"-Synchronized-Data."

2025-05-07 19:17:10 +00:00 · 2019-06-20 11:00:53 +00:00 · 2019-06-20 11:00:53 +00:00 · fe531b631e
commit fe531b631e
parent cf09ed592e
2 changed files with 12 additions and 2 deletions
--- a/2019/12xxx/CVE-2019-12381.json
+++ b/2019/12xxx/CVE-2019-12381.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash)."
+                "value": "** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL."
            }
        ]
    },
@ -76,6 +76,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2019-f40bd7826f",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1715501",
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715501"
            }
        ]
    }
--- a/2019/12xxx/CVE-2019-12456.json
+++ b/2019/12xxx/CVE-2019-12456.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a \"double fetch\" vulnerability."
+                "value": "** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a \"double fetch\" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used."
            }
        ]
    },
@ -86,6 +86,11 @@
                "refsource": "SUSE",
                "name": "openSUSE-SU-2019:1579",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1717182",
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717182"
            }
        ]
    }