From fe531b631ea5d43af5bc44b5324c714875d09b34 Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Thu, 20 Jun 2019 11:00:53 +0000
Subject: [PATCH] "-Synchronized-Data."

---
 2019/12xxx/CVE-2019-12381.json | 7 ++++++-
 2019/12xxx/CVE-2019-12456.json | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/2019/12xxx/CVE-2019-12381.json b/2019/12xxx/CVE-2019-12381.json
index f5a87ba9719..002da808623 100644
--- a/2019/12xxx/CVE-2019-12381.json
+++ b/2019/12xxx/CVE-2019-12381.json
@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash)."
+                "value": "** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL."
             }
         ]
     },
@@ -76,6 +76,11 @@
                 "refsource": "FEDORA",
                 "name": "FEDORA-2019-f40bd7826f",
                 "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1715501",
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715501"
             }
         ]
     }
diff --git a/2019/12xxx/CVE-2019-12456.json b/2019/12xxx/CVE-2019-12456.json
index 72ca36fc83c..b2f31773270 100644
--- a/2019/12xxx/CVE-2019-12456.json
+++ b/2019/12xxx/CVE-2019-12456.json
@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a \"double fetch\" vulnerability."
+                "value": "** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a \"double fetch\" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used."
             }
         ]
     },
@@ -86,6 +86,11 @@
                 "refsource": "SUSE",
                 "name": "openSUSE-SU-2019:1579",
                 "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1717182",
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717182"
             }
         ]
     }