Add CVE-2022-0485/libnbd

author: Salvatore Bonaccorso <carnil@debian.org> 2022-02-09 09:20:28 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-02-09 09:20:28 +0100
commit: 910959d6c9c3e06281bb4f1c189f3798f58b2c70 (patch)
tree: 5164b8068537874b4db05d5603d8dca66d2d8ffa
parent: f49f7828c61554712413e60c7ad2a66bf4fb6bb5 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index b89cd53abe..fe3dfae45b 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -768,8 +768,12 @@ CVE-2022-0487 (A use-after-free vulnerability was found in rtsx_usb_ms_drv_remov
 	NOTE: https://lore.kernel.org/all/20220114075934.302464-1-gregkh@linuxfoundation.org/
 CVE-2022-0486
 	RESERVED
-CVE-2022-0485
+CVE-2022-0485 [nbdcopy: missing error handling may create corrupted destination image]
 	RESERVED
+	- libnbd <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2050324
+	NOTE: Fixed by: https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb
+	NOTE: https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html
 CVE-2022-0484 (Lack of validation of URLs causes Mirantis Container Cloud Lens Extens ...)
 	TODO: check
 CVE-2022-0483
author	Salvatore Bonaccorso <carnil@debian.org>	2022-02-09 09:20:28 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-02-09 09:20:28 +0100
commit	910959d6c9c3e06281bb4f1c189f3798f58b2c70 (patch)
tree	5164b8068537874b4db05d5603d8dca66d2d8ffa
parent	f49f7828c61554712413e60c7ad2a66bf4fb6bb5 (diff)