Fill in status for many issues

author: Ben Hutchings <ben@decadent.org.uk> 2021-05-20 23:15:00 +0200
committer: Ben Hutchings <ben@decadent.org.uk> 2021-05-20 23:15:06 +0200
commit: ae52bea6c6c5a3d20620fb5839f2ad37280073c7 (patch)
tree: 024ec1d4b7e773e31b37ecc9557921acc0e0d0d9 /active
parent: 34855f84ee7bf9470b1c3c7bce3d04233d366fde (diff)
15 files changed, 61 insertions, 43 deletions
diff --git a/active/CVE-2020-24504 b/active/CVE-2020-24504
index d1d56ccde..206c05256 100644
--- a/active/CVE-2020-24504
+++ b/active/CVE-2020-24504
@@ -1,13 +1,13 @@
-Description:
+Description: Local denial of service in ice driver through VF
 References:
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html
 Notes:
  jmm> Commit confirmed by upstream in https://bugzilla.suse.com/show_bug.cgi?id=1182404#c6
 Bugs:
 upstream: released (5.12-rc1) [b126bd6bcd6710aa984104e979a5c930f44561b4]
-5.10-upstream-stable:
-4.19-upstream-stable:
-4.9-upstream-stable:
-sid:
-4.19-buster-security:
-4.9-stretch-security:
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+4.19-buster-security: needed
+4.9-stretch-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2020-25670 b/active/CVE-2020-25670
index 9cb41b8d4..e8bf5e15c 100644
--- a/active/CVE-2020-25670
+++ b/active/CVE-2020-25670
@@ -2,7 +2,8 @@ Description: refcount leak in llcp_sock_bind()
 References:
  https://www.openwall.com/lists/oss-security/2020/11/01/1
 Notes:
- bwh> Not sure how far back this goes, but 4.9 seems to have the issue
+ bwh> Not sure how far back this goes, but 4.9 seems to have the issue.
+ bwh> Fix for this introduced CVE-2021-23134.
 Bugs:
 upstream: released (5.12-rc7) [c33b1cc62ac05c1dbb1cdafe2eb66da01c76ca8d]
 5.10-upstream-stable: released (5.10.30) [6fb003e5ae18d8cda4c8a1175d9dd8db12bec049]
diff --git a/active/CVE-2020-25671 b/active/CVE-2020-25671
index 437ef78fc..9885d47fc 100644
--- a/active/CVE-2020-25671
+++ b/active/CVE-2020-25671
@@ -3,6 +3,7 @@ References:
  https://www.openwall.com/lists/oss-security/2020/11/01/1
 Notes:
  bwh> Not sure how far back this goes, but 4.9 seems to have the issue
+ bwh> Fix for this introduced CVE-2021-23134.
 Bugs:
 upstream: released (5.12-rc7) [8a4cd82d62b5ec7e5482333a72b58a4eea4979f0]
 5.10-upstream-stable: released (5.10.30) [99b596199e8402055c425ac6abd3b8c3fc047034]
diff --git a/active/CVE-2020-36310 b/active/CVE-2020-36310
index 5129a2416..ac93a9f0a 100644
--- a/active/CVE-2020-36310
+++ b/active/CVE-2020-36310
@@ -1,11 +1,13 @@
 Description: KVM: SVM: avoid infinite loop on NPF from bad address
 References:
 Notes:
+ bwh> Appears to have been introduced in 4.17 by commit 00b10fe1046c
+ bwh> "KVM: X86: Restart the guest when insn_len is zero and SEV is enabled".
 Bugs:
 upstream: released (5.8-rc1) [e72436bc3a5206f95bb384e741154166ddb3202e]
 5.10-upstream-stable: N/A "Fixed before branching point"
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: needed
+4.9-upstream-stable: N/A "Vulnerability introduced later"
 sid: released (5.8.7-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2020-36311 b/active/CVE-2020-36311
index 8ec7f9004..9ee7e3453 100644
--- a/active/CVE-2020-36311
+++ b/active/CVE-2020-36311
@@ -1,11 +1,13 @@
 Description: KVM: SVM: Periodically schedule when unregistering regions on destroy
 References:
 Notes:
+ bwh> Appears to have been introduced in 4.16 by commit 1e80fdc09d12
+ bwh> "KVM: SVM: Pin guest memory when SEV is active".
 Bugs:
 upstream: released (5.9-rc5) [7be74942f184fdfba34ddd19a0d995deb34d4a03]
 5.10-upstream-stable: N/A "Fixed before branching point"
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: needed
+4.9-upstream-stable: N/A "Vulnerable code not present"
 sid: released (5.9.1-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2020-36313 b/active/CVE-2020-36313
index 4e317da27..ec4890254 100644
--- a/active/CVE-2020-36313
+++ b/active/CVE-2020-36313
@@ -1,6 +1,8 @@
 Description: KVM: Fix out of range accesses to memslots
 References:
 Notes:
+ bwh> The upstream commit claims to fix a commit that also landed in
+ bwh> 5.7-rc1.  So were there really any vulnerable versions?
 Bugs:
 upstream: released (5.7-rc1) [0774a964ef561b7170d8d1b1bfe6f88002b6d219]
 5.10-upstream-stable: N/A "Fixed before branching point"
diff --git a/active/CVE-2020-36322 b/active/CVE-2020-36322
index d84506352..89d83f743 100644
--- a/active/CVE-2020-36322
+++ b/active/CVE-2020-36322
@@ -3,11 +3,13 @@ References:
 Notes:
  carnil> Note that this CVE relates as well to CVE-2021-28950, which is
  carnil> assigned because of an initial incomplete fix for this CVE.
+ bwh> Commit message says this bug has been present since the
+ bwh> introduction of fuse.
 Bugs:
 upstream: released (5.11-rc1) [5d069dbe8aaf2a197142558b6fb2978189ba3454]
 5.10-upstream-stable: released (5.10.6) [36cf9ae54b0ead0daab7701a994de3dcd9ef605d]
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: needed
+4.9-upstream-stable: needed
 sid: released (5.10.9-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: needed
diff --git a/active/CVE-2021-23134 b/active/CVE-2021-23134
index 0f9f57cc6..5dada693a 100644
--- a/active/CVE-2021-23134
+++ b/active/CVE-2021-23134
@@ -2,11 +2,12 @@ Description: net/nfc: fix use-after-free llcp_sock_bind/connect
 References:
  https://www.openwall.com/lists/oss-security/2021/05/11/4
 Notes:
+ bwh> Intrdouced by fixes for CVE-2020-25670, CVE-2020-25671.
 Bugs:
 upstream: released (5.13-rc1) [c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6]
 5.10-upstream-stable: released (5.10.37) [6b7021ed36dabf29e56842e3408781cd3b82ef6e]
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: needed
+4.9-upstream-stable: needed
 sid: released (5.10.38-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: needed
diff --git a/active/CVE-2021-29647 b/active/CVE-2021-29647
index e39945cbd..195c0624a 100644
--- a/active/CVE-2021-29647
+++ b/active/CVE-2021-29647
@@ -1,6 +1,7 @@
 Description: net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()
 References:
 Notes:
+ bwh> qrtr protocol is not enabled in any Debian config.
 Bugs:
 upstream: released (5.12-rc5) [50535249f624d0072cd885bcdce4e4b6fb770160]
 5.10-upstream-stable: released (5.10.27) [fce6fb90218935f7319265459484b3762c80d0a8]
diff --git a/active/CVE-2021-31829 b/active/CVE-2021-31829
index b15c3fa11..25eb7104c 100644
--- a/active/CVE-2021-31829
+++ b/active/CVE-2021-31829
@@ -4,11 +4,12 @@ References:
  https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=b9b34ddbe2076ade359cd5ce7537d5ed019e9807
  https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=801c6058d14a82179a7ee17a4b532cac6fad067f
 Notes:
+ bwh> Introduced by fix for CVE-2019-7308.
 Bugs:
 upstream: released (5.13-rc1) [b9b34ddbe2076ade359cd5ce7537d5ed019e9807, 801c6058d14a82179a7ee17a4b532cac6fad067f]
 5.10-upstream-stable: released (5.10.35) [2cfa537674cd1051a3b8111536d77d0558f33d5d, 2fa15d61e4cbaaa1d1250e67b251ff96952fa614]
 4.19-upstream-stable: released (4.19.190) [0e2dfdc74a7f4036127356d42ea59388f153f42c]
-4.9-upstream-stable:
+4.9-upstream-stable: N/A "Vulnerable code not present"
 sid: released (5.10.38-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-31916 b/active/CVE-2021-31916
index 7978a67e4..0a6433931 100644
--- a/active/CVE-2021-31916
+++ b/active/CVE-2021-31916
@@ -2,11 +2,12 @@ Description: dm ioctl: fix out of bounds array access when no devices
 References:
  https://www.openwall.com/lists/oss-security/2021/03/28/1
 Notes:
+ bwh> Appears to have been introduced before 4.9.
 Bugs:
 upstream: released (5.12-rc5) [4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a]
 5.10-upstream-stable: released (5.10.27) [921aae17bb0f02181fa05cf5580ebc855fdbd74d]
 4.19-upstream-stable: released (4.19.184) [76aa61c55279fdaa8d428236ba8834edf313b372]
-4.9-upstream-stable:
+4.9-upstream-stable: needed
 sid: released (5.10.28-1)
 4.19-buster-security: needed
-4.9-stretch-security:
+4.9-stretch-security: needed
diff --git a/active/CVE-2021-33034 b/active/CVE-2021-33034
index 5f4ea54d4..a8cd5ad1c 100644
--- a/active/CVE-2021-33034
+++ b/active/CVE-2021-33034
@@ -3,11 +3,12 @@ References:
  https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-hci_send_acl
  https://syzkaller.appspot.com/bug?id=2e1943a94647f7732dd6fc60368642d6e8dc91b1
 Notes:
+ bwh: Appears to have been introduced before 4.9.
 Bugs:
 upstream: released (5.13-rc1) [5c4c8c9544099bb9043a10a5318130a943e32fc3]
 5.10-upstream-stable: released (5.10.37) [1d7bd87a2c8d264ca3e5c9ba6f3eafc23e994028]
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: needed
+4.9-upstream-stable: needed
 sid: released (5.10.38-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: needed
diff --git a/active/CVE-2021-3493 b/active/CVE-2021-3493
index 441554552..9cbc79c78 100644
--- a/active/CVE-2021-3493
+++ b/active/CVE-2021-3493
@@ -12,7 +12,7 @@ Bugs:
 upstream: released (5.11-rc1) [7c03e2cda4a584cadc398e8f6641ca9988a39d52]
 5.10-upstream-stable: needed
 4.19-upstream-stable: needed
-4.9-upstream-stable:
+4.9-upstream-stable: N/A "Unprivileged users cannot mount overlayfs"
 sid: released (5.10.38-1)
 4.19-buster-security: needed
-4.9-stretch-security:
+4.9-stretch-security: N/A "Unprivileged users cannot mount overlayfs"
diff --git a/active/CVE-2021-3501 b/active/CVE-2021-3501
index 04f1fa308..992f7127c 100644
--- a/active/CVE-2021-3501
+++ b/active/CVE-2021-3501
@@ -5,11 +5,13 @@ Notes:
  carnil> KVM_EXIT information") introduced in 5.9-rc1, so need check if
  carnil> the vulnerability itself still would be present in earlier
  carnil> versions.
+ bwh> I have checked that internal.ndata was not used this way in earlier
+ bwh> versions.
 Bugs:
 upstream: released (5.12-rc8) [04c4f2ee3f68c9a4bf1653d15f1a9a435ae33f7a]
 5.10-upstream-stable: released (5.10.32) [7f64753835a78c7d2cc2932a5808ef3b7fd4c050]
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: N/A "Vulnerability introduced later"
+4.9-upstream-stable: N/A "Vulnerability introduced later"
 sid: released (5.10.38-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: N/A "Vulnerability introduced later"
+4.9-stretch-security: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2021-3506 b/active/CVE-2021-3506
index 29d8259f8..75e631bf2 100644
--- a/active/CVE-2021-3506
+++ b/active/CVE-2021-3506
@@ -4,11 +4,12 @@ References:
  https://bugzilla.redhat.com/show_bug.cgi?id=1944298
  https://lore.kernel.org/lkml/20210322114730.71103-1-yuchao0@huawei.com/
 Notes:
+ bwh> Appears to have been introduced before 4.9.
 Bugs:
 upstream: released (5.13-rc1) [b862676e371715456c9dade7990c8004996d0d9e]
 5.10-upstream-stable: released (5.10.36) [9aa4602237d535b83c579eb752e8fc1c3e7e7055]
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: needed
+4.9-upstream-stable: needed
 sid: released (5.10.38-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: ignored "f2fs is not supportable"
author	Ben Hutchings <ben@decadent.org.uk>	2021-05-20 23:15:00 +0200
committer	Ben Hutchings <ben@decadent.org.uk>	2021-05-20 23:15:06 +0200
commit	ae52bea6c6c5a3d20620fb5839f2ad37280073c7 (patch)
tree	024ec1d4b7e773e31b37ecc9557921acc0e0d0d9 /active
parent	34855f84ee7bf9470b1c3c7bce3d04233d366fde (diff)