Retire two CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2021-03-05 17:44:18 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-03-05 17:44:18 +0100
commit: 4d5eeb0f1e9cc911041507245ae895689da89745 (patch)
tree: 8708d43231bb798ddd5008d91f823d03bb212fd6 /retired/CVE-2020-25639
parent: 5282cae52fb6a80d3f7e90beffce3701fbac3921 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2020-25639 b/retired/CVE-2020-25639
new file mode 100644
index 00000000..1b2eeb14
--- /dev/null
+++ b/retired/CVE-2020-25639
@@ -0,0 +1,17 @@
+Description: drm/nouveau: bail out of nouveau_channel_new if channel init fails
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1876995
+ https://lists.freedesktop.org/archives/nouveau/2020-August/036682.html
+ https://lore.kernel.org/dri-devel/CACAvsv701GiR6QetL6FGUCQLVn45+1EVGTuA-6Pmw5RtwrvyRQ@mail.gmail.com/
+Notes:
+ carnil> Commit fixes eeaf06ac1a55 ("drm/nouveau/svm: initial support
+ carnil> for shared virtual memory") in 5.1-rc1 so needs check if
+ carnil> earlier versions are not affected.
+Bugs:
+upstream: released (5.12-rc1) [eaba3b28401f50e22d64351caa8afe8d29509f27]
+5.10-upstream-stable: released (5.10.20) [e3fcff9f45aa82dacad26e5828598340d2742f47]
+4.19-upstream-stable: N/A "Vulnerable code introduced later"
+4.9-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (5.10.19-1) [bugfix/all/drm-nouveau-bail-out-of-nouveau_channel_new-if-chann.patch]
+4.19-buster-security: N/A "Vulnerable code introduced later"
+4.9-stretch-security: N/A "Vulnerable code introduced later"
author	Salvatore Bonaccorso <carnil@debian.org>	2021-03-05 17:44:18 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-03-05 17:44:18 +0100
commit	4d5eeb0f1e9cc911041507245ae895689da89745 (patch)
tree	8708d43231bb798ddd5008d91f823d03bb212fd6 /retired/CVE-2020-25639
parent	5282cae52fb6a80d3f7e90beffce3701fbac3921 (diff)