From a9a38e2ee9d22b17ae43c828eb881b658ddf55e8 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 17:00:46 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/20xxx/CVE-2018-20615.json | 68 +++++++++++++++++++++++++++++++++- 2018/20xxx/CVE-2018-20669.json | 68 +++++++++++++++++++++++++++++++++- 2018/20xxx/CVE-2018-20735.json | 5 +++ 2019/9xxx/CVE-2019-9735.json | 5 +++ 2019/9xxx/CVE-2019-9860.json | 18 +++++++++ 2019/9xxx/CVE-2019-9861.json | 18 +++++++++ 2019/9xxx/CVE-2019-9862.json | 18 +++++++++ 2019/9xxx/CVE-2019-9863.json | 18 +++++++++ 8 files changed, 214 insertions(+), 4 deletions(-) create mode 100644 2019/9xxx/CVE-2019-9860.json create mode 100644 2019/9xxx/CVE-2019-9861.json create mode 100644 2019/9xxx/CVE-2019-9862.json create mode 100644 2019/9xxx/CVE-2019-9863.json diff --git a/2018/20xxx/CVE-2018-20615.json b/2018/20xxx/CVE-2018-20615.json index eee3e232f0e..8c619ad2001 100644 --- a/2018/20xxx/CVE-2018-20615.json +++ b/2018/20xxx/CVE-2018-20615.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20615", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "106645", + "url": "http://www.securityfocus.com/bid/106645" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:0275", + "url": "https://access.redhat.com/errata/RHSA-2019:0275" + }, + { + "refsource": "MLIST", + "name": "[opensuse-security-announce] 20190213 [security-announce] openSUSE-SU-2019:0166-1: important: Security update for haproxy", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html" + }, + { + "refsource": "UBUNTU", + "name": "3858-1", + "url": "https://usn.ubuntu.com/3858-1/" + }, + { + "refsource": "MLIST", + "name": "[haproxy@formilux.org] 20190108 [ANNOUNCE] haproxy-1.8.17", + "url": "https://www.mail-archive.com/haproxy@formilux.org/msg32304.html" } ] } diff --git a/2018/20xxx/CVE-2018-20669.json b/2018/20xxx/CVE-2018-20669.json index d304760082b..33e16b7935a 100644 --- a/2018/20xxx/CVE-2018-20669.json +++ b/2018/20xxx/CVE-2018-20669.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20669", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "106748", + "url": "http://www.securityfocus.com/bid/106748" + }, + { + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c", + "refsource": "MISC", + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c" + }, + { + "refsource": "MLIST", + "name": "[opensuse-security-announce] 20190218 [security-announce] openSUSE-SU-2019:0203-1: important: Security update for the Linux Kernel", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20190123 Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)", + "url": "http://www.openwall.com/lists/oss-security/2019/01/23/6" + }, + { + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2018-20669", + "url": "https://access.redhat.com/security/cve/cve-2018-20669" } ] } diff --git a/2018/20xxx/CVE-2018-20735.json b/2018/20xxx/CVE-2018-20735.json index cedbb72475f..f40f9e0f9f7 100644 --- a/2018/20xxx/CVE-2018-20735.json +++ b/2018/20xxx/CVE-2018-20735.json @@ -56,6 +56,11 @@ "name": "https://www.securifera.com/blog/2018/12/17/bmc-patrol-agent-domain-user-to-domain-admin/", "refsource": "MISC", "url": "https://www.securifera.com/blog/2018/12/17/bmc-patrol-agent-domain-user-to-domain-admin/" + }, + { + "refsource": "EXPLOIT-DB", + "name": "46556", + "url": "https://www.exploit-db.com/exploits/46556/" } ] } diff --git a/2019/9xxx/CVE-2019-9735.json b/2019/9xxx/CVE-2019-9735.json index 3e00591d5de..98599d0701c 100644 --- a/2019/9xxx/CVE-2019-9735.json +++ b/2019/9xxx/CVE-2019-9735.json @@ -61,6 +61,11 @@ "name": "https://launchpad.net/bugs/1818385", "refsource": "MISC", "url": "https://launchpad.net/bugs/1818385" + }, + { + "refsource": "CONFIRM", + "name": "https://security.openstack.org/ossa/OSSA-2019-001.html", + "url": "https://security.openstack.org/ossa/OSSA-2019-001.html" } ] } diff --git a/2019/9xxx/CVE-2019-9860.json b/2019/9xxx/CVE-2019-9860.json new file mode 100644 index 00000000000..fdb88d2d6c7 --- /dev/null +++ b/2019/9xxx/CVE-2019-9860.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9860", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9861.json b/2019/9xxx/CVE-2019-9861.json new file mode 100644 index 00000000000..867d691bb11 --- /dev/null +++ b/2019/9xxx/CVE-2019-9861.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9861", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9862.json b/2019/9xxx/CVE-2019-9862.json new file mode 100644 index 00000000000..eb446887dc7 --- /dev/null +++ b/2019/9xxx/CVE-2019-9862.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9862", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9863.json b/2019/9xxx/CVE-2019-9863.json new file mode 100644 index 00000000000..97535f7e076 --- /dev/null +++ b/2019/9xxx/CVE-2019-9863.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9863", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file