From ee1a0ee424ae430c6fdca32db00bb2615b12cbad Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 16 Nov 2020 20:01:50 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/1010xxx/CVE-2019-1010022.json | 12 +++++++++++- 2019/1010xxx/CVE-2019-1010023.json | 12 +++++++++++- 2019/1010xxx/CVE-2019-1010024.json | 12 +++++++++++- 2019/1010xxx/CVE-2019-1010025.json | 10 ++++++++++ 2020/28xxx/CVE-2020-28891.json | 18 ++++++++++++++++++ 2020/28xxx/CVE-2020-28892.json | 18 ++++++++++++++++++ 2020/28xxx/CVE-2020-28893.json | 18 ++++++++++++++++++ 2020/28xxx/CVE-2020-28894.json | 18 ++++++++++++++++++ 8 files changed, 115 insertions(+), 3 deletions(-) create mode 100644 2020/28xxx/CVE-2020-28891.json create mode 100644 2020/28xxx/CVE-2020-28892.json create mode 100644 2020/28xxx/CVE-2020-28893.json create mode 100644 2020/28xxx/CVE-2020-28894.json diff --git a/2019/1010xxx/CVE-2019-1010022.json b/2019/1010xxx/CVE-2019-1010022.json index 711910f6f1d..cacf1fd353a 100644 --- a/2019/1010xxx/CVE-2019-1010022.json +++ b/2019/1010xxx/CVE-2019-1010022.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard." + "value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"" } ] }, @@ -56,6 +56,16 @@ "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", "refsource": "MISC", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" + }, + { + "refsource": "DEBIAN", + "name": "CVE-2019-1010022", + "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022" + }, + { + "refsource": "UBUNTU", + "name": "CVE-2019-1010022", + "url": "https://ubuntu.com/security/CVE-2019-1010022" } ] } diff --git a/2019/1010xxx/CVE-2019-1010023.json b/2019/1010xxx/CVE-2019-1010023.json index c5663554a4b..133203dc877 100644 --- a/2019/1010xxx/CVE-2019-1010023.json +++ b/2019/1010xxx/CVE-2019-1010023.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code." + "value": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"" } ] }, @@ -66,6 +66,16 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", "url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS" + }, + { + "refsource": "DEBIAN", + "name": "CVE-2019-1010023", + "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023" + }, + { + "refsource": "UBUNTU", + "name": "CVE-2019-1010023", + "url": "https://ubuntu.com/security/CVE-2019-1010023" } ] } diff --git a/2019/1010xxx/CVE-2019-1010024.json b/2019/1010xxx/CVE-2019-1010024.json index aa1d188a7e1..9889a8e2745 100644 --- a/2019/1010xxx/CVE-2019-1010024.json +++ b/2019/1010xxx/CVE-2019-1010024.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc." + "value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"" } ] }, @@ -71,6 +71,16 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", "url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS" + }, + { + "refsource": "DEBIAN", + "name": "CVE-2019-1010024", + "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010024" + }, + { + "refsource": "UBUNTU", + "name": "CVE-2019-1010024", + "url": "https://ubuntu.com/security/CVE-2019-1010024" } ] } diff --git a/2019/1010xxx/CVE-2019-1010025.json b/2019/1010xxx/CVE-2019-1010025.json index 557bacf8b7c..db352c720e9 100644 --- a/2019/1010xxx/CVE-2019-1010025.json +++ b/2019/1010xxx/CVE-2019-1010025.json @@ -66,6 +66,16 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS", "url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS" + }, + { + "refsource": "DEBIAN", + "name": "CVE-2019-1010025", + "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010025" + }, + { + "refsource": "UBUNTU", + "name": "CVE-2019-1010025", + "url": "https://ubuntu.com/security/CVE-2019-1010025" } ] } diff --git a/2020/28xxx/CVE-2020-28891.json b/2020/28xxx/CVE-2020-28891.json new file mode 100644 index 00000000000..5ef615f392e --- /dev/null +++ b/2020/28xxx/CVE-2020-28891.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-28891", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28892.json b/2020/28xxx/CVE-2020-28892.json new file mode 100644 index 00000000000..00f9d8b7100 --- /dev/null +++ b/2020/28xxx/CVE-2020-28892.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-28892", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28893.json b/2020/28xxx/CVE-2020-28893.json new file mode 100644 index 00000000000..906d2370acf --- /dev/null +++ b/2020/28xxx/CVE-2020-28893.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-28893", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28894.json b/2020/28xxx/CVE-2020-28894.json new file mode 100644 index 00000000000..0098f4df1d0 --- /dev/null +++ b/2020/28xxx/CVE-2020-28894.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-28894", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file