Retire inactive issues

author: Ben Hutchings <ben@decadent.org.uk> 2023-05-02 17:56:32 +0200
committer: Ben Hutchings <ben@decadent.org.uk> 2023-05-02 17:56:32 +0200
commit: 5b909cfb43487fe7697c63635fcf66781ec68041 (patch)
tree: 3bf21959a8d59aff1a04191d8c1e02a5c36efc4f /retired/CVE-2022-2873
parent: bd79e1240c4d5dedfe164c0f564d2514a9d6f765 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2022-2873 b/retired/CVE-2022-2873
new file mode 100644
index 00000000..09a7198d
--- /dev/null
+++ b/retired/CVE-2022-2873
@@ -0,0 +1,19 @@
+Description: i2c: ismt: Fix an out-of-bounds bug in ismt_access()
+References:
+ https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97@gmail.com/T/
+ https://bugzilla.redhat.com/show_bug.cgi?id=2119048
+ https://bugzilla.redhat.com/show_bug.cgi?id=2119048#c20
+Notes:
+ carnil> Tracking for this CVE is quite confusing, as Red Hat Bugzilla
+ carnil> entries RHBZ#2119048 and RHBZ#2123309 differ in views. For now
+ carnil> we have to track the two CVEs according to what we have in
+ carnil> those two bugzilla entries are the CVEs are assigned by Red Hat
+ carnil> CNA. Trying to monitor both.
+ carnil> Fixed as well in 6.1.2 for 6.1.y and 6.0.16 for 6.0.y.
+Bugs:
+upstream: released (6.2-rc1) [39244cc754829bf707dccd12e2ce37510f5b1f8d]
+5.10-upstream-stable: released (5.10.163) [9ac541a0898e8ec187a3fa7024b9701cffae6bf2]
+4.19-upstream-stable: released (4.19.270) [bfe41d966c860a8ad4c735639d616da270c92735]
+sid: released (6.1.4-1)
+5.10-bullseye-security: released (5.10.162-1) [bugfix/all/i2c-ismt-Fix-an-out-of-bounds-bug-in-ismt_access.patch]
+4.19-buster-security: released (4.19.282-1)
author	Ben Hutchings <ben@decadent.org.uk>	2023-05-02 17:56:32 +0200
committer	Ben Hutchings <ben@decadent.org.uk>	2023-05-02 17:56:32 +0200
commit	5b909cfb43487fe7697c63635fcf66781ec68041 (patch)
tree	3bf21959a8d59aff1a04191d8c1e02a5c36efc4f /retired/CVE-2022-2873
parent	bd79e1240c4d5dedfe164c0f564d2514a9d6f765 (diff)