Retire several issues

author: Ben Hutchings <ben@decadent.org.uk> 2022-05-01 18:50:10 +0200
committer: Ben Hutchings <ben@decadent.org.uk> 2022-05-01 18:50:10 +0200
commit: 0e9daff74509a56670934301fd472f6bab28e09f (patch)
tree: 5ead74d039b6e704b053be31510183b5aa1386fa /retired/CVE-2022-1158
parent: f5510d9d41961353aa461c7f24ae373525b74c7b (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2022-1158 b/retired/CVE-2022-1158
new file mode 100644
index 00000000..8a62fc5b
--- /dev/null
+++ b/retired/CVE-2022-1158
@@ -0,0 +1,16 @@
+Description: KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
+References:
+ https://www.openwall.com/lists/oss-security/2022/04/08/4
+Notes:
+ carnil> Introduced by bd53cb35a3e9 ("X86/KVM: Handle PFNs outside of
+ carnil> kernel reach when touching GPTEs") in 5.2-rc1.
+ carnil> For 5.16.y fixed in 5.16.19 and for 5.17.y fixed in 5.17.2.
+Bugs:
+upstream: released (5.18-rc1) [2a8859f373b0a86f0ece8ec8312607eacf12485d]
+5.10-upstream-stable: released (5.10.110) [e90518d10c7dd59d5ebbe25b0f0083a7dbffa42f]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.17.3-1)
+5.10-bullseye-security: released (5.10.113-1)
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
author	Ben Hutchings <ben@decadent.org.uk>	2022-05-01 18:50:10 +0200
committer	Ben Hutchings <ben@decadent.org.uk>	2022-05-01 18:50:10 +0200
commit	0e9daff74509a56670934301fd472f6bab28e09f (patch)
tree	5ead74d039b6e704b053be31510183b5aa1386fa /retired/CVE-2022-1158
parent	f5510d9d41961353aa461c7f24ae373525b74c7b (diff)