diff options
| author | Ben Hutchings <ben@decadent.org.uk> | 2021-10-27 20:07:37 +0200 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2021-10-27 20:09:38 +0200 |
| commit | bb3538ddad18087c0b3ca2d4f8c7405bf197f6f4 (patch) | |
| tree | d5ef17ea11dea12626469940fc2e71a9b7035f2f | |
| parent | 97e7746dd6d1df5925f3b8075490c3050dc6e503 (diff) | |
Fill in status for various issues
| -rw-r--r-- | active/CVE-2020-26141 | 8 | ||||
| -rw-r--r-- | active/CVE-2020-26145 | 10 | ||||
| -rw-r--r-- | active/CVE-2021-20322 | 10 | ||||
| -rw-r--r-- | active/CVE-2021-32078 | 11 | ||||
| -rw-r--r-- | active/CVE-2021-3744 | 6 | ||||
| -rw-r--r-- | active/CVE-2021-3760 | 3 | ||||
| -rw-r--r-- | active/CVE-2021-3764 | 6 | ||||
| -rw-r--r-- | active/CVE-2021-3896 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-42327 | 13 |
9 files changed, 49 insertions, 20 deletions
diff --git a/active/CVE-2020-26141 b/active/CVE-2020-26141 index 24ed6a0b..f23ca662 100644 --- a/active/CVE-2020-26141 +++ b/active/CVE-2020-26141 @@ -5,12 +5,16 @@ References: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ https://lore.kernel.org/linux-wireless/20210511200110.c3f1d42c6746.I795593fcaae941c471425b8c7d5f7bb185d29142@changeid/ Notes: + bwh> In ath10k this might have been introduced in 3.19 by commit + bwh> 581c25f82ff4 "ath10k: unify rx undecapping", but might be even older. + bwh> The Realtek RTL8187 driver for Windows also had this issue, so the + bwh> Realtek drivers for Linux might be affected. Bugs: upstream: released (5.13-rc4) [0dc267b13f3a7e8424a898815dd357211b737330] 5.10-upstream-stable: released (5.10.42) [6643b21aee1c3cac10da9dfb0fa17aacc431fa91] 4.19-upstream-stable: needed -4.9-upstream-stable: +4.9-upstream-stable: needed sid: released (5.10.46-1) 5.10-bullseye-security: N/A "Fixed before branching point" 4.19-buster-security: needed -4.9-stretch-security: +4.9-stretch-security: needed diff --git a/active/CVE-2020-26145 b/active/CVE-2020-26145 index 9ff4d5be..a1035cfe 100644 --- a/active/CVE-2020-26145 +++ b/active/CVE-2020-26145 @@ -6,12 +6,14 @@ References: https://lore.kernel.org/linux-wireless/20210511200110.5a0bd289bda8.Idd6ebea20038fb1cfee6de924aa595e5647c9eae@changeid/ https://lore.kernel.org/linux-wireless/20210511200110.9ca6ca7945a9.I1e18b514590af17c155bda86699bc3a971a8dcf4@changeid/ Notes: + bwh> In ath10k this might have been introduced in 3.19 by commit + bwh> 581c25f82ff4 "ath10k: unify rx undecapping", but might be even older. Bugs: upstream: released (5.13-rc4) [65c415a144ad8132b6a6d97d4a1919ffc728e2d1, 40e7462dad6f3d06efdb17d26539e61ab6e34db1] 5.10-upstream-stable: released (5.10.42) [b1b3dcd653772f93b69be50263a0ca50d7c9e77f, 425cee63609137fa0c8f84f59f0dd0e94f296efe] -4.19-upstream-stable: -4.9-upstream-stable: +4.19-upstream-stable: needed +4.9-upstream-stable: needed sid: released (5.10.46-1) 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: -4.9-stretch-security: +4.19-buster-security: needed +4.9-stretch-security: needed diff --git a/active/CVE-2021-20322 b/active/CVE-2021-20322 index bfaad848..ca16e7fd 100644 --- a/active/CVE-2021-20322 +++ b/active/CVE-2021-20322 @@ -5,6 +5,12 @@ Notes: carnil> Backports for 4.19.y and 4.9.y seems incomplete for the time carnil> beeing and only have the "ipv4: make exception cache less carnil> predictible" patch. + bwh> Introduced for ipv4 in 3.6 by commit 4895c771c7f0 "ipv4: Add FIB nexthop + bwh> exceptions." + bwh> Introduced For ipv6 in 4.15 by commits 35732d01fe31 "ipv6: introduce a + bwh> hash table to store dst cache" and 2b760fcf5cfb "ipv6: hook up exception + bwh> table to store dst cache". + bwh> So for the 4.9 branches only ipv4 needs to be fixed. Bugs: upstream: released (5.14) [4785305c05b25a242e5314cc821f54ade4c18810, 6457378fe796815c973f631a1904e147d6ee33b1], released (5.15-rc1) [a00df2caffed3883c341d5685f830434312e4a43, 67d6d681e15b578c1725bad8ad079e05d1c48a8e] 5.10-upstream-stable: released (5.10.62) ]dced8347a727528b388f04820f48166f1e651af6, beefd5f0c63a31a83bc5a99e6888af884745684b], released (5.10.65) [8692f0bb29927d13a871b198adff1d336a8d2d00, 5867e20e1808acd0c832ddea2587e5ee49813874] @@ -12,5 +18,5 @@ upstream: released (5.14) [4785305c05b25a242e5314cc821f54ade4c18810, 6457378fe79 4.9-upstream-stable: released (4.9.283) [f10ce783bcc4d8ea454563a7d56ae781640e7dcb] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.70-1) -4.19-buster-security: -4.9-stretch-security: +4.19-buster-security: needed +4.9-stretch-security: needed diff --git a/active/CVE-2021-32078 b/active/CVE-2021-32078 index b0fbc14c..765e9b07 100644 --- a/active/CVE-2021-32078 +++ b/active/CVE-2021-32078 @@ -6,12 +6,15 @@ Notes: carnil> enabled in Debian. Furthermore the fixing commit just removes carnil> the whole code, which is believed that no one is using it. bwh> The affected platform has a StrongArm (ARM v4) CPU which was only - bwh> supported by Debian's original arm architecture, not armel + bwh> supported by Debian's original arm architecture, not armel. + bwh> Also this issue involves untrusted data from a PCI device, but + bwh> the affected systems don't have an IOMMU so all PCI devices must + bwh> be trusted. Bugs: upstream: released (5.13-rc1) [298a58e165e447ccfaae35fe9f651f9d7e15166f] -5.10-upstream-stable: -4.19-upstream-stable: -4.9-upstream-stable: +5.10-upstream-stable: ignored "Not a real security issue" +4.19-upstream-stable: ignored "Not a real security issue" +4.9-upstream-stable: ignored "Not a real security issue" sid: released (5.14.6-1) 5.10-bullseye-security: ignored "Not applicable to any Debian architecture" 4.19-buster-security: ignored "Not applicable to any Debian architecture" diff --git a/active/CVE-2021-3744 b/active/CVE-2021-3744 index 33925277..50ef7085 100644 --- a/active/CVE-2021-3744 +++ b/active/CVE-2021-3744 @@ -3,12 +3,14 @@ References: https://bugzilla.redhat.com/show_bug.cgi?id=2000627 https://www.openwall.com/lists/oss-security/2021/09/14/1 Notes: + bwh> Introduced in 4.12 by commit 36cf515b9bbe "crypto: ccp - Enable support + bwh> for AES GCM on v5 CCPs". Bugs: upstream: released (5.15-rc4) [505d9dcb0f7ddf9d075e729523a33d38642ae680] 5.10-upstream-stable: released (5.10.71) [17ccc64e4fa5d3673528474bfeda814d95dc600a] 4.19-upstream-stable: released (4.19.209) [710be7c42d2f724869e5b18b21998ceddaffc4a9] -4.9-upstream-stable: +4.9-upstream-stable: N/A "Vulnerability introduced later" sid: released (5.14.12-1) 5.10-bullseye-security: needed 4.19-buster-security: needed -4.9-stretch-security: +4.9-stretch-security: N/A "Vulnerability introduced later" diff --git a/active/CVE-2021-3760 b/active/CVE-2021-3760 index af0fc4d3..57791f96 100644 --- a/active/CVE-2021-3760 +++ b/active/CVE-2021-3760 @@ -3,6 +3,9 @@ References: https://www.openwall.com/lists/oss-security/2021/10/26/2 Notes: carnil> Fixed as well in 5.14.15 for 5.14.y. + bwh> Introduced in 4.0 by commits 12bdf27d46c9 "NFC: nci: Add reference to + bwh> the RF logical connection" and 15d4a8da0e44 "NFC: nci: Move logical + bwh> connection structure allocation". Bugs: upstream: released (5.15-rc6) [1b1499a817c90fd1ce9453a2c98d2a01cca0e775] 5.10-upstream-stable: released (5.10.76) [77c0ef979e32b8bc22f36a013bab77cd37e31530] diff --git a/active/CVE-2021-3764 b/active/CVE-2021-3764 index cf58d5f0..0b2db503 100644 --- a/active/CVE-2021-3764 +++ b/active/CVE-2021-3764 @@ -3,12 +3,14 @@ References: https://bugzilla.redhat.com/show_bug.cgi?id=1997467 Notes: carnil> Patch for CVE-2021-3744 contains fix as well for this issue. + bwh> Introduced in 4.12 by commit 36cf515b9bbe "crypto: ccp - Enable support + bwh> for AES GCM on v5 CCPs". Bugs: upstream: released (5.15-rc4) [505d9dcb0f7ddf9d075e729523a33d38642ae680] 5.10-upstream-stable: released (5.10.71) [17ccc64e4fa5d3673528474bfeda814d95dc600a] 4.19-upstream-stable: released (4.19.209) [710be7c42d2f724869e5b18b21998ceddaffc4a9] -4.9-upstream-stable: +4.9-upstream-stable: N/A "Vulnerability introduced later" sid: released (5.14.12-1) 5.10-bullseye-security: needed 4.19-buster-security: needed -4.9-stretch-security: +4.9-stretch-security: N/A "Vulnerability introduced later" diff --git a/active/CVE-2021-3896 b/active/CVE-2021-3896 index 5db75989..a97fa5fa 100644 --- a/active/CVE-2021-3896 +++ b/active/CVE-2021-3896 @@ -4,6 +4,8 @@ References: https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/ Notes: carnil> Fixed as well in 5.14.15 in 5.14.y. + bwh> This seems to really be a bug in the Bluetooth CMTP subsystem, which has + bwh> been present since that was added in Linux 2.6.2. Bugs: upstream: released (5.15-rc6) [1f3e2e97c003f80c4b087092b225c8787ff91e4d] 5.10-upstream-stable: released (5.10.76) [7f221ccbee4ec662e2292d490a43ce6c314c4594] diff --git a/active/CVE-2021-42327 b/active/CVE-2021-42327 index 29113cfa..a907f5f9 100644 --- a/active/CVE-2021-42327 +++ b/active/CVE-2021-42327 @@ -1,13 +1,18 @@ Description: drm/amdgpu: fix out of bounds write References: https://lists.freedesktop.org/archives/amd-gfx/2021-October/070170.html + https://cgit.freedesktop.org/drm/drm/commit/?id=f23750b5b3d98653b31d4469592935ef6364ad67 Notes: + bwh> Introduced in 5.10 by commit 918698d5c2b5 "drm/amd/display: Return the + bwh> number of bytes parsed than allocated". This actually introduced the + bwh> same bug in many debugfs write operations in the same source file. + bwh> One of these is fixed in drm-next, so should be in upstream 5.16-rc1. Bugs: upstream: needed 5.10-upstream-stable: needed -4.19-upstream-stable: -4.9-upstream-stable: +4.19-upstream-stable: N/A "Vulnerability introduced later" +4.9-upstream-stable: N/A "Vulnerability introduced later" sid: needed 5.10-bullseye-security: needed -4.19-buster-security: -4.9-stretch-security: +4.19-buster-security: N/A "Vulnerability introduced later" +4.9-stretch-security: N/A "Vulnerability introduced later" |