diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-12-06 08:16:04 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-12-06 08:16:04 +0100 |
commit | 78cc05244bc386c86c90d1d228b6aae7f8fd7063 (patch) | |
tree | 49416a655ac833ac14fda5760cfdac6712002ccf /retired/CVE-2021-3736 | |
parent | 3e30933ea1dbbcfb16b1de801ded18421d8ffeae (diff) |
Retire several CVEs
Diffstat (limited to 'retired/CVE-2021-3736')
-rw-r--r-- | retired/CVE-2021-3736 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2021-3736 b/retired/CVE-2021-3736 new file mode 100644 index 00000000..de49c62b --- /dev/null +++ b/retired/CVE-2021-3736 @@ -0,0 +1,19 @@ +Description: uninitialized kernel stack may lead to information disclosure +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1995570 +Notes: + carnil> As of 2021-11-04 no further information yet provided in + carnil> RHBZ#1995570. The description reads as "A memory leak problem + carnil> was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in + carnil> Virtual Function I/O (VFIO) Mediated devices. This flaw could + carnil> allow a local attacker to leak internal kernel information." + carnil> and so relates to changes in samples/vfio-mdev/mbochs.c . +Bugs: +upstream: released (5.15-rc1) [de5494af4815a4c9328536c72741229b7de88e7f] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +4.9-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.14.6-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" +4.9-stretch-security: N/A "Vulnerable code not present" |