From 7f9ccdd0b2a4c35d904f3f3ae3dd39e96bf95228 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 8 Sep 2020 19:59:11 +0200
Subject: Add CVE-2020-0404

---
 active/CVE-2020-0404 | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 active/CVE-2020-0404

diff --git a/active/CVE-2020-0404 b/active/CVE-2020-0404
new file mode 100644
index 00000000..d499f7e4
--- /dev/null
+++ b/active/CVE-2020-0404
@@ -0,0 +1,11 @@
+Description: media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
+References:
+ https://source.android.com/security/bulletin/2020-09-01
+Notes:
+Bugs:
+upstream: released (5.6-rc1) [68035c80e129c4cfec659aac4180354530b26527]
+4.19-upstream-stable: released (4.19.103) [3ceb3fcd6d1a6a65e7bf3873a63009d01ba4b05f]
+4.9-upstream-stable: released (4.9.214) [f873437547ac3d092c433cc0a996b946eb2803b6]
+sid: released (5.4.19-1)
+4.19-buster-security: released (4.19.118-1)
+4.9-stretch-security: released (4.9.228-1)
-- 
cgit v1.2.3