diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2019-11-27 21:17:22 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2019-11-27 21:17:22 +0100 |
commit | 9e9d9fe4f26730fbbe24bd84a8e0e6dc3ac074f0 (patch) | |
tree | 38bd0db8c865d0c09f63bdb8cd56142e79363319 /active/CVE-2019-10220 | |
parent | 36d27121012e8859bf6b830b33bf07759d246f86 (diff) |
Add CVE-2019-10220
Diffstat (limited to 'active/CVE-2019-10220')
-rw-r--r-- | active/CVE-2019-10220 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/active/CVE-2019-10220 b/active/CVE-2019-10220 new file mode 100644 index 000000000..93f1bdea1 --- /dev/null +++ b/active/CVE-2019-10220 @@ -0,0 +1,19 @@ +Description: CIFS: Relative paths injection in directory entry lists +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1741727 + https://bugzilla.suse.com/show_bug.cgi?id=1144903 + https://bugzilla.samba.org/show_bug.cgi?id=14072 +Notes: + carnil> Needed a followup c512c6918719 ("uaccess: implement a proper + carnil> unsafe_copy_to_user() and switch filldir over to it"), cf. + carnil> https://lore.kernel.org/linux-fsdevel/20191006222046.GA18027@roeck-us.net/ + carnil> which landed in 5.4-rc3. +Bugs: +upstream: released (5.4-rc2) [9f79b78ef74436c7507bac6bfb7b8b989263bccb, 8a23eb804ca4f2be909e372cf5a9e7b30ae476cd +4.19-upstream-stable: +4.9-upstream-stable: +3.16-upstream-stable: +sid: +4.19-buster-security: +4.9-stretch-security: +3.16-jessie-security: |