diff --git a/2020/12xxx/CVE-2020-12655.json b/2020/12xxx/CVE-2020-12655.json index 1b8a90d8223..eb8b8e11648 100644 --- a/2020/12xxx/CVE-2020-12655.json +++ b/2020/12xxx/CVE-2020-12655.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package", "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4465-1", + "url": "https://usn.ubuntu.com/4465-1/" } ] } diff --git a/2020/12xxx/CVE-2020-12771.json b/2020/12xxx/CVE-2020-12771.json index 52f42934f9d..5b96eac570e 100644 --- a/2020/12xxx/CVE-2020-12771.json +++ b/2020/12xxx/CVE-2020-12771.json @@ -81,6 +81,11 @@ "refsource": "UBUNTU", "name": "USN-4463-1", "url": "https://usn.ubuntu.com/4463-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4465-1", + "url": "https://usn.ubuntu.com/4465-1/" } ] } diff --git a/2020/15xxx/CVE-2020-15393.json b/2020/15xxx/CVE-2020-15393.json index 91ff0fa62a8..9004186f69d 100644 --- a/2020/15xxx/CVE-2020-15393.json +++ b/2020/15xxx/CVE-2020-15393.json @@ -81,6 +81,11 @@ "refsource": "UBUNTU", "name": "USN-4463-1", "url": "https://usn.ubuntu.com/4463-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4465-1", + "url": "https://usn.ubuntu.com/4465-1/" } ] } diff --git a/2020/24xxx/CVE-2020-24394.json b/2020/24xxx/CVE-2020-24394.json index 777cb2c890e..4e43bc3014a 100644 --- a/2020/24xxx/CVE-2020-24394.json +++ b/2020/24xxx/CVE-2020-24394.json @@ -66,6 +66,11 @@ "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.8", "refsource": "MISC", "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.8" + }, + { + "refsource": "UBUNTU", + "name": "USN-4465-1", + "url": "https://usn.ubuntu.com/4465-1/" } ] } diff --git a/2020/24xxx/CVE-2020-24716.json b/2020/24xxx/CVE-2020-24716.json index b45bff5cafc..47f440f73e5 100644 --- a/2020/24xxx/CVE-2020-24716.json +++ b/2020/24xxx/CVE-2020-24716.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24716", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24716", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://jira.ixsystems.com/browse/NAS-107270", + "refsource": "MISC", + "name": "https://jira.ixsystems.com/browse/NAS-107270" + }, + { + "url": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f", + "refsource": "MISC", + "name": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f" + }, + { + "url": "https://reviews.freebsd.org/D26107", + "refsource": "MISC", + "name": "https://reviews.freebsd.org/D26107" + }, + { + "url": "https://github.com/openzfs/zfs/compare/zfs-0.8.4...zfs-2.0.0-rc1", + "refsource": "MISC", + "name": "https://github.com/openzfs/zfs/compare/zfs-0.8.4...zfs-2.0.0-rc1" } ] } diff --git a/2020/24xxx/CVE-2020-24717.json b/2020/24xxx/CVE-2020-24717.json index a9e18d30827..864be85b4b3 100644 --- a/2020/24xxx/CVE-2020-24717.json +++ b/2020/24xxx/CVE-2020-24717.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24717", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24717", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://jira.ixsystems.com/browse/NAS-107270", + "refsource": "MISC", + "name": "https://jira.ixsystems.com/browse/NAS-107270" + }, + { + "url": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f", + "refsource": "MISC", + "name": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f" + }, + { + "url": "https://reviews.freebsd.org/D26107", + "refsource": "MISC", + "name": "https://reviews.freebsd.org/D26107" + }, + { + "url": "https://github.com/openzfs/zfs/compare/zfs-0.8.4...zfs-2.0.0-rc1", + "refsource": "MISC", + "name": "https://github.com/openzfs/zfs/compare/zfs-0.8.4...zfs-2.0.0-rc1" } ] } diff --git a/2020/24xxx/CVE-2020-24718.json b/2020/24xxx/CVE-2020-24718.json new file mode 100644 index 00000000000..a788fe0a1fc --- /dev/null +++ b/2020/24xxx/CVE-2020-24718.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-24718", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5383.json b/2020/5xxx/CVE-2020-5383.json index 2124338ed30..7dbc493ebcf 100644 --- a/2020/5xxx/CVE-2020-5383.json +++ b/2020/5xxx/CVE-2020-5383.json @@ -1,10 +1,10 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2020-08-24", - "ID": "CVE-2020-5383", + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2020-08-24", + "ID": "CVE-2020-5383", "STATE": "PUBLIC" - }, + }, "affects": { "vendor": { "vendor_data": [ @@ -12,59 +12,60 @@ "product": { "product_data": [ { - "product_name": "Isilon OneFS", + "product_name": "Isilon OneFS", "version": { "version_data": [ { - "version_affected": "<", + "version_affected": "<", "version_value": "9.0.0.0, 8.2.2" } ] } } ] - }, + }, "vendor_name": "Dell" } ] } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", + "lang": "eng", "value": "Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise component. A remote unauthenticated malicious attacker may potentially exploit this vulnerability to cause a process restart." } ] - }, + }, "impact": { "cvss": { - "baseScore": 5.3, - "baseSeverity": "Medium", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } - }, + }, "problemtype": { "problemtype_data": [ { "description": [ { - "lang": "eng", + "lang": "eng", "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer" } ] } ] - }, + }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/security/en-us/details/546005/DSA-2020-189-Dell-EMC-Isilon-OneFS-and-Dell-EMC-PowerScale-Security-Update-for-Buffer-Overflow-Vu" + "refsource": "MISC", + "url": "https://www.dell.com/support/security/en-us/details/546005/DSA-2020-189-Dell-EMC-Isilon-OneFS-and-Dell-EMC-PowerScale-Security-Update-for-Buffer-Overflow-Vu", + "name": "https://www.dell.com/support/security/en-us/details/546005/DSA-2020-189-Dell-EMC-Isilon-OneFS-and-Dell-EMC-PowerScale-Security-Update-for-Buffer-Overflow-Vu" } ] }