diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2022-01-28 15:31:11 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-01-29 11:56:16 +0100 |
commit | a11248be1b5396960a5cbecce19e0969740b2775 (patch) | |
tree | 9e4e6bf68cb09a4628ded06195034fdc9f6259c7 /data/CVE/list.2020 | |
parent | e203b5a0df113543addaaad06789a29774278857 (diff) |
buster/bullseye triage
Diffstat (limited to 'data/CVE/list.2020')
-rw-r--r-- | data/CVE/list.2020 | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 7d7edd4d6e..d423b2bebc 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -2561,7 +2561,7 @@ CVE-2020-35506 (A use-after-free vulnerability was found in the am53c974 SCSI ho [experimental] - qemu 1:6.0+dfsg-1~exp0 - qemu 1:6.0+dfsg-3 (bug #984454) [bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream) - [buster] - qemu <postponed> (Fix along in future DSA) + [buster] - qemu <not-affected> (Vulnerable code not present, FIFO support added later) [stretch] - qemu <postponed> (Fix along in future DLA) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1909996 NOTE: https://bugs.launchpad.net/qemu/+bug/1909247 @@ -2599,6 +2599,7 @@ CVE-2020-35503 (A NULL pointer dereference flaw was found in the megasas-gen2 SC [buster] - qemu <postponed> (Fix along in future DSA) [stretch] - qemu <postponed> (Fix along in future DLA) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1910346 + NOTE: No upstream patch as of 2022-01-28 CVE-2020-35502 (A flaw was found in Privoxy in versions before 3.0.29. Memory leaks wh ...) {DLA-2548-1} - privoxy 3.0.29-1 @@ -12919,6 +12920,7 @@ CVE-2020-25743 (hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer der [stretch] - qemu <postponed> (Fix along in future DLA) NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01568.html NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1 + NOTE: No upstream patch as of 2022-01-28 CVE-2020-25742 (pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL p ...) - qemu <unfixed> (bug #971390) [bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream) @@ -12926,6 +12928,7 @@ CVE-2020-25742 (pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a [stretch] - qemu <postponed> (Fix along in future DLA) NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1 + NOTE: No upstream patch as of 2022-01-28 CVE-2020-25741 (fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer d ...) - qemu <unfixed> (bug #970939) [bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream) @@ -12933,6 +12936,7 @@ CVE-2020-25741 (fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL poi [stretch] - qemu <postponed> (Fix along in future DLA) NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg07779.html NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Ffdc_nullptr1 + NOTE: No upstream patch as of 2022-01-28 CVE-2020-25740 RESERVED CVE-2020-25739 (An issue was discovered in the gon gem before gon-6.4.0 for Ruby. Mult ...) @@ -38360,6 +38364,7 @@ CVE-2020-14394 [infinite loop in xhci_ring_chain_length() in hw/usb/hcd-xhci.c] [stretch] - qemu <postponed> (Minor issue, privileged local DoS, low CVSS, no patch) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1908004 NOTE: https://gitlab.com/qemu-project/qemu/-/issues/646 + NOTE: No upstream patch as of 2022-01-28 CVE-2020-14393 (A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local ...) {DLA-2386-1} - libdbi-perl 1.643-1 |