diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-25 10:04:53 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-25 10:04:53 +0200 |
commit | 1551e196a8e81a3b331ab17423d27d631d1cb851 (patch) | |
tree | ce9f0833c4a00170114a8c4d0c354765d8338fae /retired/CVE-2021-3739 | |
parent | eec038484cae567fc5d43f9502072a555ac272cd (diff) |
Retire some CVEs
Diffstat (limited to 'retired/CVE-2021-3739')
-rw-r--r-- | retired/CVE-2021-3739 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2021-3739 b/retired/CVE-2021-3739 new file mode 100644 index 00000000..5d63ffae --- /dev/null +++ b/retired/CVE-2021-3739 @@ -0,0 +1,19 @@ +Description: btrfs: fix NULL pointer dereference when deleting device by invalid id +References: + https://www.openwall.com/lists/oss-security/2021/08/25/3 + https://lore.kernel.org/linux-btrfs/CAFcO6XO5TC5sEo-C9JGC75JkNAzkOSSLA3a=bwQqXFFbRTZ7Gw@mail.gmail.com/T/#md4b850f33616b7364f86e6fed144abc925f3669c + https://lore.kernel.org/linux-btrfs/20210806102415.304717-1-wqu@suse.com/T/#u + https://bugzilla.redhat.com/show_bug.cgi?id=1997958 +Notes: + carnil> Commit fixes a27a94c2b0c7 ("btrfs: Make + carnil> btrfs_find_device_by_devspec return btrfs_device directly") in + carnil> 4.20-rc1. +Bugs: +upstream: released (5.15-rc1) [e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091] +5.10-upstream-stable: released (5.10.62) [c43add24dffdbac269d5610465ced70cfc1bad9e] +4.19-upstream-stable: N/A "Vulnerable code introduced later" +4.9-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (5.14.6-1) +5.10-bullseye-security: released (5.10.46-5) [bugfix/all/btrfs-fix-NULL-pointer-dereference-when-deleting-dev.patch] +4.19-buster-security: N/A "Vulnerable code introduced later" +4.9-stretch-security: N/A "Vulnerable code introduced later" |