blob: f6b9289bfd5e804d54e29f672492b770e3e2616d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Description: tcp: Clear sk_send_head after purging the write queue
References:
https://source.android.com/security/bulletin/2020-03-01
https://android.googlesource.com/kernel/common/+/3ed1460d6b17326093eb657afa89a7274e444a32%5E%21/#F0
Notes:
jmm> For 4.9.x broken backport was added in 4.9.103
carnil> This is actually a duplicate of CVE-2019-15239, will contact
carnil> Android security team to get the CVE sorted out and potentially
carnil> rejected.
carnil> Android security team confirmed the duplicate assignment and
carnil> will update the bulletin to refer to CVE-2019-15239 instead.
carnil> CVE should be rejected in week of 2020-03-09.
Bugs:
upstream: N/A "Vulnerability never present"
4.19-upstream-stable: N/A "Vulnerability never present"
4.9-upstream-stable: released (4.9.187) [704533394e488a109fe46ab3693315376c3824d5]
3.16-upstream-stable: released (3.16.73) [3157fbc900bdb366b2186e5a6e506cc5e4697cf0]
sid: N/A "Vulnerability never present"
4.19-buster-security: N/A "Vulnerability never present"
4.9-stretch-security: released (4.9.168-1+deb9u5) [bugfix/all/tcp-clear-sk_send_head-after-purging-the-write-queue.patch]
3.16-jessie-security: released (3.16.72-1) [bugfix/all/tcp-clear-sk_send_head-after-purging-the-write-queue.patch]
|
