[Git][cip-project/cip-kernel/cip-kernel-sec][master] Import more data


Agustin Benito Bethencourt
 

Ben Hutchings pushed to branch master at cip-project / cip-kernel / cip-kernel-sec

Commits:

  • 87656eff
    by Ben Hutchings at 2019-07-22T20:09:29Z
    Import more data
    

5 changed files:

Changes:

  • issues/CVE-2019-10126.yml
    ... ... @@ -5,6 +5,9 @@ references:
    5 5
     - https://marc.info/?l=oss-security&m=155965912410053&w=2
    
    6 6
     fixed-by:
    
    7 7
       linux-3.16.y: [a62393d7eb63bd075c51154002825cc7ab4dd3eb]
    
    8
    +  linux-4.14.y: [b1459fb34061337efbf0d47a3ba6208f2f59829d]
    
    8 9
       linux-4.19.y: [c7e427e28a3a2d1b89b8f9fa7c3f559774d91a7b]
    
    10
    +  linux-4.4.y: [3a611df229a90247c9a5159d136c60f4008c29a2]
    
    11
    +  linux-4.9.y: [f70d411e2ecd1f8297e1fd7e91108ca220986784]
    
    9 12
       linux-5.1.y: [e9111176d9c195ba709245f1bf1d3d1dae5cd22a]
    
    10 13
       mainline: [69ae4f6aac1578575126319d3f55550e7e440449]

  • issues/CVE-2019-13272.yml
    1
    +description: 'ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME'
    
    2
    +references:
    
    3
    +- https://bugzilla.suse.com/show_bug.cgi?id=1140671
    
    4
    +- https://bugs.chromium.org/p/project-zero/issues/detail?id=1903
    
    5
    +- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13272
    
    6
    +- http://packetstormsecurity.com/files/153663/Linux-PTRACE_TRACEME-Broken-Permission-Object-Lifetime-Handling.html
    
    7
    +- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994eefb0053799d2e07cd140df6c2ea106c41ee
    
    8
    +- https://bugzilla.redhat.com/show_bug.cgi?id=1730895
    
    9
    +comments:
    
    10
    +  Debian-carnil: |-
    
    11
    +    64b875f7ac8a ("ptrace: Capture the ptracer's creds not
    
    12
    +    PT_PTRACE_CAP") which is in 4.10 was backported to older stable
    
    13
    +    series as well, got included in v4.9.32
    
    14
    +reporters:
    
    15
    +- Jann Horn
    
    16
    +introduced-by:
    
    17
    +  linux-3.16.y: [d55a94ed03a24794d47f80d5300825f6c095a0a7]
    
    18
    +  linux-4.4.y: [1c1f15f8ebfbd5042883a1c9ae4b18a6299c9c5f]
    
    19
    +  linux-4.4.y-cip: [1c1f15f8ebfbd5042883a1c9ae4b18a6299c9c5f]
    
    20
    +  linux-4.4.y-cip-rt: [1c1f15f8ebfbd5042883a1c9ae4b18a6299c9c5f]
    
    21
    +  linux-4.9.y: [e747b4ae3b6bca205d82e86366e140cdcbfb7731]
    
    22
    +  mainline: [64b875f7ac8a5d60a4e191479299e931ee949b67]
    
    23
    +fixed-by:
    
    24
    +  linux-4.14.y: [bf71ef9655d25e8b275ec6ed649b6bd719231ddc]
    
    25
    +  linux-4.19.y: [54435b7fff7bfb9515cc457b71c3734c1c3fff76]
    
    26
    +  linux-4.19.y-cip: [54435b7fff7bfb9515cc457b71c3734c1c3fff76]
    
    27
    +  linux-4.4.y: [54562d2b0be5c120b01c8bb94baef1aca37fd329]
    
    28
    +  linux-4.4.y-cip: [54562d2b0be5c120b01c8bb94baef1aca37fd329]
    
    29
    +  linux-4.4.y-cip-rt: [54562d2b0be5c120b01c8bb94baef1aca37fd329]
    
    30
    +  linux-4.9.y: [d8b99303da935228a33fa7656a964adfb33e271b]
    
    31
    +  linux-5.1.y: [49887fc3f2a7e6185777af3a9c96095aeb2bce1b]
    
    32
    +  mainline: [6994eefb0053799d2e07cd140df6c2ea106c41ee]

  • issues/CVE-2019-13631.yml
    1
    +description: 'Input: gtco - bounds check collection indent level'
    
    2
    +references:
    
    3
    +- https://patchwork.kernel.org/patch/11040813/
    
    4
    +- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13631
    
    5
    +introduced-by:
    
    6
    +  mainline: [a19ceb56cbd1e1beff3e9cf6042e1f31f6487aa6]
    
    7
    +fixed-by:
    
    8
    +  mainline: [2a017fd82c5402b3c8df5e3d6e5165d9e6147dc1]

  • issues/CVE-2019-13648.yml
    1
    +description: 'powerpc/tm: Fix oops on sigreturn on systems without TM'
    
    2
    +references:
    
    3
    +- https://patchwork.ozlabs.org/patch/1133904/
    
    4
    +- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13648

  • issues/CVE-2019-3846.yml
    ... ... @@ -9,6 +9,9 @@ introduced-by:
    9 9
       mainline: [5e6e3a92b9a4c9416b17f468fa5c7fa2233b8b4e]
    
    10 10
     fixed-by:
    
    11 11
       linux-3.16.y: [a24ac7326f38ffab2b63141496d075da144cec7d]
    
    12
    +  linux-4.14.y: [d50f6b58d7ad30ad8e96c0bbc3e5ecfe9b91ba77]
    
    12 13
       linux-4.19.y: [d4c0f752c1d2c6383cc7582c19b2ed7159d45937]
    
    14
    +  linux-4.4.y: [5d43b417e60ab25984fc7c41175f3ce8cee992bd]
    
    15
    +  linux-4.9.y: [58ec3690a908494f7a7c3e8a302eb491bef9d979]
    
    13 16
       linux-5.1.y: [cb48f5e50582bf44f63599b78941b325a17fa1ec]
    
    14 17
       mainline: [13ec7f10b87f5fc04c4ccbd491c94c7980236a74]

  • Join cip-dev@lists.cip-project.org to automatically receive all group messages.