Retire several CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2022-03-25 20:49:54 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-03-25 20:49:54 +0100
commit: 799d3c586b6df4d41fccd5fc2ff796a087c26329 (patch)
tree: 58859fea1691e870e5406a47cbb0c08c1e4582e6 /retired/CVE-2022-22942
parent: e3e90ffdadf6bb9b0e7ff277a38879d594f49edd (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2022-22942 b/retired/CVE-2022-22942
new file mode 100644
index 00000000..4012da6b
--- /dev/null
+++ b/retired/CVE-2022-22942
@@ -0,0 +1,17 @@
+Description: drm/vmwgfx: Fix stale file descriptors on failed usercopy
+References:
+ https://www.openwall.com/lists/oss-security/2022/01/27/4
+ https://www.openwall.com/lists/oss-security/2022/02/03/1
+Notes:
+ carnil> Commit fixes c906965dee22 ("drm/vmwgfx: Add export fence to
+ carnil> file descriptor support") in 4.14-rc1.
+ carnil> Fixed in 5.16.4 for 5.16.y and 5.15.18 for 5.15.y.
+Bugs:
+upstream: released (5.17-rc2) [a0f90c8815706981c483a652a6aefca51a5e191c]
+5.10-upstream-stable: released (5.10.95) [ae2b20f27732fe92055d9e7b350abc5cdf3e2414]
+4.19-upstream-stable: released (4.19.227) [0008a0c78fc33a84e2212a7c04e6b21a36ca6f4d]
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-2) [bugfix/all/drm-vmwgfx-Fix-stale-file-descriptors-on-failed-user.patch]
+5.10-bullseye-security: released (5.10.92-2) [bugfix/x86/drm-vmwgfx-Fix-stale-file-descriptors-on-failed-user.patch]
+4.19-buster-security: released (4.19.232-1)
+4.9-stretch-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2022-03-25 20:49:54 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-03-25 20:49:54 +0100
commit	799d3c586b6df4d41fccd5fc2ff796a087c26329 (patch)
tree	58859fea1691e870e5406a47cbb0c08c1e4582e6 /retired/CVE-2022-22942
parent	e3e90ffdadf6bb9b0e7ff277a38879d594f49edd (diff)