Retire everywhere released CVEs

1 files changed, 16 insertions, 0 deletions

diff --git a/retired/CVE-2018-12207 b/retired/CVE-2018-12207
new file mode 100644
index 00000000..f427e06a
--- /dev/null
+++ b/retired/CVE-2018-12207
@@ -0,0 +1,16 @@
+Description: Machine Check Error on Page Size Change
+References:
+ https://blogs.intel.com/technology/2019/11/ipas-november-2019-intel-platform-update-ipu/
+ https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change-0
+Notes:
+ bwh> Exploitable only by VM guests on Intel
+ bwh> CPUs.  Will be fixed by "NX" patch series.
+Bugs:
+upstream: released (5.4-rc8) [833b45de69a6016c4b0cebe6765d526a31a81580, db4d30fbb71b47e4ecb11c4efa5d8aad4b03dfae, cad14885a8d32c1c0d8eaa7bf5c0152a22b6080e, 731dc9df975a5da21237a18c3384f811a7a41cc6, b8e8c8303ff28c61046a4d0f6ea99aea609a7dc0, c57c80467f90e5504c8df9ad3555d2c78800bf94, 1aa9b9572b10529c2e64e2b8f44025d86e124308, 7f00cc8d4a51074eb0ad4c3f16c15757b1ddfb7d]
+4.19-upstream-stable: released (4.19.84) [a991063ce57684a2259688886643cf1c430f8188, f9aa6b73a407b714c9aac44734eb4045c893c6f7, 955607466ace0455164cf391a93c23918022e8e8, db5ae6596ae2ba03f66cfeceea4b65e35785600a, 5219505fcbb640e273a0d51c19c38de0100ec5a9, 6082f2e28887bcef66d9b3b5710fd3491a722f0b, 46a4a014c48e64e28970ca775bb7adf4778821af, 580c79e7e3e50afbd5a69b2b6ab2c61c5225f48e]
+4.9-upstream-stable: released (4.9.202) [43a39a3e9b0573cd4383e52d8ded9965ae8994c5, 61524f1bccc041b7871a21984b69b8e538f446c0, c6170b81e7b78942cb4b36fc72cbd75145fd08d5, 2f57300f68fb40acff2e350686ec5e41463526c1, 2e013f0fa714399d91c0fc9e3e4d64a9b517db6c, 1d48204bd77090c950b13106ab51821729ae0d72, 515fa37a3e550ac7f291fb295b4e6174b6bbbd85, 9dc6bc3f22f08099a27c38c68983fbc419e879f3, 52644d80850a3fe965ee964e903acef7be61a62c, 1b08d2ab698ddf78833717908e2a41336ab9c6ef, 12ceedb7604dfbe370a21df444819ece665c91db, e2bd0778adc4b13e3874b48eaad689e4a3a35833, a7ad7943b84fae87f5be18f05025c51ae103f732, 61e191b467f1edea6fae9123c37355133273a31a, c6e94acbf6abab3e3c25fcdd3343d0c2a3f160ca, ca60c77067d4cde390e1f58a6f947c7c7fb75f97]
+3.16-upstream-stable: ignored "Untrusted guests are no longer supportable"
+sid: released (5.3.9-2) [bugfix/x86/itlb_multihit/0001-kvm-x86-powerpc-do-not-allow-clearing-largepages-deb.patch, bugfix/x86/itlb_multihit/0001-x86-bugs-Add-ITLB_MULTIHIT-bug-infrastructure.patch, bugfix/x86/itlb_multihit/0002-x86-cpu-Add-Tremont-to-the-cpu-vulnerability-whiteli.patch, bugfix/x86/itlb_multihit/0003-cpu-speculation-Uninline-and-export-CPU-mitigations-.patch, bugfix/x86/itlb_multihit/0004-kvm-mmu-ITLB_MULTIHIT-mitigation.patch, bugfix/x86/itlb_multihit/0005-kvm-Add-helper-function-for-creating-VM-worker-threa.patch, bugfix/x86/itlb_multihit/0006-kvm-x86-mmu-Recovery-of-shattered-NX-large-pages.patch, bugfix/x86/itlb_multihit/0007-Documentation-Add-ITLB_MULTIHIT-documentation.patch]
+4.19-buster-security: released (4.19.67-2+deb10u2) [bugfix/x86/itlb_multihit/0011-x86-bugs-Add-ITLB_MULTIHIT-bug-infrastructure.patch, bugfix/x86/itlb_multihit/0013-cpu-speculation-Uninline-and-export-CPU-mitigations-.patch, bugfix/x86/itlb_multihit/0014-Documentation-Add-ITLB_MULTIHIT-documentation.patch, bugfix/x86/itlb_multihit/0016-kvm-x86-powerpc-do-not-allow-clearing-largepages-deb.patch, bugfix/x86/itlb_multihit/0017-kvm-Convert-kvm_lock-to-a-mutex.patch, bugfix/x86/itlb_multihit/0018-kvm-mmu-Do-not-release-the-page-inside-mmu_set_spte.patch, bugfix/x86/itlb_multihit/0019-KVM-x86-make-FNAME-fetch-and-__direct_map-more-simil.patch, bugfix/x86/itlb_multihit/0020-KVM-x86-remove-now-unneeded-hugepage-gfn-adjustment.patch, bugfix/x86/itlb_multihit/0021-KVM-x86-change-kvm_mmu_page_get_gfn-BUG_ON-to-WARN_O.patch, bugfix/x86/itlb_multihit/0022-KVM-x86-add-tracepoints-around-__direct_map-and-FNAM.patch, bugfix/x86/itlb_multihit/0023-KVM-vmx-svm-always-run-with-EFER.NXE-1-when-shadow-p.patch, bugfix/x86/itlb_multihit/0024-kvm-mmu-ITLB_MULTIHIT-mitigation.patch, bugfix/x86/itlb_multihit/0025-kvm-Add-helper-function-for-creating-VM-worker-threa.patch, bugfix/x86/itlb_multihit/0026-kvm-x86-mmu-Recovery-of-shattered-NX-large-pages.patch]
+4.9-stretch-security: released (4.9.189-3+deb9u2) [bugfix/x86/itlb_multihit/0012-KVM-x86-simplify-ept_misconfig.patch, bugfix/x86/itlb_multihit/0013-KVM-x86-extend-usage-of-RET_MMIO_PF_-constants.patch, bugfix/x86/itlb_multihit/0014-KVM-MMU-drop-vcpu-param-in-gpte_access.patch, bugfix/x86/itlb_multihit/0015-kvm-Convert-kvm_lock-to-a-mutex.patch, bugfix/x86/itlb_multihit/0016-kvm-x86-Do-not-release-the-page-inside-mmu_set_spte.patch, bugfix/x86/itlb_multihit/0017-KVM-x86-make-FNAME-fetch-and-__direct_map-more-simil.patch, bugfix/x86/itlb_multihit/0018-KVM-x86-remove-now-unneeded-hugepage-gfn-adjustment.patch, bugfix/x86/itlb_multihit/0019-KVM-x86-change-kvm_mmu_page_get_gfn-BUG_ON-to-WARN_O.patch, bugfix/x86/itlb_multihit/0020-KVM-x86-Add-is_executable_pte.patch, bugfix/x86/itlb_multihit/0021-KVM-x86-add-tracepoints-around-__direct_map-and-FNAM.patch, bugfix/x86/itlb_multihit/0022-KVM-vmx-svm-always-run-with-EFER.NXE-1-when-shadow-p.patch, bugfix/x86/itlb_multihit/0023-x86-bugs-Add-ITLB_MULTIHIT-bug-infrastructure.patch, bugfix/x86/itlb_multihit/0024-cpu-speculation-Uninline-and-export-CPU-mitigations-.patch, bugfix/x86/itlb_multihit/0025-kvm-mmu-ITLB_MULTIHIT-mitigation.patch, bugfix/x86/itlb_multihit/0026-kvm-Add-helper-function-for-creating-VM-worker-threa.patch, bugfix/x86/itlb_multihit/0027-kvm-x86-mmu-Recovery-of-shattered-NX-large-pages.patch, bugfix/x86/itlb_multihit/0028-Documentation-Add-ITLB_MULTIHIT-documentation.patch]
+3.16-jessie-security: ignored "Untrusted guests are no longer supportable"