Add CVE-2020-14305

author: Salvatore Bonaccorso <carnil@debian.org> 2020-06-25 09:24:59 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-06-25 09:24:59 +0200
commit: dc77fe06c0f543ed6bfab3f6326c9bfc9a2a0e59 (patch)
tree: 2d5f6a080d1890d804dded5fe7f77bad5195aa77
parent: 9baec2e987771cebe1e8de94dd002a6502befc1c (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2020-14305 b/active/CVE-2020-14305
new file mode 100644
index 00000000..2b20ba37
--- /dev/null
+++ b/active/CVE-2020-14305
@@ -0,0 +1,17 @@
+Description: netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1850716
+ https://patchwork.ozlabs.org/project/netfilter-devel/patch/c2385b5c-309c-cc64-2e10-a0ef62897502@virtuozzo.com/
+Notes:
+ carnil> In mainline the problem went away after commit 9f0f3ebeda47
+ carnil> ("netfilter: helpers: remove data_len usage
+for inkernel helpers") in 4.12-rc1.
+Bugs:
+upstream: released (4.12-rc1) [9f0f3ebeda47a5518817f33c40f6d3ea9c0275b8]
+4.19-upstream-stable: N/A "Fixed before branching point"
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+sid: released (4.12.6-1)
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: needed
+3.16-jessie-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2020-06-25 09:24:59 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-06-25 09:24:59 +0200
commit	dc77fe06c0f543ed6bfab3f6326c9bfc9a2a0e59 (patch)
tree	2d5f6a080d1890d804dded5fe7f77bad5195aa77
parent	9baec2e987771cebe1e8de94dd002a6502befc1c (diff)