From bf91825a37695e9c42195be41b6287f305ce2032 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 19 Sep 2020 20:25:05 +0200 Subject: Sync some CVE information with kernel-sec --- data/CVE/list | 3 +++ 1 file changed, 3 insertions(+) (limited to 'data/CVE/list') diff --git a/data/CVE/list b/data/CVE/list index 1b1b3a95f6..330f299130 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -20537,6 +20537,7 @@ CVE-2020-15779 (A Path Traversal issue was discovered in the socket.io-file pack NOT-FOR-US: Node socket.io-file CVE-2020-15780 (An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux k ...) - linux 5.7.10-1 + [stretch] - linux (securelevel included but not supported) NOTE: https://www.openwall.com/lists/oss-security/2020/06/15/3 NOTE: Fixed by: https://git.kernel.org/linus/75b0cea7bf307f362057cc778efe89af4c615354 CVE-2020-15778 (scp in OpenSSH through 8.3p1 allows command injection in scp.c remote ...) @@ -20771,6 +20772,7 @@ CVE-2020-15687 (Missing access control restrictions in the Hypervisor component CVE-2019-20908 (An issue was discovered in drivers/firmware/efi/efi.c in the Linux ker ...) - linux 5.2.6-1 [buster] - linux 4.19.132-1 + [stretch] - linux (securelevel included but not supported) NOTE: https://www.openwall.com/lists/oss-security/2020/06/14/1 NOTE: Fixed by: https://git.kernel.org/linus/1957a85b0032a81e6482ca4aab883643b8dae06e CVE-2019-20907 (In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ...) @@ -54768,6 +54770,7 @@ CVE-2020-3110 (A vulnerability in the Cisco Discovery Protocol implementation fo NOT-FOR-US: Cisco CVE-2019-19770 (** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free ...) - linux 5.7.17-1 + [stretch] - linux (Vulnerability introduced later) NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=205713 CVE-2019-19769 (In the Linux kernel 5.3.10, there is a use-after-free (read) in the pe ...) - linux 5.5.13-1 -- cgit v1.2.3