diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-06-15 07:33:54 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-06-15 07:33:54 +0200 |
commit | 4bb654606ab55a981044175caa5373846e31b960 (patch) | |
tree | df3327847c028a85331c96a1e4c7d4faaf9ad7cb /retired/CVE-2019-19462 | |
parent | e33f586f31f8042b29511f3071182d0359ceca28 (diff) |
Retire some CVEs
Diffstat (limited to 'retired/CVE-2019-19462')
-rw-r--r-- | retired/CVE-2019-19462 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/retired/CVE-2019-19462 b/retired/CVE-2019-19462 new file mode 100644 index 00000000..14fd4745 --- /dev/null +++ b/retired/CVE-2019-19462 @@ -0,0 +1,20 @@ +Description: relay: handle alloc_percpu returning NULL in relay_open +References: + https://lore.kernel.org/lkml/20191129013745.7168-1-dja@axtens.net/ + https://syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8 + https://syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531 + https://syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046 + https://syzkaller.appspot.com/bug?id=f4d1cb4330bd3ddf4a628332b4285407b2eedd7b + https://lore.kernel.org/lkml/20191219121256.26480-1-dja@axtens.net/ +Notes: + bwh> Introduced in 4.9 (not 4.10) by commit 017c59c042d0 "relay: Use per + bwh> CPU constructs for the relay channel buffer pointers". +Bugs: +upstream: released (5.8-rc1) [54e200ab40fc14c863bcc80a51e20b7906608fce] +4.19-upstream-stable: released (4.19.127) [8b5dfa53eeb6c8bba5a035d38f6f8b981aebb622] +4.9-upstream-stable: released (4.9.227) [d1774b0459875e2bf3e93b86294296e5494fd0b7] +3.16-upstream-stable: N/A "Vulnerability introduced later" +sid: released (5.6.14-2) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] +4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] +4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] +3.16-jessie-security: N/A "Vulnerability introduced later" |