Add CVE-2021-3409 assigned by Red Hat

The two CVEs CVE-2020-25085 and CVE-2020-17380 caused some confusion in other distros fixes, cf. https://bugzilla.redhat.com/show_bug.cgi?id=1862167#c11 and following and a new CVE was assigned to cover the incomplete fix for CVE-2020-17380/CVE-2020-25085 part.
author: Salvatore Bonaccorso <carnil@debian.org> 2021-02-12 16:29:53 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-02-12 16:32:12 +0100
commit: 7f0e477f8a9e9af405eea7f62cd313d96aa5adb2 (patch)
tree: 2cea6ba3bc7f372dd2ede450124af3abfab56dd2
parent: 07f0943d6f34a3494df016838f165d4ca5e5f270 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 0cbb71f240..b77c748f81 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -20583,3 +20583,6 @@ CVE-2021-0002
 	RESERVED
 CVE-2021-0001
 	RESERVED
+CVE-2021-3409 [sdhci: incomplete fix for CVE-2020-17380/CVE-2020-25085]
+	- qemu <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1928146
author	Salvatore Bonaccorso <carnil@debian.org>	2021-02-12 16:29:53 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-02-12 16:32:12 +0100
commit	7f0e477f8a9e9af405eea7f62cd313d96aa5adb2 (patch)
tree	2cea6ba3bc7f372dd2ede450124af3abfab56dd2
parent	07f0943d6f34a3494df016838f165d4ca5e5f270 (diff)