Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2020-09-26 10:52:26 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-09-26 10:52:26 +0200
commit: 8d6eac2346ca8fe2703170453cf5e22779a2fdec (patch)
tree: af074994b2f98973141e838d074ce1c52148afe5 /retired/CVE-2020-15780
parent: 7772a03900735b97ac9eabc3116b4adb186cd850 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2020-15780 b/retired/CVE-2020-15780
new file mode 100644
index 00000000..fbbac8c0
--- /dev/null
+++ b/retired/CVE-2020-15780
@@ -0,0 +1,15 @@
+Description: ACPI: configfs: Disallow loading ACPI tables when locked down
+References:
+ https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh
+ https://www.openwall.com/lists/oss-security/2020/06/15/3
+ https://www.openwall.com/lists/oss-security/2020/07/30/2
+Notes:
+ carnil> We do not enable CONFIG_ACPI_CONFIGFS so this is not a problem
+ carnil> for the images built.
+Bugs:
+upstream: released (5.8-rc3) [75b0cea7bf307f362057cc778efe89af4c615354]
+4.19-upstream-stable: N/A "lockdown not implemented"
+4.9-upstream-stable: N/A "lockdown not implemented"
+sid: released (5.7.10-1)
+4.19-buster-security: released (4.19.146-1) [features/all/lockdown/ACPI-configfs-Disallow-loading-ACPI-tables-when-lock.patch]
+4.9-stretch-security: ignored "securelevel included but not supported"
author	Salvatore Bonaccorso <carnil@debian.org>	2020-09-26 10:52:26 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-09-26 10:52:26 +0200
commit	8d6eac2346ca8fe2703170453cf5e22779a2fdec (patch)
tree	af074994b2f98973141e838d074ce1c52148afe5 /retired/CVE-2020-15780
parent	7772a03900735b97ac9eabc3116b4adb186cd850 (diff)