Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2021-06-08 11:23:17 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-06-08 11:23:17 +0200
commit: 7822fcebfc5f2ce8fc34e12ab6fcba56f671999b (patch)
tree: e031946d57aec99f9e5aa7cab714bd14f531b228 /retired/CVE-2020-36386
parent: 933438ac3d691a25f8b29f2f66f1a3fef5215c98 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2020-36386 b/retired/CVE-2020-36386
new file mode 100644
index 00000000..6334f79a
--- /dev/null
+++ b/retired/CVE-2020-36386
@@ -0,0 +1,14 @@
+Description: Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
+References:
+ https://sites.google.com/view/syzscope/kasan-slab-out-of-bounds-read-in-hci_extended_inquiry_result_evt
+ https://syzkaller.appspot.com/bug?id=4bf11aa05c4ca51ce0df86e500fce486552dc8d2
+ https://syzkaller.appspot.com/text?tag=ReproC&x=15ca2f46900000
+Notes:
+Bugs:
+upstream: released (5.9-rc1) [51c19bf3d5cfaa66571e4b88ba2a6f6295311101]
+5.10-upstream-stable: N/A "Fixed before branching point"
+4.19-upstream-stable: released (4.19.139) [8c4a649c20fec015ebb326f36b47d4e39d9ff5b7]
+4.9-upstream-stable: released (4.9.233) [aea77913022bbd0194feb33720d9bca8b6b26f9a]
+sid: released (5.7.17-1) 
+4.19-buster-security: released (4.19.146-1)
+4.9-stretch-security: released (4.9.240-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-06-08 11:23:17 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-06-08 11:23:17 +0200
commit	7822fcebfc5f2ce8fc34e12ab6fcba56f671999b (patch)
tree	e031946d57aec99f9e5aa7cab714bd14f531b228 /retired/CVE-2020-36386
parent	933438ac3d691a25f8b29f2f66f1a3fef5215c98 (diff)