Add CVE-2022-1943

author: Salvatore Bonaccorso <carnil@debian.org> 2022-05-31 08:23:44 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-05-31 08:23:44 +0200
commit: d68d32ff47d4f77bc5d5e5639e327eb16a41b225 (patch)
tree: d1aecccaa6a4762e4abf2f5a08f962082cf3b349 /active
parent: 935706e619685882d870be07d05a06b35a3ea10b (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/active/CVE-2022-1943 b/active/CVE-2022-1943
new file mode 100644
index 000000000..6f3d8a41e
--- /dev/null
+++ b/active/CVE-2022-1943
@@ -0,0 +1,15 @@
+Description: udf: Avoid using stale lengthOfImpUse 
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2086412
+Notes:
+ carnil> Introduced in 5.15-rc1 with 979a6e28dd96 ("udf: Get rid of 0-
+ carnil> length arrays in struct fileIdentDesc")
+Bugs:
+upstream: released (5.18-rc7) [c1ad35dd0548ce947d97aaf92f7f2f9a202951cf]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.17.11-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2022-05-31 08:23:44 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-05-31 08:23:44 +0200
commit	d68d32ff47d4f77bc5d5e5639e327eb16a41b225 (patch)
tree	d1aecccaa6a4762e4abf2f5a08f962082cf3b349 /active
parent	935706e619685882d870be07d05a06b35a3ea10b (diff)