Add CVE-2019-20422

author: Salvatore Bonaccorso <carnil@debian.org> 2020-01-27 09:36:54 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-01-27 09:36:54 +0100
commit: b60cc0b9728fed77d00da57265e88c5d309059b2 (patch)
tree: 814f7c9f81381f2bd317178a21dc34ba92811e0f
parent: a13790fcf28221990d00ab249215bebfcc082153 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2019-20422 b/active/CVE-2019-20422
new file mode 100644
index 00000000..e444ed3a
--- /dev/null
+++ b/active/CVE-2019-20422
@@ -0,0 +1,16 @@
+Description: ipv6: fix a typo in fib6_rule_lookup()
+References:
+Notes:
+ carnil> Commit fixes d64a1f5 ("ipv6: honor RT6_LOOKUP_F_DST_NOREF in
+ carnil> rule lookup logic") which is only present in 5.3-rc1 onwards.
+ carnil> Fix backported as well to 5.3.4. No Debian unstable release
+ carnil> ever affected, only experimental versions.
+Bugs:
+upstream: released (5.4-rc1) [7b09c2d052db4b4ad0b27b97918b46a7746966fa]
+4.19-upstream-stable: N/A "Vulnerable code introduced later"
+4.9-upstream-stable: N/A "Vulnerable code introduced later"
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+sid: N/A "Vulnerable code never present"
+4.19-buster-security: N/A "Vulnerable code introduced later"
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
author	Salvatore Bonaccorso <carnil@debian.org>	2020-01-27 09:36:54 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-01-27 09:36:54 +0100
commit	b60cc0b9728fed77d00da57265e88c5d309059b2 (patch)
tree	814f7c9f81381f2bd317178a21dc34ba92811e0f
parent	a13790fcf28221990d00ab249215bebfcc082153 (diff)