Retire CVE-2019-19947

author: Salvatore Bonaccorso <carnil@debian.org> 2020-06-20 11:24:30 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-06-20 11:24:30 +0200
commit: 3898e794c170cbfda18ee11783bfa0f90040e5c0 (patch)
tree: 14b12f8175258760895444d0c53c9eaca3c207ac /retired/CVE-2019-19947
parent: 1d1caefb56af87853aff7129432693fde11c8cd1 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2019-19947 b/retired/CVE-2019-19947
new file mode 100644
index 00000000..9feac128
--- /dev/null
+++ b/retired/CVE-2019-19947
@@ -0,0 +1,18 @@
+Description: can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices 
+References: 
+Notes:
+ carnil> Commit fixes 7259124eac7d ("can: kvaser_usb: Split driver into
+ carnil> kvaser_usb_core.c and kvaser_usb_leaf.c") in 4.19-rc1, but this
+ carnil> was a split of the codebasis so the issue might be present
+ carnil> before as well.
+ bwh> Introduced in 3.8 by commit 080f40a6fa28 "can: kvaser_usb: Add support
+ bwh> for Kvaser CAN/USB devices".
+Bugs:
+upstream: released (5.5-rc3) [da2311a6385c3b499da2ed5d9be59ce331fa93e9]
+4.19-upstream-stable: released (4.19.92) [9ed59600c3524f12144b30cfc1d86734cfb3927b]
+4.9-upstream-stable: released (4.9.228) [c8ed03b9c541e9ac25085d4c2c74b775161c1654]
+3.16-upstream-stable: released (3.16.81) [57087b5fae7189f036388760dd21e7a99ced313e]
+sid: released (5.4.8-1)
+4.19-buster-security: released (4.19.98-1)
+4.9-stretch-security: released (4.9.210-1) [bugfix/all/can-kvaser_usb-kvaser_usb_leaf-Fix-some-info-leaks-t.patch]
+3.16-jessie-security: released (3.16.81-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-06-20 11:24:30 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-06-20 11:24:30 +0200
commit	3898e794c170cbfda18ee11783bfa0f90040e5c0 (patch)
tree	14b12f8175258760895444d0c53c9eaca3c207ac /retired/CVE-2019-19947
parent	1d1caefb56af87853aff7129432693fde11c8cd1 (diff)