Retire several CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2020-06-11 09:46:30 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-06-11 09:46:30 +0200
commit: 9cd139b64b8458e7934cf2d43a83d81e9a076e0f (patch)
tree: 3db2ce2c38f26190276cb520f651cecb31556b70 /active
parent: 236bb8f35c5bf6d0962f44bc7a2aba1a433f26d0 (diff)
28 files changed, 0 insertions, 422 deletions
diff --git a/active/CVE-2015-8839 b/active/CVE-2015-8839
deleted file mode 100644
index de4c984ed..000000000
--- a/active/CVE-2015-8839
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: ext4 data corruption due to punch hole races
-References:
-Notes:
- bwh> Commit a46c68a318b0 "ext4: cleanup pagecache before swap i_data" also
- bwh> depends on this.
-Bugs:
-upstream: released (4.5-rc1) [ea3d7209ca01da209cda6f0dea8be9cc4b7a933b, 17048e8a083fec7ad841d88ef0812707fbc7e39f, 32ebffd3bbb4162da5ff88f9a35dd32d0a28ea70, 011278485ecc3cd2a3954b5d4c73101d919bf1fa]
-4.19-upstream-stable: N/A "Fixed before branch point"
-4.9-upstream-stable: N/A "Fixed before branch point"
-3.16-upstream-stable: released (3.16.83) [81a2281115c28be55d3489c3a79c84db294b722a, 5c72decb78daa9e21cf0cc4d00c1fdfa70233719, 8a76993a673d694c17cd6fd6d7d9fc323fe224d4, 6a293f46d3eaafcbc4a3316f2ac80de9b1398415]
-3.2-upstream-stable: ignored "Too much work to backport"
-sid: released (4.5.1-1)
-4.19-buster-security: N/A "Fixed before branching point"
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.84-1)
-3.2-wheezy-security: ignored "Too much work to backport"
diff --git a/active/CVE-2018-14610 b/active/CVE-2018-14610
deleted file mode 100644
index a601af7d1..000000000
--- a/active/CVE-2018-14610
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: out-of-bound access in write_extent_buffer() when mounting and operating a crafted btrfs image
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=199837
- https://patchwork.kernel.org/patch/10503415/
-Notes:
- bwh> Upstream fix depends on (at least) commit fce466eab7ac
- bwh> "btrfs: tree-checker: Verify block_group_item".
-Bugs:
-upstream: released (4.19-rc1) [514c7dca85a0bf40be984dab0b477403a6db901f]
-4.19-upstream-stable: N/A "Fixed before branch point"
-4.9-upstream-stable: released (4.9.144) [7a72f918825ddece7a4ed79583836f6f1e06e478]
-3.16-upstream-stable: released (3.16.83) [5203a4d55c2c6a0c86a0ab21bfd071d407ca95a1]
-sid: released (4.19.9-1)
-4.19-buster-security: N/A "Fixed before branching point"
-4.9-stretch-security: released (4.9.144-1)
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2018-14611 b/active/CVE-2018-14611
deleted file mode 100644
index 8d5f139ea..000000000
--- a/active/CVE-2018-14611
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: use-after-free in try_merge_free_space() when mounting a crafted btrfs image
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=199839
- https://patchwork.kernel.org/patch/10503099/
-Notes:
- bwh> Upstream fix depends on (at least) commit e06cd3dd7cea
- bwh> "Btrfs: add validadtion checks for chunk loading".
-Bugs:
-upstream: released (4.19-rc1) [315409b0098fb2651d86553f0436b70502b29bb2]
-4.19-upstream-stable: N/A "Fixed before branch point"
-4.9-upstream-stable: released (4.9.144) [3c77b07dc365a7ed2644ca0dd38e6e40a9652d57]
-3.16-upstream-stable: released (3.16.83) [cdfef40f9557b91384c392a9150bf0bb2b3802c7]
-sid: released (4.19.9-1)
-4.19-buster-security: N/A "Fixed before branching point"
-4.9-stretch-security: released (4.9.144-1)
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2018-14612 b/active/CVE-2018-14612
deleted file mode 100644
index 320744e35..000000000
--- a/active/CVE-2018-14612
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: Invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=199847
- https://patchwork.kernel.org/patch/10503403/
- https://patchwork.kernel.org/patch/10503413/
-Notes:
- carnil> For 4.18.x branch first commit landed in 4.18.8 but unsure
- carnil> what happened for the second one, resp. not yet checked if
- carnil> that applies.
-Bugs:
-upstream: released (4.19-rc1) [ba480dd4db9f1798541eb2d1c423fc95feee8d36, 7ef49515fa6727cb4b6f2f5b0ffbc5fc20a9f8c6]
-4.19-upstream-stable: N/A "Fixed before branch point"
-4.9-upstream-stable: released (4.9.144) [6f33d3d8dca8683a4df94e9944296a1a1a2a6f10, 23eb2f435a07e1e09d48ea10c4a22bc96e16fde6]
-3.16-upstream-stable: released (3.16.83) [e3f6c37c31522cc99cea96e0f0f6f536026fb058, b84f82bdb43676854de8c5196bd8738805b892ee]
-sid: released (4.18.8-1)
-4.19-buster-security: N/A "Fixed before branching point"
-4.9-stretch-security: released (4.9.144-1)
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2018-14613 b/active/CVE-2018-14613
deleted file mode 100644
index 8715fea87..000000000
--- a/active/CVE-2018-14613
+++ /dev/null
@@ -1,14 +0,0 @@
-Description: Invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=199849
- https://patchwork.kernel.org/patch/10503147/
-Notes:
-Bugs:
-upstream: released (4.19-rc1) [fce466eab7ac6baa9d2dcd88abcf945be3d4a089]
-4.19-upstream-stable: N/A "Fixed before branch point"
-4.9-upstream-stable: released (4.9.144) [058e388e42c8dc5b6ce6248990c75a0459e20197]
-3.16-upstream-stable: released (3.16.83) [df8ecef7a35de12986676edc45fd841e6d788ba8]
-sid: released (4.19.9-1)
-4.19-buster-security: N/A "Fixed before branching point"
-4.9-stretch-security: released (4.9.144-1)
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2019-19447 b/active/CVE-2019-19447
deleted file mode 100644
index 2644a296d..000000000
--- a/active/CVE-2019-19447
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c
-References:
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447
- https://bugzilla.kernel.org/show_bug.cgi?id=205433
- https://bugzilla.suse.com/show_bug.cgi?id=1158819
-Notes:
-Bugs:
-upstream: released (5.5-rc1) [c7df4a1ecb8579838ec8c56b2bb6a6716e974f37]
-4.19-upstream-stable: released (4.19.90) [8e7a865366105b978eef4108f49a12100eea4299]
-4.9-upstream-stable: released (4.9.208) [e1513b36319dff169e409979867f39eb55a9af03]
-3.16-upstream-stable: released (3.16.82) [75b201c2fdfb3cecc3eb6a1dc85b87055de642e9]
-sid: released (5.4.6-1)
-4.19-buster-security: released (4.19.98-1)
-4.9-stretch-security: released (4.9.210-1)
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2019-19768 b/active/CVE-2019-19768
deleted file mode 100644
index 81eb018eb..000000000
--- a/active/CVE-2019-19768
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: __blk_add_trace use-after-free 
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=205711
-Notes:
- bwh> Needs additional fix, commit 153031a301bb "blktrace: fix dereference
- bwh> after null check".
-Bugs:
-upstream: released (5.6-rc4) [c780e86dd48ef6467a1146cf7d0fe1e05a635039]
-4.19-upstream-stable: released (4.19.119) [473d7f5ed75b8c3750f0c6b442c8e23090d6da8f]
-4.9-upstream-stable: released (4.9.224) [284dba674c063ac5cab9ffc1ea07f7b199aeb62f]
-3.16-upstream-stable: released (3.16.83) [4398bce1bdf258f7d67bcc38c46f5fa9546448bd]
-sid: released (5.5.13-1)
-4.19-buster-security: released (4.19.118-1) [bugfix/all/blktrace-protect-q-blk_trace-with-rcu.patch]
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/blktrace-protect-q-blk_trace-with-rcu.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2019-20636 b/active/CVE-2019-20636
deleted file mode 100644
index ee0955a80..000000000
--- a/active/CVE-2019-20636
+++ /dev/null
@@ -1,12 +0,0 @@
-Description: Input: add safety guards to input_set_keycode()
-References:
-Notes:
-Bugs:
-upstream: released (5.5-rc6) [cb222aed03d798fc074be55e59d9a112338ee784]
-4.19-upstream-stable: released (4.19.96) [f5b9bfbe94a042a2e3806efa4c6e1b6ddb4292c4]
-4.9-upstream-stable: released (4.9.210) [5f27f97dfed4aa29fb95b98bf5911763bd3ef038]
-3.16-upstream-stable: released (3.16.83) [4af47d3cc875e43a523f6d3b3edef2ca785ccf27]
-sid: released (5.4.13-1)
-4.19-buster-security: released (4.19.98-1)
-4.9-stretch-security: released (4.9.210-1)
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2019-20806 b/active/CVE-2019-20806
deleted file mode 100644
index 5f50a8d9d..000000000
--- a/active/CVE-2019-20806
+++ /dev/null
@@ -1,12 +0,0 @@
-Description: media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
-References:
-Notes:
-Bugs:
-upstream: released (5.2-rc1) [2e7682ebfc750177a4944eeb56e97a3f05734528]
-4.19-upstream-stable: released (4.19.99) [30fd5b16c9081afebe74d4d614fe582ff84ef6b2]
-4.9-upstream-stable: released (4.9.212) [e4188ad85032f130b84702d39755840afec4b9b4]
-3.16-upstream-stable: N/A "Vulnerable code introduced later"
-sid: released (5.2.6-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/media-tw5864-fix-possible-null-pointer-dereference-i.patch]
-3.16-jessie-security: N/A "Vulnerable code introduced later"
diff --git a/active/CVE-2019-20812 b/active/CVE-2019-20812
deleted file mode 100644
index b79695a30..000000000
--- a/active/CVE-2019-20812
+++ /dev/null
@@ -1,12 +0,0 @@
-Description: af_packet: set defaule value for tmo
-References:
-Notes:
-Bugs:
-upstream: released (5.5-rc3) [b43d1f9f7067c6759b1051e8ecb84e82cef569fe]
-4.19-upstream-stable: released (4.19.92) [e99af2cb552e3fe1ec6157fc15856a89a6388886]
-4.9-upstream-stable: released (4.9.208) [43c0e119316896fb895f0d059734e4ada480eb71]
-3.16-upstream-stable: released (3.16.83) [8c1a8e6dba6a09d65ec7eef54ac13e36b7be9536]
-sid: released (5.4.8-1)
-4.19-buster-security: released (4.19.98-1)
-4.9-stretch-security: released (4.9.210-1)
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2019-2182 b/active/CVE-2019-2182
deleted file mode 100644
index eb169568c..000000000
--- a/active/CVE-2019-2182
+++ /dev/null
@@ -1,15 +0,0 @@
-Description: arm64: Enforce BBM for huge IO/VMAP mappings
-References:
- https://source.android.com/security/bulletin/pixel/2019-09-01
-Notes:
- carnil> Commit fixes 324420bf91f6 ("arm64: add support for ioremap()
- carnil> block mappings") which is in 4.6-rc1.
-Bugs:
-upstream: released (4.16-rc3) [15122ee2c515a253b0c66a3e618bc7ebe35105eb]
-4.19-upstream-stable: N/A "Fixed before branching point"
-4.9-upstream-stable: released (4.9.211) [4f45a0a170355546cc47ba7bbf3973fe187d05cf]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.16.5-1)
-4.19-buster-security: N/A "Fixed before branching point"
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/arm64/arm64-enforce-bbm-for-huge-io-vmap-mappings.patch]
-3.16-jessie-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2019-3016 b/active/CVE-2019-3016
deleted file mode 100644
index 1804b677d..000000000
--- a/active/CVE-2019-3016
+++ /dev/null
@@ -1,22 +0,0 @@
-Description: information leak within a KVM guest
-References:
- https://www.openwall.com/lists/oss-security/2020/01/30/4
-Notes:
- carnil> Issue present since 0b9f6c4615c99 ("x86/kvm: Support the vCPU
- carnil> preemption check") in 4.10-rc1. But might need double-check.
- carnil> Fixed as well in 5.4.19. For 4.19.103 only one commit was
- carnil> backported, is this already sufficient?
- bwh> I think it was introduced by 858a43aae236 ("KVM: X86: use
- bwh> paravirtualized TLB Shootdown", as that introduced the second
- bwh> flag in kvm_steal_time::preempted which is being cleared.
- bwh> I believe the additional fixes *are* needed for 4.19.
- carnil> The additional commits were added for 4.19.x in 4.19.119.
-Bugs:
-upstream: released (5.6-rc1) [8c6de56a42e0c657955e12b882a81ef07d1d073e, 1eff70a9abd46f175defafd29bc17ad456f398a7, 917248144db5d7320655dbb41d3af0b8a0f3d589, b043138246a41064527cf019a3d51d9f015e9796, a6bd811f1209fe1c64c9f6fd578101d6436c6b6e]
-4.19-upstream-stable: released (4.19.119) [25a7898937f4a9f32ca2d1e9b7f5f07176af8037, e36d68ec5090599058650152547d4a58ef3d79a0, ccfc73e56da7c8e68ab6a543c5b8cd0b83c9e9bb, b5b79c757e6f22f17d8ddf2979abb7bf231bb327, c434092ef8172ed027f2bd9afcd42c0ee5002b85]
-4.9-upstream-stable: N/A "Vulnerability introduced later"
-3.16-upstream-stable: N/A "Vulnerability introduced later"
-sid: released (5.4.19-1)
-4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/x86/x86-kvm-Introduce-kvm_-un-map_gfn.patch, bugfix/x86/x86-kvm-Cache-gfn-to-pfn-translation.patch, bugfix/x86/x86-KVM-Make-sure-KVM_VCPU_FLUSH_TLB-flag-is-not-mis.patch, bugfix/x86/x86-KVM-Clean-up-host-s-steal-time-structure.patch]
-4.9-stretch-security: N/A "Vulnerability introduced later"
-3.16-jessie-security: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2019-5108 b/active/CVE-2019-5108
deleted file mode 100644
index 5145999c1..000000000
--- a/active/CVE-2019-5108
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: CAM table denial-of-service vulnerability
-References:
- https://talosintelligence.com/vulnerability_reports/TALOS-2019-0900
-Notes:
- carnil> The Cisco TALOS report talks about "prior to mainline 5.3" but
- carnil> unclear yet (to me) where the issue has been fixed or if that
- carnil> only reflects the state when the advisory was written.
-Bugs:
-upstream: released (5.3) [3e493173b7841259a08c5c8e5cbe90adb349da7e]
-4.19-upstream-stable: released (4.19.97) [8f483142b0bb278f67eabccbe3d6a0e8c45284ad]
-4.9-upstream-stable: released (4.9.211) [ca60f42d7965af9f22392caa4074ab0f58c7e1fe]
-3.16-upstream-stable: released (3.16.83) [93864704f211e55eddec0c03ca300b1cf6414d8c]
-sid: released (5.3.7-1)
-4.19-buster-security: released (4.19.98-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/mac80211-do-not-send-layer-2-update-frame-before-aut.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-10711 b/active/CVE-2020-10711
deleted file mode 100644
index 5006f45e2..000000000
--- a/active/CVE-2020-10711
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: NetLabel: null pointer dereference while receiving CIPSO packet with null category
-References:
- https://www.openwall.com/lists/oss-security/2020/05/12/2
- https://lore.kernel.org/netdev/07d99ae197bfdb2964931201db67b6cd0b38db5b.1589276729.git.pabeni@redhat.com/
-Notes:
- carnil> Introduced in 4b8feff251da ("netlabel: fix the horribly broken
- carnil> catmap functions") in 3.17-rc1 and ceba1832b1b2 ("calipso: Set
- carnil> the calipso socket label to match the secattr.") in 4.8. We
- carnil> enabled furthermore CONFIG_NETLABEL only starting in 5.6.7-1.
-Bugs:
-upstream: released (5.7-rc6) [eead1c2ea2509fd754c6da893a94f0e69e83ebe4]
-4.19-upstream-stable: released (4.19.124) [caf6c20c6421ca687751d27b96c8021c655e56e6]
-4.9-upstream-stable: released (4.9.224) [9232577ef3e10775eefe7f2689cbf851c8b13d80]
-3.16-upstream-stable: N/A "Vulnerability introduced later"
-sid: released (5.6.14-1)
-4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/netlabel-cope-with-NULL-catmap.patch]
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/netlabel-cope-with-NULL-catmap.patch]
-3.16-jessie-security: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2020-10942 b/active/CVE-2020-10942
deleted file mode 100644
index e25bad698..000000000
--- a/active/CVE-2020-10942
+++ /dev/null
@@ -1,13 +0,0 @@
-Description: vhost: Check docket sk_family instead of call getname
-References:
- https://lkml.org/lkml/2020/2/15/125
-Notes:
-Bugs:
-upstream: released (5.6-rc4) [42d84c8490f9f0931786f1623191fcab397c3d64]
-4.19-upstream-stable: released (4.19.108) [ad598a48fe61c6c2407f08a807cb7a2ea83386b3]
-4.9-upstream-stable: released (4.9.216) [7f574e92e4474f1b33425c4ee9ba48cd4fbe7d75]
-3.16-upstream-stable: released (3.16.83) [e4d98e5299b19e1caad03f0b38fd41b046d0de56]
-sid: released (5.5.13-1)
-4.19-buster-security: released (4.19.98-1+deb10u1) [bugfix/all/vhost-Check-docket-sk_family-instead-of-call-getname.patch]
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/vhost-check-docket-sk_family-instead-of-call-getname.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-11494 b/active/CVE-2020-11494
deleted file mode 100644
index 4cb5b5e7c..000000000
--- a/active/CVE-2020-11494
+++ /dev/null
@@ -1,13 +0,0 @@
-Description: slcan: Don't transmit uninitialized stack data in padding 
-References:
- https://lore.kernel.org/netdev/20200401100639.20199-1-rpalethorpe@suse.com/
-Notes:
-Bugs:
-upstream: released (5.7-rc1) [b9258a2cece4ec1f020715fe3554bc2e360f6264]
-4.19-upstream-stable: released (4.19.115) [b774578329afb238ccd504477731129aa15e9ec2]
-4.9-upstream-stable: released (4.9.219) [925c631e84d77a72188101258878ac58a646d540]
-3.16-upstream-stable: released (3.16.83) [08fadc32ce6239dc75fd5e869590e29bc62bbc28]
-sid: released (5.5.17-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/slcan-don-t-transmit-uninitialized-stack-data-in-pad.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-11565 b/active/CVE-2020-11565
deleted file mode 100644
index a7a5197cb..000000000
--- a/active/CVE-2020-11565
+++ /dev/null
@@ -1,12 +0,0 @@
-Description: mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
-References:
-Notes:
-Bugs:
-upstream: released (5.7-rc1) [aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd]
-4.19-upstream-stable: released (4.19.115) [fa138035f104ae14651ee3217d81fc16cd3aba4d]
-4.9-upstream-stable: released (4.9.219) [c5544e72014cdb0a739f6971fb3dd4fb641b392c]
-3.16-upstream-stable: released (3.16.83) [7ca9aeb9a22b50841c401164703c5b0a4a510aff]
-sid: released (5.5.17-1)
-4.19-buster-security: released (4.19.98-1+deb10u1) [bugfix/all/mm-mempolicy-require-at-least-one-nodeid-for-MPOL_PR.patch]
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/mm-mempolicy-require-at-least-one-nodeid-for-mpol_pr.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-11608 b/active/CVE-2020-11608
deleted file mode 100644
index 08da60062..000000000
--- a/active/CVE-2020-11608
+++ /dev/null
@@ -1,12 +0,0 @@
-Description: media: ov519: add missing endpoint sanity checks
-References:
-Notes:
-Bugs:
-upstream: released (5.7-rc1) [998912346c0da53a6dbb71fab3a138586b596b30]
-4.19-upstream-stable: released (4.19.114) [747a7431661ab3c22ad1e721558bdf9e3d53d4a6]
-4.9-upstream-stable: released (4.9.218) [03e73c3ef017580482d8e4de2db2bac9505facca]
-3.16-upstream-stable: released (3.16.83) [39a4c51860e9695369b640962be4eb6984175384]
-sid: released (5.5.17-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/media-ov519-add-missing-endpoint-sanity-checks.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-11609 b/active/CVE-2020-11609
deleted file mode 100644
index 4aa1aa547..000000000
--- a/active/CVE-2020-11609
+++ /dev/null
@@ -1,12 +0,0 @@
-Description: media: stv06xx: add missing descriptor sanity checks
-References:
-Notes:
-Bugs:
-upstream: released (5.7-rc1) [485b06aadb933190f4bc44e006076bc27a23f205]
-4.19-upstream-stable: released (4.19.114) [70764334b2bcb15c67dfbd912d9a9f7076f6d0df]
-4.9-upstream-stable: released (4.9.218) [be6fdd999bcc66cbfde80efbdc16cfd8a3290e38]
-3.16-upstream-stable: released (3.16.83) [98d33c0103b16e64a6a4788cf81e22baf229f48e]
-sid: released (5.5.17-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/media-stv06xx-add-missing-descriptor-sanity-checks.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-11668 b/active/CVE-2020-11668
deleted file mode 100644
index 84f7bf253..000000000
--- a/active/CVE-2020-11668
+++ /dev/null
@@ -1,12 +0,0 @@
-Description: media: xirlink_cit: add missing descriptor sanity checks
-References:
-Notes:
-Bugs:
-upstream: released (5.7-rc1) [a246b4d547708f33ff4d4b9a7a5dbac741dc89d8]
-4.19-upstream-stable: released (4.19.114) [5d064d7f0327d9425c5f63fa96efc70a74032d8b]
-4.9-upstream-stable: released (4.9.218) [8f08a2bb2199a4511bea29e9a130b449f8c1a581]
-3.16-upstream-stable: released (3.16.83) [9e236e2465ff5858bed537b94b15134e3ba55e75]
-sid: released (5.5.17-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/media-xirlink_cit-add-missing-descriptor-sanity-chec.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-12114 b/active/CVE-2020-12114
deleted file mode 100644
index f8fb919f8..000000000
--- a/active/CVE-2020-12114
+++ /dev/null
@@ -1,23 +0,0 @@
-Description: fs/namespace.c: fix mountpoint reference counter race
-References:
- https://www.openwall.com/lists/oss-security/2020/05/04/2
-Notes:
- carnil> According to the commit message this race condition between
- carnil> threads updating mountpoint reference counter affects longterm
- carnil> releases 4.4.220, 4.9.220, 4.14.177 and 4.19.118. and got fixed
- carnil> in 4.4.221, 4.9.221, 4.14.178 and 4.19.119. This was fixed
- carnil> upstream along with 4edbe133f851 ("make struct mountpoint bear
- carnil> the dentry reference to mountpoint, not struct mount") in
- carnil> 5.3-rc1. Similar issue (but not covered by the CVE) is adressed
- carnil> in b0d3869ce9ee ("propagate_one(): mnt_set_mountpoint() needs
- carnil> mount_lock"). This was adressed as well in 4.4.221, 4.9.221,
- carnil> 4.14.178 and 4.19.120. Additionally in 5.4.37 and 5.6.9.
-Bugs:
-upstream: released (5.3-rc1) [4edbe133f851c9e3a2f2a1db367e826b01e72594]
-4.19-upstream-stable: released (4.19.119) [f511dc75d22e0c000fc70b54f670c2c17f5fba9a]
-4.9-upstream-stable: released (4.9.221) [91e997939dda1a866f23ddfb043dcd4a3ff57524]
-3.16-upstream-stable: released (3.16.84) [172f22d527862eb5aa9dd767826f5d68562943db]
-sid: released (5.3.7-1)
-4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/fs-namespace.c-fix-mountpoint-reference-counter-race.patch]
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/fs-namespace.c-fix-mountpoint-reference-counter-race.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-12768 b/active/CVE-2020-12768
deleted file mode 100644
index 892d0fc5e..000000000
--- a/active/CVE-2020-12768
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: KVM: SVM: Fix potential memory leak in svm_cpu_init()
-References:
- https://bugzilla.suse.com/show_bug.cgi?id=1171736#c3
-Notes:
- carnil> One-time leak at boot, so has at most a negligible security
- carnil> impact at all.
- bwh> Introduced in 4.16 by commit 70cd94e60c73 "KVM: SVM: VMRUN should
- bwh> use associated ASID when SEV is enabled"
-Bugs:
-upstream: released (5.6-rc4) [d80b64ff297e40c2b6f7d7abc1b3eba70d22a068]
-4.19-upstream-stable: released (4.19.125) [008708152ebb229c29e065135599984fa9c4a51c]
-4.9-upstream-stable: N/A "Vulnerability introduced later"
-3.16-upstream-stable: N/A "Vulnerability introduced later"
-sid: released (5.6.7-1)
-4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/x86/kvm-svm-fix-potential-memory-leak-in-svm_cpu_init.patch]
-4.9-stretch-security: N/A "Vulnerability introduced later"
-3.16-jessie-security: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2020-2732 b/active/CVE-2020-2732
deleted file mode 100644
index 4d7e9af82..000000000
--- a/active/CVE-2020-2732
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1805135
- https://www.spinics.net/lists/kvm/msg208259.html
- https://lore.kernel.org/stable/20200304085113.GA1419475@kroah.com/
-Notes:
- carnil> Only the patch which was Cc'ed to stable@vger.kernel.org is
- carnil> strictly needed to adress the CVE, see
- carnil> https://lore.kernel.org/stable/20200304085113.GA1419475@kroah.com/
-Bugs:
-upstream: released (5.6-rc4) [07721feee46b4b248402133228235318199b05ec, 35a571346a94fb93b5b3b6a599675ef3384bc75c, e71237d3ff1abf9f3388337cfebf53b96df2020d]
-4.19-upstream-stable: released (4.19.107) [ed9e97c35b454ceb1da4f65c318015a7ab298dae, 85dd0eb771e8cef7839dbd4cb61acde0b86ecd9e, e5c0857bd5ccf34d93b5b1ea858ab3d81a685b08]
-4.9-upstream-stable: released (4.9.215) [86dc39e580d8e3ffa42c8157d3e28249fd9a12c5, f3e0dfb310e6a6f0190dbb3d6b337513b548507b, 35523a2d9918e36ad4fa6c9c0176279d7c1f4291]
-3.16-upstream-stable: released (3.16.83) [5d7476c40cd352ec82aec26f6c6d8c413eb2b17b]
-sid: released (5.5.13-1)
-4.19-buster-security: released (4.19.98-1+deb10u1) [bugfix/x86/KVM-nVMX-Don-t-emulate-instructions-in-guest-mode.patch]
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/x86/kvm-nvmx-don-t-emulate-instructions-in-guest-mode.patch, bugfix/x86/kvm-nvmx-refactor-io-bitmap-checks-into-helper-funct.patch, bugfix/x86/kvm-nvmx-check-io-instruction-vm-exit-conditions.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-8428 b/active/CVE-2020-8428
deleted file mode 100644
index f279f37c4..000000000
--- a/active/CVE-2020-8428
+++ /dev/null
@@ -1,21 +0,0 @@
-Description: user-triggerable read-after-free crash or 1-bit infoleak oracle in open(2)
-References:
- https://www.openwall.com/lists/oss-security/2020/01/28/2
-Notes:
- carnil> The issue go introduced with 30aba6656f61 ("namei: allow
- carnil> restricted O_CREAT of FIFOs and regular files") in 4.19-rc1
- carnil> which got backported to 4.4.166, 4.9.142 and 4.14.85.
- carnil> Needs a regression update:
- carnil> https://lore.kernel.org/lkml/20200201162645.GJ23230@ZenIV.linux.org.uk/
- carnil> which is applied in mainline as 6404674acd59 ("vfs: fix
- carnil> do_last() regression"). See:
- carnil> https://syzkaller.appspot.com/bug?extid=190005201ced78a74ad6
-Bugs:
-upstream: released (5.5) [d0cb50185ae942b03c4327be322055d622dc79f6]
-4.19-upstream-stable: released (4.19.100) [752f72edea55f9b7c6fd019e71365def13a0f2b6]
-4.9-upstream-stable: released (4.9.212) [51772996274874a6bccda05b827f92582ce7b565]
-3.16-upstream-stable: N/A "Vulnerable code introduced later with 30aba6656f61"
-sid: released (5.4.19-1)
-4.19-buster-security: released (4.19.98-1+deb10u1) [bugfix/all/do_last-fetch-directory-i_mode-and-i_uid-before-it-s.patch]
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/do_last-fetch-directory-i_mode-and-i_uid-before-it-s.patch]
-3.16-jessie-security: N/A "Vulnerable code introduced later"
diff --git a/active/CVE-2020-8647 b/active/CVE-2020-8647
deleted file mode 100644
index b84d5494c..000000000
--- a/active/CVE-2020-8647
+++ /dev/null
@@ -1,13 +0,0 @@
-Description: vc_do_resize use-after-free
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=206359
-Notes:
-Bugs:
-upstream: released (5.6-rc5) [513dc792d6060d5ef572e43852683097a8420f56]
-4.19-upstream-stable: released (4.19.109) [7abe1e0a874418b07524c9e07225df1cbb421ce9]
-4.9-upstream-stable: released (4.9.216) 1f04adb4d691ed703b1fbc55d99f622b96cedecc]
-3.16-upstream-stable: released (3.16.83) [bca2e2e83484ff63ca82c9c2c905d4e580f1a35a]
-sid: released (5.5.13-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/vgacon-fix-a-uaf-in-vgacon_invert_region.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-8648 b/active/CVE-2020-8648
deleted file mode 100644
index 67eb1a7ba..000000000
--- a/active/CVE-2020-8648
+++ /dev/null
@@ -1,14 +0,0 @@
-Description: n_tty_receive_buf_common use-after-free
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=206361
- https://lore.kernel.org/lkml/20200210081131.23572-2-jslaby@suse.cz/
-Notes:
-Bugs:
-upstream: released (5.6-rc3) [07e6124a1a46b4b5a9b3cacc0c306b50da87abf5, 4b70dd57a15d2f4685ac6e38056bad93e81e982f, 07e6124a1a46b4b5a9b3cacc0c306b50da87abf5]
-4.19-upstream-stable: released (4.19.109) [31559b59040fc0e6ad363642112d4eb03ad4ebb7, efaef8463e1a9c20aa19c3de2b2d19f885e0315e, b4492f1e7456bd162714c0ec2815c2749d930844]
-4.9-upstream-stable: released (4.9.216) [290a9381ccc16131c6ccc19940589141985db6b1, ccd35863147dd447110b726a0d4911ab686aade9, e5be0e24ffc7f5783a3864b5b958088ed15be9e8]
-3.16-upstream-stable: released (3.16.83) [a93c3b40fc3d2264b1b11c469319c7cbefb80c46, f443603c73b85db566373875ca8890ef0910f083, a93c3b40fc3d2264b1b11c469319c7cbefb80c46]
-sid: released (5.5.13-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/vt-selection-close-sel_buffer-race.patch, bugfix/all/vt-selection-push-console-lock-down.patch, bugfix/all/vt-selection-push-sel_lock-up.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-8649 b/active/CVE-2020-8649
deleted file mode 100644
index b67bac593..000000000
--- a/active/CVE-2020-8649
+++ /dev/null
@@ -1,13 +0,0 @@
-Description: vgacon_invert_region use-after-free
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=206357
-Notes:
-Bugs:
-upstream: released (5.6-rc5) [513dc792d6060d5ef572e43852683097a8420f56]
-4.19-upstream-stable: released (4.19.109) [7abe1e0a874418b07524c9e07225df1cbb421ce9]
-4.9-upstream-stable: released (4.9.216) [1f04adb4d691ed703b1fbc55d99f622b96cedecc]
-3.16-upstream-stable: released (3.16.83) [bca2e2e83484ff63ca82c9c2c905d4e580f1a35a]
-sid: released (5.5.13-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/vgacon-fix-a-uaf-in-vgacon_invert_region.patch]
-3.16-jessie-security: released (3.16.84-1)
diff --git a/active/CVE-2020-9383 b/active/CVE-2020-9383
deleted file mode 100644
index 450437b72..000000000
--- a/active/CVE-2020-9383
+++ /dev/null
@@ -1,12 +0,0 @@
-Description: floppy: check FDC index for errors before assigning it
-References:
-Notes:
-Bugs:
-upstream: released (5.6-rc4) [2e90ca68b0d2f5548804f22f0dd61145516171e3]
-4.19-upstream-stable: released (4.19.107) [c8fd87c53a1509162b910cec91c0c46753c58f9a]
-4.9-upstream-stable: released (4.9.215) [5fbaa66c2a51c2260add842bd12cbc79715c5249]
-3.16-upstream-stable: released (3.16.83) [2f9ac30a54dc0181ddac3705cdcf4775d863c530]
-sid: released (5.5.13-1)
-4.19-buster-security: released (4.19.118-1)
-4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/floppy-check-fdc-index-for-errors-before-assigning-i.patch]
-3.16-jessie-security: released (3.16.84-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-06-11 09:46:30 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-06-11 09:46:30 +0200
commit	9cd139b64b8458e7934cf2d43a83d81e9a076e0f (patch)
tree	3db2ce2c38f26190276cb520f651cecb31556b70 /active
parent	236bb8f35c5bf6d0962f44bc7a2aba1a433f26d0 (diff)