diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2023-05-27 20:50:05 +0200 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2023-05-27 20:50:05 +0200 |
commit | 7c5f1f72206ff4aad901a1af9a58106eb5598ae1 (patch) | |
tree | 79e21d28ac60d0eb4f2e09ee52e104013b074062 /active | |
parent | 9623bc8eab056f5a06919e3a05081d021392e992 (diff) |
Retire inactive issues
Diffstat (limited to 'active')
-rw-r--r-- | active/CVE-2020-26140 | 23 | ||||
-rw-r--r-- | active/CVE-2020-26142 | 20 | ||||
-rw-r--r-- | active/CVE-2020-26143 | 20 | ||||
-rw-r--r-- | active/CVE-2023-0615 | 26 | ||||
-rw-r--r-- | active/CVE-2023-1611 | 19 | ||||
-rw-r--r-- | active/CVE-2023-2019 | 14 | ||||
-rw-r--r-- | active/CVE-2023-21102 | 16 | ||||
-rw-r--r-- | active/CVE-2023-22998 | 14 | ||||
-rw-r--r-- | active/CVE-2023-22999 | 14 | ||||
-rw-r--r-- | active/CVE-2023-23000 | 17 | ||||
-rw-r--r-- | active/CVE-2023-23003 | 14 | ||||
-rw-r--r-- | active/CVE-2023-23004 | 14 | ||||
-rw-r--r-- | active/CVE-2023-31085 | 17 |
13 files changed, 0 insertions, 228 deletions
diff --git a/active/CVE-2020-26140 b/active/CVE-2020-26140 deleted file mode 100644 index 908c2fc0f..000000000 --- a/active/CVE-2020-26140 +++ /dev/null @@ -1,23 +0,0 @@ -Description: Accepting plaintext data frames in protected networks -References: - https://papers.mathyvanhoef.com/usenix2021.pdf - https://www.fragattacks.com/ - https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ -Notes: - carnil> Needs to be checked if this really has a fix in Linux. - bwh> I don't think this bug was present in mac80211, but individual - bwh> drivers or firmware might be affected. The same issue was found - bwh> earlier in some vendor drivers which were assigned - bwh> CVE-2019-18989, CVE-2019-18990, and CVE-2019-18991: - bwh> https://www.synopsys.com/blogs/software-security/cyrc-advisory-sept2020/ -Bugs: -upstream: N/A "Found in firmware, not kernel or drivers" -6.1-upstream-stable: N/A "Found in firmware, not kernel or drivers" -5.10-upstream-stable: N/A "Found in firmware, not kernel or drivers" -4.19-upstream-stable: N/A "Found in firmware, not kernel or drivers" -4.9-upstream-stable: N/A "Found in firmware, not kernel or drivers" -sid: N/A "Found in firmware, not kernel or drivers" -6.1-bookworm-security: N/A "Found in firmware, not kernel or drivers" -5.10-bullseye-security: N/A "Found in firmware, not kernel or drivers" -4.19-buster-security: N/A "Found in firmware, not kernel or drivers" -4.9-stretch-security: N/A "Found in firmware, not kernel or drivers" diff --git a/active/CVE-2020-26142 b/active/CVE-2020-26142 deleted file mode 100644 index 2733fcf8a..000000000 --- a/active/CVE-2020-26142 +++ /dev/null @@ -1,20 +0,0 @@ -Description: Processing fragmented frames as full frames -References: - https://papers.mathyvanhoef.com/usenix2021.pdf - https://www.fragattacks.com/ - https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ -Notes: - carnil> Needs to be checked if this really has a fix in Linux. - bwh> I don't think this bug was present in mac80211, but individual - bwh> drivers or firmware might be affected. -Bugs: -upstream: N/A "Found in OpenBSD, not Linux" -6.1-upstream-stable: N/A "Found in OpenBSD, not Linux" -5.10-upstream-stable: N/A "Found in OpenBSD, not Linux" -4.19-upstream-stable: N/A "Found in OpenBSD, not Linux" -4.9-upstream-stable: N/A "Found in OpenBSD, not Linux" -sid: N/A "Found in OpenBSD, not Linux" -6.1-bookworm-security: N/A "Found in OpenBSD, not Linux" -5.10-bullseye-security: N/A "Found in OpenBSD, not Linux" -4.19-buster-security: N/A "Found in OpenBSD, not Linux" -4.9-stretch-security: N/A "Found in OpenBSD, not Linux" diff --git a/active/CVE-2020-26143 b/active/CVE-2020-26143 deleted file mode 100644 index b4a183ddf..000000000 --- a/active/CVE-2020-26143 +++ /dev/null @@ -1,20 +0,0 @@ -Description: Accepting fragmented plaintext frames in protected networks -References: - https://papers.mathyvanhoef.com/usenix2021.pdf - https://www.fragattacks.com/ - https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ -Notes: - carnil> Needs to be checked if this really has a fix in Linux. - bwh> I don't think this bug was present in mac80211, but individual - bwh> drivers or firmware might be affected. -Bugs: -upstream: N/A "Found in firmware, not kernel or drivers" -6.1-upstream-stable: N/A "Found in firmware, not kernel or drivers" -5.10-upstream-stable: N/A "Found in firmware, not kernel or drivers" -4.19-upstream-stable: N/A "Found in firmware, not kernel or drivers" -4.9-upstream-stable: N/A "Found in firmware, not kernel or drivers" -sid: N/A "Found in firmware, not kernel or drivers" -6.1-bookworm-security: N/A "Found in firmware, not kernel or drivers" -5.10-bullseye-security: N/A "Found in firmware, not kernel or drivers" -4.19-buster-security: N/A "Found in firmware, not kernel or drivers" -4.9-stretch-security: N/A "Found in firmware, not kernel or drivers" diff --git a/active/CVE-2023-0615 b/active/CVE-2023-0615 deleted file mode 100644 index 91ceb465c..000000000 --- a/active/CVE-2023-0615 +++ /dev/null @@ -1,26 +0,0 @@ -Description: multiple issues for the Video for Linux version 2 test driver -References: - https://bugzilla.redhat.com/show_bug.cgi?id=2166287 - https://bugzilla.redhat.com/show_bug.cgi?id=2166287#c7 -Notes: - carnil> According to the Red Hat Bugzilla #c7 reference, they should be - carnil> fixed all in the latest upstream vivid code. Debian builds - carnil> VIDEO_VIVID as module. -Bugs: - bwh> The issues mentioned are (1) memory leak (2) divide by zero - bwh> (3) integer overflow and were already fixed by 2023-02-01. - bwh> So I think (1) was fixed by 1f65ea411cc7 "media: vivid: - bwh> dev->bitmap_cap wasn't freed in all cases" and (3) was fixed - bwh> by f8bcaf714abf "media: vivid: s_fbuf: add more sanity checks". - bwh> By process of elimination, I think (2) must have been fixed by - bwh> 69d78a80da4e "media: vivid: set num_in/outputs to 0 if not - bwh> supported" although I didn't see a specific code flow that - bwh> would lead to division by zero. -upstream: released (6.1-rc3) [1f65ea411cc7b6ff128d82a3493d7b5648054e6f, 69d78a80da4ef12faf2a6f9cfa2097ab4ac43983, f8bcaf714abfc94818dff8c0db84d750433984f4] -6.1-upstream-stable: N/A "Fixed before branch point" -5.10-upstream-stable: released (5.10.153) [147b8f1892aaa474f912ac75babfd316ee0de672, 905f05c0ab1950e6f24611b2ea69625f154392d5, 1cf51d51581c1e0a876623e0a89d10029fc8cdc4] -4.19-upstream-stable: released (4.19.264) [29385e601f3420cfe46550271714b6685719eb33, c106967b34725dfb1c76a914b6c2e2773936323f] -sid: released (6.1.4-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: released (5.10.158-1) -4.19-buster-security: released (4.19.282-1) diff --git a/active/CVE-2023-1611 b/active/CVE-2023-1611 deleted file mode 100644 index a1f620f39..000000000 --- a/active/CVE-2023-1611 +++ /dev/null @@ -1,19 +0,0 @@ -Description: btrfs: fix race between quota disable and quota assign ioctls -References: - https://bugzilla.redhat.com/show_bug.cgi?id=2181342 - https://lore.kernel.org/linux-btrfs/35b9a70650ea947387cf352914a8774b4f7e8a6f.1679481128.git.fdmanana@suse.com/ -Notes: - bwh> It looks like this was introduced in 5.17 by commit 232796df8c14 - bwh> "btrfs: fix deadlock between quota enable and other quota - bwh> operations" which was then backported into 5.10.94. This - bwh> issue doesn't currently affect 4.19, but will do if that earlier - bwh> fix is picked alone. -Bugs: -upstream: released (6.3-rc5) [2f1a6be12ab6c8470d5776e68644726c94257c54] -6.1-upstream-stable: released (6.1.23) [a38ff2024805a30d9b96f52557c6ea0bbc31252a] -5.10-upstream-stable: released (5.10.177) [5f6347034341bf45056ca1ec3fa72040152ecf83] -4.19-upstream-stable: N/A "Vulnerability introduced later" -sid: released (6.1.25-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: released (5.10.178-1) -4.19-buster-security: N/A "Vulnerability introduced later" diff --git a/active/CVE-2023-2019 b/active/CVE-2023-2019 deleted file mode 100644 index cea0c000c..000000000 --- a/active/CVE-2023-2019 +++ /dev/null @@ -1,14 +0,0 @@ -Description: netdevsim: fib: Fix reference count leak on route deletion failure -References: - https://bugzilla.redhat.com/show_bug.cgi?id=2189137 - https://www.zerodayinitiative.com/advisories/ZDI-CAN-17811/ -Notes: -Bugs: -upstream: released (6.0-rc1) [180a6a3ee60a7cb69ed1232388460644f6a21f00] -6.1-upstream-stable: N/A "Fixed before branching point" -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (5.19.6-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-21102 b/active/CVE-2023-21102 deleted file mode 100644 index 31a6de3e0..000000000 --- a/active/CVE-2023-21102 +++ /dev/null @@ -1,16 +0,0 @@ -Description: arm64: efi: Execute runtime services from a dedicated stack -References: - https://source.android.com/docs/security/bulletin/2023-05-01 - https://android.googlesource.com/kernel/common/+/ec6fe823507b2f6ef4a58f3a9bee9a5ec086c32c%5E%21/#F2 -Notes: - bwh> Introduced in 5.14 by commit cefc7ca46235 "ACPI: PRM: implement - bwh> OperationRegion handler for the PlatformRtMechanism subtype". -Bugs: -upstream: released (6.2-rc1) [ff7a167961d1b97e0e205f245f806e564d3505e7], released (6.2-rc4) [18bba1843fc7f264f58c9345d00827d082f9c558] -6.1-upstream-stable: released (6.1.8) [f75a91c82dc805af8f718ff106ec9c090234b37b, 72b0e5faa5149f09c6a7a74e4012f29e33509bab] -5.10-upstream-stable: released (5.10.165) [4012603cbd469223f225637d265a233f034c567a, d6544bccc1967cd6a883d6abac71fc7d863e8baa] -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.1.8-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: released (5.10.178-1) -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-22998 b/active/CVE-2023-22998 deleted file mode 100644 index be85220d2..000000000 --- a/active/CVE-2023-22998 +++ /dev/null @@ -1,14 +0,0 @@ -Description: drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init -References: -Notes: - bwh> Introduced in 5.5 by commit c66df701e783 "drm/virtio: switch - bwh> from ttm to gem shmem helpers". -Bugs: -upstream: released (6.0-rc1) [c24968734abfed81c8f93dc5f44a7b7a9aecadfa, 64b88afbd92fbf434759d1896a7cf705e1c00e79] -6.1-upstream-stable: N/A "Fixed before branching point" -5.10-upstream-stable: released (5.10.171) [0a4181b23acf53e9c95b351df6a7891116b98f9b, 87c647def389354c95263d6635c62ca0de7d12ca] -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.0.3-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: released (5.10.178-1) -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-22999 b/active/CVE-2023-22999 deleted file mode 100644 index 8d0f764a9..000000000 --- a/active/CVE-2023-22999 +++ /dev/null @@ -1,14 +0,0 @@ -Description: usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe -References: -Notes: - bwh> Introduced in 5.12 by commit c25c210f590e "usb: dwc3: qcom: add - bwh> URS Host support for sdm845 ACPI boot" and backported into 5.10. -Bugs: -upstream: released (5.17-rc1) [b52fe2dbb3e655eb1483000adfab68a219549e13] -6.1-upstream-stable: N/A "Fixed before branching point" -5.10-upstream-stable: released (5.10.94) [94177fcecc35e9e9d3aecaa5813556c6b5aed7b6] -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (5.16.7-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: released (5.10.103-1) -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-23000 b/active/CVE-2023-23000 deleted file mode 100644 index 78b340f6e..000000000 --- a/active/CVE-2023-23000 +++ /dev/null @@ -1,17 +0,0 @@ -Description: phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function -References: -Notes: - bwh> This doesn't seem to have a security impact as this function is - bwh> only called during probe of a platform device. Introduced in - bwh> 4.14 by commit 1df79cb3bae7 "phy: tegra: Handle return value of - bwh> kasprintf", which itself fixed a (theoretical) null pointer - bwh> dereference. -Bugs: -upstream: released (5.17-rc1) [045a31b95509c8f25f5f04ec5e0dec5cd09f2c5f] -6.1-upstream-stable: N/A "Fixed before branching point" -5.10-upstream-stable: ignored "Not a security issue" -4.19-upstream-stable: ignored "Not a security issue" -sid: released (5.17.3-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: ignored "Not a security issue" -4.19-buster-security: ignored "Not a security issue" diff --git a/active/CVE-2023-23003 b/active/CVE-2023-23003 deleted file mode 100644 index b68c04642..000000000 --- a/active/CVE-2023-23003 +++ /dev/null @@ -1,14 +0,0 @@ -Description: perf expr: Fix missing check for return value of hashmap__new() -References: -Notes: - bwh> This is user-space code, and the result of the missing check - bwh> would be a segfault. I don't see any security impact. -Bugs: -upstream: released (5.16-rc6) [0a515a06c5ebfa46fee3ac519e418f801e718da4] -6.1-upstream-stable: N/A "Fixed before branching point" -5.10-upstream-stable: ignored "Not a security issue" -4.19-upstream-stable: ignored "Not a security issue" -sid: released (5.16.7-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: ignored "Not a security issue" -4.19-buster-security: ignored "Not a security issue" diff --git a/active/CVE-2023-23004 b/active/CVE-2023-23004 deleted file mode 100644 index 8beaf28fb..000000000 --- a/active/CVE-2023-23004 +++ /dev/null @@ -1,14 +0,0 @@ -Description: malidp: Fix NULL vs IS_ERR() checking -References: -Notes: - bwh> Introduced in 4.20 by commit 1f23a56a46b8 "drm/malidp: Enable - bwh> MMU prefetch on Mali-DP650". -Bugs: -upstream: released (5.19-rc1) [15342f930ebebcfe36f2415049736a77d7d2e045] -6.1-upstream-stable: N/A "Fixed before branching point" -5.10-upstream-stable: released (5.10.173) [a5bbea50d622b8f49ab8ee3b0eb283107febcf1a] -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (5.19.6-1) -6.1-bookworm-security: N/A "Fixed before branch point" -5.10-bullseye-security: released (5.10.178-1) -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-31085 b/active/CVE-2023-31085 deleted file mode 100644 index 8251312eb..000000000 --- a/active/CVE-2023-31085 +++ /dev/null @@ -1,17 +0,0 @@ -Description: divide error in ubi_attach_mtd_dev -References: - https://lore.kernel.org/all/CA+UBctD_w=75wChmePZHp7KsBSNPWYGDBtzHPRPPtaFoqhGvXA@mail.gmail.com/ -Notes: - bwh> I don't think this has security impact, as it requires creating - bwh> an MTD with a specific erasesize. Several drivers support that - bwh> but they all have to be configured through module parameters - bwh> or the kernel command line. -Bugs: -upstream: ignored "Not a security issue" -6.1-upstream-stable: ignored "Not a security issue" -5.10-upstream-stable: ignored "Not a security issue" -4.19-upstream-stable: ignored "Not a security issue" -sid: ignored "Not a security issue" -6.1-bookworm-security: ignored "Not a security issue" -5.10-bullseye-security: ignored "Not a security issue" -4.19-buster-security: ignored "Not a security issue" |