Retire inactive issues

author: Ben Hutchings <ben@decadent.org.uk> 2021-03-08 20:18:52 +0100
committer: Ben Hutchings <ben@decadent.org.uk> 2021-03-08 20:18:52 +0100
commit: 98c89c9cafdb543a53d4d1facda0b4978529ed03 (patch)
tree: 042b5fad109278f6d6bfe0b733140efa0ab358d3 /retired/CVE-2020-27815
parent: eecab8d3544d7c02d296a4c2171853f9b8f10f07 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2020-27815 b/retired/CVE-2020-27815
new file mode 100644
index 00000000..05f962c1
--- /dev/null
+++ b/retired/CVE-2020-27815
@@ -0,0 +1,19 @@
+Description: jfs: array-index-out-of-bounds in dbAdjTree
+References:
+ https://lore.kernel.org/lkml/CAFcO6XN=cd=_K_2AY9OL7f+HWsazY-nJ81Ufrw4azvkjj-Mpng@mail.gmail.com/
+ https://www.openwall.com/lists/oss-security/2020/11/30/5
+ https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c
+Notes:
+ bwh> Based on the fix, this looks like it will be harmless in practice.
+ bwh> There are two arrays of different sizes aliased to each other
+ bwh> through a union, and the smaller array is used when the larger
+ bwh> should be.  But the union will always be big enough to hold the
+ bwh> larger array.
+Bugs:
+upstream: released (5.11-rc1) [c61b3e4839007668360ed8b87d7da96d2e59fc6c]
+5.10-upstream-stable: released (5.10.4) [c2032bf94ba4fb15db0c277614338d377fe430d2]
+4.19-upstream-stable: released (4.19.164) [c7e31b2fecfe0ebd5bd6a8274b2fbfb9c9401738]
+4.9-upstream-stable: released (4.9.249) [2c7c903caef18d45bac879557861656aa30b8933]
+sid: released (5.10.4-1)
+4.19-buster-security: released (4.19.171-1)
+4.9-stretch-security: released (4.9.258-1)
author	Ben Hutchings <ben@decadent.org.uk>	2021-03-08 20:18:52 +0100
committer	Ben Hutchings <ben@decadent.org.uk>	2021-03-08 20:18:52 +0100
commit	98c89c9cafdb543a53d4d1facda0b4978529ed03 (patch)
tree	042b5fad109278f6d6bfe0b733140efa0ab358d3 /retired/CVE-2020-27815
parent	eecab8d3544d7c02d296a4c2171853f9b8f10f07 (diff)