linux_kernel_cves
linux_kernel_cves copied to clipboard
nluedtke
Tracking CVEs for the linux Kernel
Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) Commits See full diff in compare...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
**Change Type Requested** Add/Remove/Update **CVE id number** CVE-XXXX-XXXXXX **References** Links providing information on the CVE. **Additional context** Add any other context or information you can provide.
Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.7.2 to 1.7.3. Changelog Sourced from shell-quote's changelog. 1.7.3 Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the...
**Change Type Requested** Update **CVE id number** CVE-2022-24122 **References** https://github.com/gregkh/linux/commit/348a8501e6029f9308ea7675edfa645b5e669c9e
**Change Type Requested** Update **CVE id number** CVE-2022-1116 **References** Breaks: https://github.com/gregkh/linux/commit/cac68d12c531aa3010509a5a55a5dfd18dedaa80 Fixes: https://github.com/gregkh/linux/commit/1a623d361ffe5cecd4244a02f449528416360038 **Additional context** Both commits are only in stable-5.4.y, the former as a special version of 2 other...
**Change Type Requested** Remove/Update **CVE id number** CVE-2021-0695 **References** https://source.android.com/security/bulletin/2021-09-01 https://android.googlesource.com/kernel/common/+/2398e650c58a6f4877dafce649188290f6e3b4f5 **Additional context** The problem affects the file [net/netfilter/xt_qtaguid.c](https://android.googlesource.com/kernel/common/+log/21dd5d77181aa377e8c769bfe96fad9c0e2459f3/net/netfilter/xt_qtaguid.c), which exists only in Android kernels.
**Change Type Requested** Update **CVE id number** CVE-2021-39801 **References** https://source.android.com/security/bulletin/2022-04-01 **Additional context** The Android bulletin links to 3 commits, which I don't know which one actually fixed the issue: *...
**Change Type Requested** Update **CVE id number** CVE-2021-20194 **References** Links providing information on the CVE. https://security-tracker.debian.org/tracker/CVE-2021-20194 https://access.redhat.com/security/cve/cve-2021-20194 https://bugzilla.redhat.com/show_bug.cgi?id=1912683 **Additional context** Commit that fixes cve is bb8b81e396f7afbe7c50d789e2107512274d2a35 Commit that introduces cve...
**Change Type Requested** Remove/Update **CVE id number** CVE-2021-39802 **References** https://source.android.com/security/bulletin/2022-04-01 https://android.googlesource.com/kernel/common/+/ac4488815518c **Additional context** The above commit reverts a commit from the Android kernel after a [discussion with Linus](https://lore.kernel.org/all/CAHk-=wj4KCujAH_oPh40Bkp48amM4MXr+8AcbZ=qd5LF4Q+TDg@mail.gmail.com/#t) in which...
**Change Type Requested** Update **CVE id number** CVE-2022-1184 **References** https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1184 **Additional context** The bug title (part) which could be used as problem description is "use-after-free and memory errors in ext4...