Retire inactive issues

11 files changed, 0 insertions, 179 deletions

diff --git a/active/CVE-2020-26556 b/active/CVE-2020-26556
deleted file mode 100644
index 60be7fc6..00000000
--- a/active/CVE-2020-26556
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: malleable commitment Bluetooth Mesh Provisioning
-References:
- https://kb.cert.org/vuls/id/799380
- https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/malleable/
- https://bugzilla.redhat.com/show_bug.cgi?id=1960012
-Notes:
- bwh> Mesh provisioning seems to be handled in user-space.
- bwh> This was addressed in bluez 5.50-1.1.
-Bugs:
-upstream: N/A "Not implemented in kernel"
-5.10-upstream-stable: N/A "Not implemented in kernel"
-4.19-upstream-stable: N/A "Not implemented in kernel"
-4.9-upstream-stable: N/A "Not implemented in kernel"
-sid: N/A "Not implemented in kernel"
-5.10-bullseye-security: N/A "Not implemented in kernel"
-4.19-buster-security: N/A "Not implemented in kernel"
-4.9-stretch-security: N/A "Not implemented in kernel"
diff --git a/active/CVE-2020-26557 b/active/CVE-2020-26557
deleted file mode 100644
index 4a86b8c4..00000000
--- a/active/CVE-2020-26557
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM
-References:
- https://kb.cert.org/vuls/id/799380
- https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/predicatable-authvalue/
- https://bugzilla.redhat.com/show_bug.cgi?id=1960009
-Notes:
- bwh> Mesh provisioning seems to be handled in user-space.
-Bugs:
-upstream: N/A "Not implemented in kernel"
-5.10-upstream-stable: N/A "Not implemented in kernel"
-4.19-upstream-stable: N/A "Not implemented in kernel"
-4.9-upstream-stable: N/A "Not implemented in kernel"
-sid: N/A "Not implemented in kernel"
-5.10-bullseye-security: N/A "Not implemented in kernel"
-4.19-buster-security: N/A "Not implemented in kernel"
-4.9-stretch-security: N/A "Not implemented in kernel"
diff --git a/active/CVE-2020-26559 b/active/CVE-2020-26559
deleted file mode 100644
index 3112e2b1..00000000
--- a/active/CVE-2020-26559
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: Authvalue leak in Bluetooth Mesh Provisioning
-References:
- https://kb.cert.org/vuls/id/799380
- https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/
- https://bugzilla.redhat.com/show_bug.cgi?id=1960011
-Notes:
- bwh> Mesh provisioning seems to be handled in user-space.
-Bugs:
-upstream: N/A "Not implemented in kernel"
-5.10-upstream-stable: N/A "Not implemented in kernel"
-4.19-upstream-stable: N/A "Not implemented in kernel"
-4.9-upstream-stable: N/A "Not implemented in kernel"
-sid: N/A "Not implemented in kernel"
-5.10-bullseye-security: N/A "Not implemented in kernel"
-4.19-buster-security: N/A "Not implemented in kernel"
-4.9-stretch-security: N/A "Not implemented in kernel"
diff --git a/active/CVE-2020-26560 b/active/CVE-2020-26560
deleted file mode 100644
index be0abd40..00000000
--- a/active/CVE-2020-26560
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: impersonation attack in Bluetooth Mesh Provisioning
-References:
- https://kb.cert.org/vuls/id/799380
- https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/impersonation-mesh/
- https://bugzilla.redhat.com/show_bug.cgi?id=1959994
-Notes:
- bwh> Mesh provisioning seems to be handled in user-space.
-Bugs:
-upstream: N/A "Not implemented in kernel"
-5.10-upstream-stable: N/A "Not implemented in kernel"
-4.19-upstream-stable: N/A "Not implemented in kernel"
-4.9-upstream-stable: N/A "Not implemented in kernel"
-sid: N/A "Not implemented in kernel"
-5.10-bullseye-security: N/A "Not implemented in kernel"
-4.19-buster-security: N/A "Not implemented in kernel"
-4.9-stretch-security: N/A "Not implemented in kernel"
diff --git a/active/CVE-2021-4148 b/active/CVE-2021-4148
deleted file mode 100644
index 90eddbb5..00000000
--- a/active/CVE-2021-4148
+++ /dev/null
@@ -1,19 +0,0 @@
-Description: mm: Opening THP-backed special file for write causes crash in block_invalidatepage()
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=2026487
- https://lkml.org/lkml/2021/9/17/1037
- https://lkml.org/lkml/2021/9/12/323
- https://lore.kernel.org/linux-mm/a07564a3-b2fc-9ffe-3ace-3f276075ea5c@google.com/
- https://lore.kernel.org/lkml/CACkBjsYwLYLRmX8GpsDpMthagWOjWWrNxqY6ZLNQVr6yx+f5vA@mail.gmail.com/
-Notes:
- bwh> Introduced in 5.4 by commit 99cb0dbd47a1 "mm,thp: add read-only THP
- bwh> support for (non-shmem) FS".
-Bugs:
-upstream: released (5.15) [a4aeaa06d45e90f9b279f0b09de84bd00006e733]
-5.10-upstream-stable: released (5.10.78) [6d67b2a73b8e3a079c355bab3c1aef7d85a044b8]
-4.19-upstream-stable: N/A "Vulnerable code not present"
-4.9-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.14.16-1)
-5.10-bullseye-security: released (5.10.84-1)
-4.19-buster-security: N/A "Vulnerable code not present"
-4.9-stretch-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-4150 b/active/CVE-2021-4150
deleted file mode 100644
index 588d6073..00000000
--- a/active/CVE-2021-4150
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: Block subsystem mishandles reference counts
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=2025938
- https://lkml.org/lkml/2021/9/6/781
- https://lkml.org/lkml/2021/10/18/485
-Notes:
- bwh> Introduced in 5.15-rc1 by commit 9d3b8813895d "block: change the
- bwh> refcounting for partitions", so never appeared in a stable release.
-Bugs:
-upstream: released (5.15-rc7) [9fbfabfda25d8774c5a08634fdd2da000a924890]
-5.10-upstream-stable: N/A "Vulnerability introduced later"
-4.19-upstream-stable: N/A "Vulnerability introduced later"
-4.9-upstream-stable: N/A "Vulnerability introduced later"
-sid: N/A "Vulnerability introduced and fixed in experimental"
-5.10-bullseye-security: N/A "Vulnerability introduced later"
-4.19-buster-security: N/A "Vulnerability introduced later"
-4.9-stretch-security: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2021-4218 b/active/CVE-2021-4218
deleted file mode 100644
index 12445f6a..00000000
--- a/active/CVE-2021-4218
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: xprtrdma: Wrong copy function used in sysctl handler
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=2048359
- https://bugs.centos.org/view.php?id=18395
-Notes:
- bwh> This issue is specific to CentOS/RHEL. In mainline,
- bwh> xprtrdma always used copy_to_user() until the general
- bwh> conversion of sysctls to use a kernel buffer.
-Bugs:
-upstream: N/A "Vulnerability never present"
-5.10-upstream-stable: N/A "Vulnerability never present"
-4.19-upstream-stable: N/A "Vulnerability never present"
-4.9-upstream-stable: N/A "Vulnerability never present"
-sid: N/A "Vulnerability never present"
-5.10-bullseye-security: N/A "Vulnerability never present"
-4.19-buster-security: N/A "Vulnerability never present"
-4.9-stretch-security: N/A "Vulnerability never present"
diff --git a/active/CVE-2022-0382 b/active/CVE-2022-0382
deleted file mode 100644
index 102b3dc4..00000000
--- a/active/CVE-2022-0382
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: net ticp:fix a kernel-infoleak in __tipc_sendmsg()
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=2046440
-Notes:
- bwh> Introduced in 5.13-rc1 by commit 908148bc5046
- bwh> "tipc: refactor tipc_sendmsg() and tipc_lookup_anycast()".
-Bugs:
-upstream: released (5.16) [d6d86830705f173fca6087a3e67ceaf68db80523]
-5.10-upstream-stable: N/A "Vulnerability introduced later"
-4.19-upstream-stable: N/A "Vulnerability introduced later"
-4.9-upstream-stable: N/A "Vulnerability introduced later"
-sid: released (5.15.15-1)
-5.10-bullseye-security: N/A "Vulnerability introduced later"
-4.19-buster-security: N/A "Vulnerability introduced later"
-4.9-stretch-security: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2022-0480 b/active/CVE-2022-0480
deleted file mode 100644
index 1a5cebfb..00000000
--- a/active/CVE-2022-0480
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: memcg: enable accounting for file lock caches
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=2049700
- https://github.com/kata-containers/kata-containers/issues/3373
- https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm@linux-foundation.org/
-Notes:
-Bugs:
-upstream: released (5.15-rc1) [0f12156dff2862ac54235fc72703f18770769042]
-5.10-upstream-stable: ignored "Minor issue"
-4.19-upstream-stable: ignored "Minor issue"
-4.9-upstream-stable: ignored "Minor issue"
-sid: released (5.15.3-1)
-5.10-bullseye-security: ignored "Minor issue"
-4.19-buster-security: ignored "Minor issue"
-4.9-stretch-security: ignored "Minor issue"
diff --git a/active/CVE-2022-0646 b/active/CVE-2022-0646
deleted file mode 100644
index fa793b06..00000000
--- a/active/CVE-2022-0646
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: mctp: serial: Cancel pending work from ndo_uninit handler
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=2055206
- https://lore.kernel.org/all/20220211011552.1861886-1-jk@codeconstruct.com.au/T/
-Notes:
- bwh> This driver was only added in 5.17-rc1!
-Bugs:
-upstream: released (5.17-rc5) [6c342ce2239c182c2428ce5a44cb32330434ae6e]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-4.9-upstream-stable: N/A "Vulnerable code not present"
-sid: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
-4.9-stretch-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2022-25265 b/active/CVE-2022-25265
deleted file mode 100644
index 8e6b64d2..00000000
--- a/active/CVE-2022-25265
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: x86: Old ELF binaries run with executable stack and data segment
-References:
- https://github.com/x0reaxeax/exec-prot-bypass
- https://github.com/torvalds/linux/blob/1c33bb0507508af24fd754dd7123bd8e997fab2f/arch/x86/include/asm/elf.h#L281-L294
-Notes:
- bwh> This is necessary backward compatibility and can be disabled
- bwh> through an LSM if wanted.
-Bugs:
-upstream: ignored "Not a security flaw"
-5.10-upstream-stable: ignored "Not a security flaw"
-4.19-upstream-stable: ignored "Not a security flaw"
-4.9-upstream-stable: ignored "Not a security flaw"
-sid: ignored "Not a security flaw"
-5.10-bullseye-security: ignored "Not a security flaw"
-4.19-buster-security: ignored "Not a security flaw"
-4.9-stretch-security: ignored "Not a security flaw"