From: "Pavel Machek" <pavel@denx.de>
To: cip-dev@lists.cip-project.org
Subject: [cip-dev] CVE entries added to our database this week
Date: Thu, 3 Jun 2021 10:34:49 +0200 [thread overview]
Message-ID: <20210603083448.GA19005@amd> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 1522 bytes --]
Hi!
I tried to get a list of new CVE entries that are not yet in our
databases... and this is the result.
Many of the issues are pretty old, and I'm not sure how to search for
patches fixing each issue, so this may not be too useful.
Best regards,
Pavel
* 2021-06-01
CVE-2005-3660 -- 0 -- DoS with memory consumed by file descriptors.
CVE-2007-3719 -- 0 -- DoS with process scheduler.
CVE-2008-2544 -- /proc is suprisingly rw
CVE-2008-4609 -- cross platform TCP DoS.
CVE-2010-4563 -- allows detection of tcpdump / sniffing
CVE-2010-5321 -- 1 -- old DoS in video4linux
CVE-2011-4917 -- "Minor info leak, unlikely to be fixed upstream"
CVE-2012-4542 -- 1 -- scsi SG IO ioctl allows surprising access
CVE-2015-2877 -- 0 -- samepage merging may break ASLR
CVE-2020-0347 -- 2 -- iptables bounds check
CVE-2020-26555 CVE-2020-26558 -- BR/EDR pin code pairing broken
CVE-2020-26556 CVE-2020-26557 CVE-2020-26559 CVE-2020-26560 -- bluetooth mesh
CVE-2021-22543 -- KVM memory not read only
CVE-2015-1350 -- 3 -- DoS allowing unpriviledged users to remove capabilities, sounds nasty?
CVE-2015-8952 -- DoS on ext2/4 + ceph + samba
CVE-2016-5728 -- 3 -- drivers/misc/mic/vop/vop_vringh.c in the MIC VOP
CVE-2018-9465 -- binder use after free (from 2018?)
CVE-2019-2025 -- binder use after free
CVE-2020-0435 -- Bad candidate number.
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
[-- Attachment #1.2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
[-- Attachment #2: Type: text/plain, Size: 428 bytes --]
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6491): https://lists.cip-project.org/g/cip-dev/message/6491
Mute This Topic: https://lists.cip-project.org/mt/83279214/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-
reply other threads:[~2021-06-03 8:34 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210603083448.GA19005@amd \
--to=pavel@denx.de \
--cc=cip-dev@lists.cip-project.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox