Bug#1000886: CVE-2013-7445: Direct Rendering Manager (DRM) subsystem in the Linux Kernel through 4.x mishandles requests for GEM object

To: "Jeremiah C. Foster" <jeremiah@jeremiahfoster.com>, 1000886@bugs.debian.org
Subject: Bug#1000886: CVE-2013-7445: Direct Rendering Manager (DRM) subsystem in the Linux Kernel through 4.x mishandles requests for GEM object
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 30 Nov 2021 21:02:35 +0100
Message-id: <YaaDW2t/c7FtyE2A@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1000886@bugs.debian.org
In-reply-to: <[🔎] 5090e46e-8405-4477-a6ab-c2d6550196b4@jeremiahfoster.com>
References: <[🔎] 5090e46e-8405-4477-a6ab-c2d6550196b4@jeremiahfoster.com> <[🔎] 5090e46e-8405-4477-a6ab-c2d6550196b4@jeremiahfoster.com>

Control: tags -1 + security
Control: notfound -1 4.0

Hi Jeremiah,

On Tue, Nov 30, 2021 at 12:56:50PM -0500, Jeremiah C. Foster wrote:
> Package: linux
> Source: linux
> Version: 4.0
> Severity: important
> Tags: upstream
> 
> Dear Maintainer,
> 
> There is a list of unreported issues in the Debian Security-tracker:
> https://security-tracker.debian.org/tracker/status/unreported This
> issue was the first one in the tracker which led me to file this issue
> 
> in Debian's bug tracking system.

Thank you. It's usually not necessary to fill bugs for CVEs for
src:linux, we are already tracking them and are aware. In the
particular case you can look up  CVE-2013-7445 and it's unlikely that
it will be addressed. Furthermore CVEs for linux are specifically
tracked in the kernel-team as well.

It's not necessary to fill bugs for CVE for src:linux, we already
track them, so this would just cause some unnecessary overhead (in
particular for such on old CVE ;-)).

Regards,
Salvatore

Reply to:

References:
- Bug#1000886: CVE-2013-7445: Direct Rendering Manager (DRM) subsystem in the Linux Kernel through 4.x mishandles requests for GEM object
  - From: "Jeremiah C. Foster" <jeremiah@jeremiahfoster.com>

Prev by Date: Bug#998716: linux-image-5.14.0-2-amd64: The package size has grown a lot compared to 5.8/5.10 releases
Next by Date: Processed: Re: Bug#1000886: CVE-2013-7445: Direct Rendering Manager (DRM) subsystem in the Linux Kernel through 4.x mishandles requests for GEM object
Previous by thread: Bug#1000886: CVE-2013-7445: Direct Rendering Manager (DRM) subsystem in the Linux Kernel through 4.x mishandles requests for GEM object
Next by thread: Processed: Re: Bug#1000886: CVE-2013-7445: Direct Rendering Manager (DRM) subsystem in the Linux Kernel through 4.x mishandles requests for GEM object
Index(es):
- Date
- Thread