retire issues

author: Moritz Muehlenhoff <jmm@debian.org> 2022-12-14 17:30:13 +0100
committer: Moritz Muehlenhoff <jmm@debian.org> 2022-12-14 17:30:13 +0100
commit: 210d660e8e19228c4652243481b4cdba16992853 (patch)
tree: 50741cbe5a1e4cc4b2857792769f2edb3113c06a /retired/CVE-2022-36123
parent: 1595b8f518ac796fd6100c95a460d819dfdd21e8 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2022-36123 b/retired/CVE-2022-36123
new file mode 100644
index 00000000..82601aa3
--- /dev/null
+++ b/retired/CVE-2022-36123
@@ -0,0 +1,18 @@
+Description:
+References:
+ https://github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md
+ https://sick.codes/sick-2022-128
+Notes:
+ carnil> Though 38fa5479b413 ("x86: Clear .brk area at early boot") was
+ carnil> backported to various stable series, if I understand the report
+ carnil> correctly the issue is only present for kernels which include
+ carnil> 8b87d8cec1b3 ("x86/entry,xen: Early rewrite of
+ carnil> restore_regs_and_return_to_kernel()") 5.18-rc1.
+ carnil> Ben, please double-check if the triage is correct.
+Bugs:
+upstream: released (5.19-rc6) [38fa5479b41376dc9d7f57e71c83514285a25ca0]
+5.10-upstream-stable: N/A "Vulnerability introduced later"
+4.19-upstream-stable: N/A "Vulnerability introduced later"
+sid: released (5.18.14-1)
+5.10-bullseye-security: N/A "Vulnerability introduced later"
+4.19-buster-security: N/A "Vulnerability introduced later"
author	Moritz Muehlenhoff <jmm@debian.org>	2022-12-14 17:30:13 +0100
committer	Moritz Muehlenhoff <jmm@debian.org>	2022-12-14 17:30:13 +0100
commit	210d660e8e19228c4652243481b4cdba16992853 (patch)
tree	50741cbe5a1e4cc4b2857792769f2edb3113c06a /retired/CVE-2022-36123
parent	1595b8f518ac796fd6100c95a460d819dfdd21e8 (diff)