From 872d8bb0a40122543fa1d1a65aea8dedd96085e5 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 18 Oct 2020 17:06:00 +0200
Subject: Add draft for 4.19.152-1 upload

---
 dsa-texts/4.19.152-1 | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 dsa-texts/4.19.152-1

diff --git a/dsa-texts/4.19.152-1 b/dsa-texts/4.19.152-1
new file mode 100644
index 00000000..49351deb
--- /dev/null
+++ b/dsa-texts/4.19.152-1
@@ -0,0 +1,45 @@
+Package: linux
+CVE ID: CVE-2020-12351 CVE-2020-12352 CVE-2020-25211 CVE-2020-25643 CVE-2020-25645
+
+Several vulnerabilities have been discovered in the Linux kernel that
+may lead to a privilege escalation, denial of service or information
+leaks.
+
+CVE-2020-12351
+
+    Andy Nguyen discovered a flaw in the Bluetooth implementation in the
+    way L2CAP packets with A2MP CID are handled. A remote attacker in
+    short distance knowing the victim's bd address can send a malicious
+    l2cap packet and cause denial of service or possibly arbitrary code
+    execution with kernel privileges.
+
+CVE-2020-12352
+
+    Andy Nguyen discovered flaw in the Bluetooth implementation. Stack
+    memory is not properly initialised when handling certain AMP
+    packets. A remote attacker in short distance knowing the victim's bd
+    address can retrieve kernel stack information.
+
+CVE-2020-25211
+
+    A flaw was discovered in netfilter subsystem. A local attacker able
+    to inject conntrack netlink configuration can take advantage of this
+    flaw to cause a denial of service or trigger use of of incorrect
+    protocol numbers.
+
+CVE-2020-25643
+
+    ChenNan Of Chaitin Security Research Lab discovered a flaw in the
+    hdlc_ppp module. Improper input validation in the ppp_cp_parse_cr
+    function leads to memory corruption and read overflow.
+
+CVE-2020-25645
+
+    A flaw was discovered in the interface driver for GENEVE
+    encapsulated traffic when combined with IPsec. When IPsec is
+    configured to encrypt traffic for the specific UDP port used by the
+    GENEVE tunnel, tunneled data isn't correctly routed over the
+    encrypted link and sent unencrypted instead.
+
+The vulnerabilities are fixed by rebasing to the new
+stable upstream version 4.19.152 which includes additional bugfixes.
-- 
cgit v1.2.3