diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-08-19 12:59:40 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-08-19 12:59:40 +0100 |
commit | c0ec86e76aff965bc968141f1f433f88a2c4af98 (patch) | |
tree | 5eb0debfcc9062dc8ce92a9469b471cc344c4fcc /retired/CVE-2019-10207 | |
parent | 1ad723f6597479af484c1ca867ccc3c04944a1dd (diff) |
Retire inactive issues
Diffstat (limited to 'retired/CVE-2019-10207')
-rw-r--r-- | retired/CVE-2019-10207 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2019-10207 b/retired/CVE-2019-10207 new file mode 100644 index 00000000..9ce031ae --- /dev/null +++ b/retired/CVE-2019-10207 @@ -0,0 +1,19 @@ +Description: bluetooth: hci_uart: 0x0 address execution as nonprivileged user +References: + https://www.openwall.com/lists/oss-security/2019/07/25/1 + https://lore.kernel.org/linux-bluetooth/20190725120909.31235-1-vdronov@redhat.com/T/#u +Notes: + bwh> For hci_ath, this was introduced in Linux 2.6.36 by commit + bwh> b3190df62861 "Bluetooth: Support for Atheros AR300x serial chip". + bwh> For hci_uart, this was introduced in Linux 4.2 by commit + bwh> 2a973dfada2b "Bluetooth: hci_uart: Add new line discipline + bwh> enhancements". +Bugs: +upstream: released (5.3-rc3) [b36a1552d7319bbfd5cf7f08726c23c5c66d4f73] +4.19-upstream-stable: released (4.19.64) [56966212e23f82ced10831f7cca02f7339147428] +4.9-upstream-stable: released (4.9.187) [58a01b0bd8ea5fddb51d4d854bb149a1a7312c12] +3.16-upstream-stable: released (3.16.72) [ebb8302ce770e8c455d9209cb598f4cd03021e42] +sid: released (5.2.6-1) +4.19-buster-security: released (4.19.37-5+deb10u2) [bugfix/all/Bluetooth-hci_uart-check-for-missing-tty-operations.patch] +4.9-stretch-security: released (4.9.168-1+deb9u5) [bugfix/all/bluetooth-hci_uart-check-for-missing-tty-operations.patch] +3.16-jessie-security: released (3.16.72-1) |