Retire two CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2020-08-03 09:20:13 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-08-03 09:20:13 +0200
commit: 85d32caf8b8a99762a04416d7f237d4805b7d3fc (patch)
tree: 40e5a267d8b6d20269d4e14d6ab895b50462ece6 /retired/CVE-2019-18814
parent: 2150fdf2e45e30d8de140867264adc9734e285cc (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2019-18814 b/retired/CVE-2019-18814
new file mode 100644
index 00000000..f6d04370
--- /dev/null
+++ b/retired/CVE-2019-18814
@@ -0,0 +1,15 @@
+Description: apparmor: Fix use-after-free in aa_audit_rule_init
+References:
+ https://lore.kernel.org/patchwork/patch/1142523/
+Notes:
+ bwh> Introduced in 4.18 by commit 52e8c38001d8 "apparmor: Fix memory leak of
+ bwh> rule on error exit path".
+Bugs:
+upstream: released (5.7-rc7) [c54d481d71c6849e044690d3960aaebc730224cc]
+4.19-upstream-stable: released (4.19.125) [f1738ae012a106c6c8fa7d33ed47fb478d9d3c75]
+4.9-upstream-stable: N/A "Vulnerability introduced later"
+3.16-upstream-stable: N/A "Vulnerability introduced later"
+sid: released (5.7.6-1)
+4.19-buster-security: released (4.19.131-1)
+4.9-stretch-security: N/A "Vulnerability introduced later"
+3.16-jessie-security: N/A "Vulnerability introduced later"
author	Salvatore Bonaccorso <carnil@debian.org>	2020-08-03 09:20:13 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-08-03 09:20:13 +0200
commit	85d32caf8b8a99762a04416d7f237d4805b7d3fc (patch)
tree	40e5a267d8b6d20269d4e14d6ab895b50462ece6 /retired/CVE-2019-18814
parent	2150fdf2e45e30d8de140867264adc9734e285cc (diff)