Retire some CVEs

1 files changed, 26 insertions, 0 deletions

diff --git a/retired/CVE-2022-0854 b/retired/CVE-2022-0854
new file mode 100644
index 00000000..5ca5db34
--- /dev/null
+++ b/retired/CVE-2022-0854
@@ -0,0 +1,26 @@
+Description: swiotlb information leak with DMA_FROM_DEVICE
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2058395
+ https://bugzilla.suse.com/show_bug.cgi?id=1196823
+Notes:
+ carnil> For 5.16.y fixed as well in 5.16.15.
+ carnil> The initial fix commited to mainline which landed in 5.17-rc6
+ carnil> was an old version and so made necessary to followup with a
+ carnil> rework commit aa6f8dcbab47 ("swiotlb: rework "fix info leak
+ carnil> with DMA_FROM_DEVICE"").
+ carnil> The second part of the fix was holded back for stable trees due to
+ carnil> regression caused on at least some wireless drivers, cf.
+ carnil> https://lore.kernel.org/stable/Yj7oXgoCdhWAwFQt@kroah.com/
+ bwh> The second part (commit aa6f8dcbab47) was reverted and replaced by
+ bwh> commit 901c7280ca0d "Reinstate some of "swiotlb: rework "fix info
+ bwh> leak with DMA_FROM_DEVICE""" in 5.18-rc1. That was applied in 5.17.2
+ bwh> but should probably be applied to other stable branches too.
+Bugs:
+upstream: released (5.17-rc6) [ddbd89deb7d32b1fbb879f48d68fda1a8ac58e8e], released (5.18-rc1) [901c7280ca0d5e2b4a8929fbe0bfb007ac2a6544]
+5.10-upstream-stable: released (5.10.110) [d4d975e7921079f877f828099bb8260af335508f], released (5.10.118) [f3f2247ac31cb71d1f05f56536df5946c6652f4a]
+4.19-upstream-stable: released (4.19.245) [8d9ac1b6665c73f23e963775f85d99679fd8e192, 06cb238b0f7ac1669cb06390704c61794724c191]
+4.9-upstream-stable: released (4.9.320) [c132f2ba716b5ee6b35f82226a6e5417d013d753, fd97de9c7b973f46a6103f4170c5efc7b8ef8797]
+sid: released (5.17.3-1)
+5.10-bullseye-security: released (5.10.113-1), released (5.10.120-1)
+4.19-buster-security: released (4.19.249-1)
+4.9-stretch-security: released (4.9.320-2)