Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
45b2e951 by Salvatore Bonaccorso at 2025-06-17T10:37:14+02:00
Redact note on relation for CVE-2025-4598 to CVE-2022-4415
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4841,7 +4841,9 @@ CVE-2025-4598 (A vulnerability was found in
systemd-coredump. This flaw allows a
NOTE: Fixed by:
https://github.com/systemd/systemd-stable/commit/7fc7aa5a4d28d7768dfd1eb85be385c3ea949168
(v254.26)
NOTE: Fixed by:
https://github.com/systemd/systemd-stable/commit/19b228662e0fcc6596c0395a0af8486a4b3f1627
(v253.33)
NOTE: Fixed by:
https://github.com/systemd/systemd-stable/commit/2eb46dce078334805c547cbcf5e6462cf9d2f9f0
(v252.38)
- NOTE: according to description fix of incomplete fix of CVE-2022-4415
+ NOTE: Issue relates to race condition exploitable while checking if a
user should
+ NOTE: be allowed to read a core file or not via the
grant_user_access(), which was
+ NOTE: introduced as part of the fix for CVE-2022-4415.
CVE-2025-5054 (Race condition in Canonical apport up to and including 2.32.0
allows a ...)
NOT-FOR-US: Apport
CVE-2025-27464
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45b2e951a238a16ea5e2d7ae5ab28e78275ffe18
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45b2e951a238a16ea5e2d7ae5ab28e78275ffe18
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
