that, due to filesystem corruption,
+    already has a link count of 0.  An attacker able to mount
+    arbitrary ext4 volumes could use this to cause a denial of service
+    (memory corruption or crash) or possibly for privilege escalation.
 
 CVE-2019-19768
 
@@ -68,7 +63,11 @@ CVE-2020-1749
 
 CVE-2020-2732
 
-    Description
+    Paulo Bonzini discovered that the KVM implementation for Intel
+    processors did not properly handle instruction emulation for L2
+    guests when nested virtualization is enabled. This could allow an
+    L2 guest to cause privilege escalation, denial of service, or
+    information leaks in the L1 guest.
 
 CVE-2020-8647
 
@@ -96,7 +95,11 @@ CVE-2020-10751
 
 CVE-2020-10942
 
-    Description
+    It was discovered that the vhost_net driver did not properly
+    validate the type of sockets set as back-ends. A local user
+    permitted to access /dev/vhost-net could use this to cause a stack
+    corruption via crafted system calls, resulting in denial of
+    service (crash) or possibly privilege escalation.
 
 CVE-2020-11494
 
@@ -104,7 +107,11 @@ CVE-2020-11494
 
 CVE-2020-11565
 
-    Description
+    Entropy Moe reported that the shared memory filesystem (tmpfs) did
+    not correctly handle an "mpol" mount option specifying an empty
+    node list, leading to a stack-based out-of-bounds write. If user
+    namespaces are enabled, a local user could use this to cause a
+    denial of service (crash) or possibly for privilege escalation.
 
 CVE-2020-11608
 
diff --git a/dsa-texts/4.9.210-1+deb9u1 b/dsa-texts/4.9.210-1+deb9u1
index 64c3f16a..b0182231 100644
--- a/dsa-texts/4.9.210-1+deb9u1
+++ b/dsa-texts/4.9.210-1+deb9u1
@@ -52,7 +52,11 @@ CVE-2020-0543
 
 CVE-2020-2732
 
-    Description
+    Paulo Bonzini discovered that the KVM implementation for Intel
+    processors did not properly handle instruction emulation for L2
+    guests when nested virtualization is enabled. This could allow an
+    L2 guest to cause privilege escalation, denial of service, or
+    information leaks in the L1 guest.
 
 CVE-2020-8428
 
@@ -92,7 +96,11 @@ CVE-2020-10757
 
 CVE-2020-10942
 
-    Description
+    It was discovered that the vhost_net driver did not properly
+    validate the type of sockets set as back-ends. A local user
+    permitted to access /dev/vhost-net could use this to cause a stack
+    corruption via crafted system calls, resulting in denial of
+    service (crash) or possibly privilege escalation.
 
 CVE-2020-11494
 
@@ -100,7 +108,11 @@ CVE-2020-11494
 
 CVE-2020-11565
 
-    Description
+    Entropy Moe reported that the shared memory filesystem (tmpfs) did
+    not correctly handle an "mpol" mount option specifying an empty
+    node list, leading to a stack-based out-of-bounds write. If user
+    namespaces are enabled, a local user could use this to cause a
+    denial of service (crash) or possibly for privilege escalation.
 
 CVE-2020-11608