From 93de5213f823699f52a1946f69c44098eccc9276 Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk>
Date: Wed, 18 Mar 2020 21:46:46 +0000
Subject: Add CVE-2019-15794 for aufs/overlayfs interaction

---
 active/CVE-2019-15794 | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 active/CVE-2019-15794

diff --git a/active/CVE-2019-15794 b/active/CVE-2019-15794
new file mode 100644
index 00000000..9eaa5087
--- /dev/null
+++ b/active/CVE-2019-15794
@@ -0,0 +1,16 @@
+Description: Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs
+References:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15794
+ https://usn.ubuntu.com/usn/usn-4208-1
+ https://usn.ubuntu.com/usn/usn-4209-1
+ https://bugs.launchpad.net/bugs/1850994
+Notes:
+Bugs:
+upstream: N/A "introduced by aufs support patch"
+4.19-upstream-stable: N/A "introduced by aufs support patch"
+4.9-upstream-stable: N/A "introduced by aufs support patch"
+3.16-upstream-stable: N/A "introduced by aufs support patch"
+sid: needed
+4.19-buster-security: needed
+4.9-stretch-security: N/A "overlayfs passes through mmap"
+3.16-jessie-security: N/A "overlayfs not present"
-- 
cgit v1.2.3