Hi!

2021年6月18日(金) 17:04 Pavel Machek <pavel@denx.de>:
>
> Hi!
>
> In last import, CVE-2020-36385 and CVE-2020-36386 was confused. That's
> fixed now. And we have following new issues:
>
> * 2021-06-13
>
> CVE-2021-0129 -- Passkey Entry protocol of the Bluetooth Core is
> vulnerable to an impersonation, fixed 4.9+
>
> CVE-2021-0512 -- HID arrays, fixed 4.9+
>
> CVE-2021-28691 -- Xen, fixed 5.10+
>
> CVE-2021-3573 -- Bluetooth UAF, fixed 4.9+
>
> * 2021-06-18
>
> CVE-2021-32078 -- ARM: footbridge:, hopefully noone uses this
>
> CVE-2021-34693 -- can: bcm: fix infoleak in struct bcm_msg_head
>
> CVE-2020-36386 -- An issue was discovered in the Linux kernel before
> 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in
> hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.
>

Thank you for the update.

> Best regards,
>                                                                 Pavel
> --
> DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
> HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
>
> 
>


-- 
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@cybertrust.co.jp
          :masami.ichikawa@miraclelinux.com