Add CVE-2021-399{8,9}/glibc

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-14 06:10:53 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-14 06:10:53 +0100
commit: 5b9488095ece90e14de54d7c0e38b6a6526681f9 (patch)
tree: 6c70e9d3159c4118793936f3332c5d8dfcda102c /data/CVE/list.2021
parent: 6b8f569d2b3b20322a3e57dbff45213f98d5ee32 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 88d813e710..a5c192cab9 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -5704,10 +5704,15 @@ CVE-2021-4001 [race condition when the EBPF map is frozen]
 	NOTE: https://git.kernel.org/linus/353050be4c19e102178ccc05988101887c25ae53
 CVE-2021-4000 (showdoc is vulnerable to URL Redirection to Untrusted Site ...)
 	NOT-FOR-US: showdoc
-CVE-2021-3999
+CVE-2021-3999 [Off-by-one buffer overflow/underflow in getcwd()]
 	RESERVED
-CVE-2021-3998
+	- glibc <unfixed>
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28769
+CVE-2021-3998 [Unexpected return value from realpath() for too long results]
 	RESERVED
+	- glibc <unfixed>
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28770
+	NOTE: https://patchwork.sourceware.org/project/glibc/patch/20220113055920.3155918-1-siddhesh@sourceware.org/
 CVE-2021-3997 [Uncontrolled recursion in systemd's systemd-tmpfiles]
 	RESERVED
 	- systemd 250.2-1 (bug #1003467)
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-14 06:10:53 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-14 06:10:53 +0100
commit	5b9488095ece90e14de54d7c0e38b6a6526681f9 (patch)
tree	6c70e9d3159c4118793936f3332c5d8dfcda102c /data/CVE/list.2021
parent	6b8f569d2b3b20322a3e57dbff45213f98d5ee32 (diff)