From 322eaf84fa0d24cdfa4acc99ff4a8d5635ab0654 Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk>
Date: Fri, 25 Feb 2022 02:54:22 +0100
Subject: Fill in status for most issues

---
 active/CVE-2019-19814 | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

(limited to 'active/CVE-2019-19814')

diff --git a/active/CVE-2019-19814 b/active/CVE-2019-19814
index c7209ed84..f57184d6c 100644
--- a/active/CVE-2019-19814
+++ b/active/CVE-2019-19814
@@ -1,15 +1,17 @@
-Description:
+Description: f2fs: Heap out-of-bounds write in __remove_dirty_segment()
 References:
  https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814
 Notes:
+ bwh> __remove_dirty_segment() needs to range-check the variable t
+ bwh> in the same way __locate_dirty_segment() does.
 Bugs:
-upstream:
-5.10-upstream-stable:
-4.19-upstream-stable:
-4.9-upstream-stable:
+upstream: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+4.9-upstream-stable: needed
 3.16-upstream-stable: ignored "EOL"
-sid:
-5.10-bullseye-security:
-4.19-buster-security:
-4.9-stretch-security:
+sid: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
+4.9-stretch-security: ignored "f2fs is not supportable"
 3.16-jessie-security: ignored "EOL"
-- 
cgit v1.2.3