[Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-18653/linux

Tue, 08 Sep 2020 13:11:12 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c93b76e9 by Salvatore Bonaccorso at 2020-09-08T22:09:46+02:00
Update information on CVE-2018-18653/linux

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -120237,8 +120237,12 @@ CVE-2018-18657 (An issue was discovered in Arcserve 
Unified Data Protection (UDP
 CVE-2018-18656 (The PureVPN client before 6.1.0 for Windows stores Login 
Credentials ( ...)
        NOT-FOR-US: PureVPN client for Windows
 CVE-2018-18653 (The Linux kernel, as used in Ubuntu 18.10 and when booted with 
UEFI Se ...)
-       - linux <undetermined>
-       TODO: check, this should be very Ubuntu specific, but it is introduced 
with the out-of-tree patch from the Lockdown patchset  
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef
 and so possibly affect our kernel as well in some way.
+       - linux 5.4.6-1
+       [buster] - linux <not-affected> (Vulnerable code introduced later)
+       [stretch] - linux <not-affected> (Vulnerable code introduced later)
+       NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1798863
+       NOTE: Broken lockdown patch introduced in: 
https://salsa.debian.org/kernel-team/linux/commit/a7cd45ba217652e89afd40020fa3ee9d8900b2d6
+       NOTE: NOTE: Dropped in: 
https://salsa.debian.org/kernel-team/linux/commit/bcf44784663c6b77a4922d9a88f114c9810623cc
 CVE-2018-18652 (A remote command execution vulnerability in Veritas NetBackup 
Applianc ...)
        NOT-FOR-US: Veritas NetBackup Appliance
 CVE-2018-18655 (Prayer through 1.3.5 sends a Referer header, containing a 
user's usern ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c93b76e94c6a5307823beb541868ef38e4036019

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c93b76e94c6a5307823beb541868ef38e4036019
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to