Add CVE-2022-1280

author: Salvatore Bonaccorso <carnil@debian.org> 2022-04-13 08:53:12 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-04-13 08:53:12 +0200
commit: d4610c9c1ef999f1a6b4f27ea43e5a625fde253b (patch)
tree: 8e68fb293e3bc463981bc013703468067ca28176 /active/CVE-2022-1280
parent: e8d4a24f8dd386aaac414b9ec4d28d7ca147aa02 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/active/CVE-2022-1280 b/active/CVE-2022-1280
new file mode 100644
index 00000000..9a74d093
--- /dev/null
+++ b/active/CVE-2022-1280
@@ -0,0 +1,18 @@
+Description: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources
+References:
+ https://www.openwall.com/lists/oss-security/2022/04/12/3
+ https://bugzilla.redhat.com/show_bug.cgi?id=2071022
+ https://bugzilla.suse.com/show_bug.cgi?id=1197914
+ https://www.openwall.com/lists/oss-security/2022/04/12/4
+Notes:
+ carnil> Not a problem on 5.15.y and newer, but the list of commits need
+ carnil> to be isolated yet.
+Bugs:
+upstream:
+5.10-upstream-stable:
+4.19-upstream-stable:
+4.9-upstream-stable:
+sid:
+5.10-bullseye-security:
+4.19-buster-security:
+4.9-stretch-security:
author	Salvatore Bonaccorso <carnil@debian.org>	2022-04-13 08:53:12 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-04-13 08:53:12 +0200
commit	d4610c9c1ef999f1a6b4f27ea43e5a625fde253b (patch)
tree	8e68fb293e3bc463981bc013703468067ca28176 /active/CVE-2022-1280
parent	e8d4a24f8dd386aaac414b9ec4d28d7ca147aa02 (diff)