From 33e4a57f220e2c17205e74bc83292e9ffdce03b9 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 5 Mar 2020 23:00:11 +0100
Subject: two kernel issues from Android bulletin

---
 active/CVE-2020-0040 | 15 +++++++++++++++
 active/CVE-2020-0041 | 13 +++++++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 active/CVE-2020-0040
 create mode 100644 active/CVE-2020-0041

diff --git a/active/CVE-2020-0040 b/active/CVE-2020-0040
new file mode 100644
index 00000000..c23175ee
--- /dev/null
+++ b/active/CVE-2020-0040
@@ -0,0 +1,15 @@
+Description: tcp: Clear sk_send_head after purging the write queue
+References:
+ https://source.android.com/security/bulletin/2020-03-01
+ https://android.googlesource.com/kernel/common/+/3ed1460d6b17326093eb657afa89a7274e444a32%5E%21/#F0
+Notes:
+ jmm> For 4.9.x broken backport was added in 4.9.103
+Bugs:
+upstream: N/A
+4.19-upstream-stable: N/A 
+4.9-upstream-stable:
+3.16-upstream-stable:
+sid: N/A
+4.19-buster-security: N/A
+4.9-stretch-security:
+3.16-jessie-security:
diff --git a/active/CVE-2020-0041 b/active/CVE-2020-0041
new file mode 100644
index 00000000..2dded6db
--- /dev/null
+++ b/active/CVE-2020-0041
@@ -0,0 +1,13 @@
+Description: binder: fix incorrect calculation for num_valid
+References:
+ https://source.android.com/security/bulletin/2020-03-01
+Notes:
+Bugs:
+upstream: released (v5.5-rc2) [16981742717b04644a41052570fb502682a315d2]
+4.19-upstream-stable:
+4.9-upstream-stable:
+3.16-upstream-stable:
+sid:
+4.19-buster-security:
+4.9-stretch-security:
+3.16-jessie-security:
-- 
cgit v1.2.3