Retire some CVEs

6 files changed, 92 insertions, 0 deletions

diff --git a/retired/CVE-2018-3646 b/retired/CVE-2018-3646
new file mode 100644
index 00000000..1a769b12
--- /dev/null
+++ b/retired/CVE-2018-3646
@@ -0,0 +1,20 @@
+Description: hw: cpu: L1 terminal fault (L1TF) [for attack vector against virtualization hypervisor (KVM)]
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1585005
+ https://git.kernel.org/linus/958f338e96f874a0d29442396d6adf9c1e17aa2d
+ https://access.redhat.com/security/vulnerabilities/L1TF
+ https://foreshadowattack.eu/
+ https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
+ https://access.redhat.com/articles/3562741
+ https://xenbits.xen.org/xsa/advisory-273.html
+Notes:
+ carnil> Will be adressed in 4.18.1, 4.17.15, 4.14.63, 4.9.120, and 4.4.148.
+Bugs:
+upstream: released (4.19-rc1) [781fca5b104693bc9242199cc47c690dcaf6a4cb..07d981ad4cf1e78361c6db1c28ee5ba105f96cc1]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.120) [329d815667373e858497b5947ad0484194d8c3e2..7f5d090ffe9e7603265e7991aacec64d86cf70ab]
+3.16-upstream-stable: ignored "Too invasive and risky to apply"
+sid: released (4.17.15-1)
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.110-3+deb9u3)
+3.16-jessie-security: ignored "Too invasive and risky to apply"
diff --git a/retired/CVE-2019-11477 b/retired/CVE-2019-11477
new file mode 100644
index 00000000..591891e2
--- /dev/null
+++ b/retired/CVE-2019-11477
@@ -0,0 +1,14 @@
+Description: DoS through u16 overflow of TCP_SKB_CB(skb)->tcp_gso_segs
+References:
+ https://patchwork.ozlabs.org/patch/1117155/
+ https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
+Notes:
+Bugs:
+upstream: released (5.2-rc6) [3b4929f65b0d8249f19a50245cd88ed1a2f78cff]
+4.19-upstream-stable: released (4.19.52) [c09be31461ed140976c60a87364415454a2c3d42]
+4.9-upstream-stable: released (4.9.182) [cc1b58ccb78e0de51bcec1f2914d9296260668bd]
+3.16-upstream-stable: released (3.16.69) [ef27e3c531782ec8213108e11e5515f9724303c7]
+sid: released (4.19.37-4) [bugfix/all/tcp-limit-payload-size-of-sacked-skbs.patch]
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.168-1+deb9u3) [bugfix/all/tcp-limit-payload-size-of-sacked-skbs.patch]
+3.16-jessie-security: released (3.16.68-2) [bugfix/all/tcp-limit-payload-size-of-sacked-skbs.patch]
diff --git a/retired/CVE-2019-11478 b/retired/CVE-2019-11478
new file mode 100644
index 00000000..10634866
--- /dev/null
+++ b/retired/CVE-2019-11478
@@ -0,0 +1,14 @@
+Description: tcp_fragment fragmentation can exceed socket memory limits
+References:
+ https://patchwork.ozlabs.org/patch/1117156/
+ https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
+Notes:
+Bugs:
+upstream: released (5.2-rc6) [f070ef2ac66716357066b683fb0baf55f8191a2e]
+4.19-upstream-stable: released (4.19.52) [ec83921899a571ad70d582934ee9e3e07f478848]
+4.9-upstream-stable: released (4.9.182) [e358f4af19db46ca25cc9a8a78412b09ba98859d]
+3.16-upstream-stable: released (3.16.69) [dc97a907bc76b71c08e7e99a5b1b30ef4d5e4a85]
+sid: released (4.19.37-4) [bugfix/all/tcp-tcp_fragment-should-apply-sane-memory-limits.patch]
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.168-1+deb9u3) [bugfix/all/tcp-tcp_fragment-should-apply-sane-memory-limits.patch]
+3.16-jessie-security: released (3.16.68-2) [bugfix/all/tcp-tcp_fragment-should-apply-sane-memory-limits.patch]
diff --git a/retired/CVE-2019-11479 b/retired/CVE-2019-11479
new file mode 100644
index 00000000..9c99b811
--- /dev/null
+++ b/retired/CVE-2019-11479
@@ -0,0 +1,15 @@
+Description: TCP minimum MSS hardcoded to 48 which can lead to DoS
+References:
+ https://patchwork.ozlabs.org/patch/1117157/
+ https://patchwork.ozlabs.org/patch/1117158/
+ https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
+Notes:
+Bugs:
+upstream: released (5.2-rc6) [5f3e2bf008c2221478101ee72f5cb4654b9fc363, 967c05aee439e6e5d7d805e195b3a20ef5c433d6]
+4.19-upstream-stable: released (4.19.52) [7f9f8a37e563c67b24ccd57da1d541a95538e8d9, 59222807fcc99951dc769cd50e132e319d73d699]
+4.9-upstream-stable: released (4.9.182) [8e39cbc03dafa3731d22533f869bf326c0e6e6f8, 7e9096287352d0416f3caa0919c90bd9ed2f68d3]
+3.16-upstream-stable: released (3.16.69) [6b7e7997ad3505db7de85ff12276fc84659481d3, 7ce5a5796ca119c5c6935ea9f4e785f0cb7f39b7]
+sid: released (4.19.37-4) [bugfix/all/tcp-add-tcp_min_snd_mss-sysctl.patch, bugfix/all/tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing.patch]
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.168-1+deb9u3) [bugfix/all/tcp-add-tcp_min_snd_mss-sysctl.patch, bugfix/all/tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing.patch]
+3.16-jessie-security: released (3.16.68-2) [bugfix/all/tcp-add-tcp_min_snd_mss-sysctl.patch, bugfix/all/tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing.patch]
diff --git a/retired/CVE-2019-2054 b/retired/CVE-2019-2054
new file mode 100644
index 00000000..114b4554
--- /dev/null
+++ b/retired/CVE-2019-2054
@@ -0,0 +1,16 @@
+Description: seccomp mechanism bypass on arm (32-bit)
+References:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2054
+ https://source.android.com/security/bulletin/2019-05-01
+Notes:
+ bwh> This was a documented limitation of seccomp, and applied to all
+ bwh> architectures; see commit 58d0a862f573c3354fa912603ef5a4db188774e7.
+Bugs:
+upstream: released (v4.8-rc1) [0f3912fd934cdfd03d93f2dc6f064099795bf638]
+4.19-upstream-stable: N/A "Fixed before branching point"
+4.9-upstream-stable: N/A "Fixed before branching point"
+3.16-upstream-stable: ignored "Documented limitation"
+sid: released (4.8.5-1)
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: ignored "Documented limitation"
diff --git a/retired/CVE-2019-3846 b/retired/CVE-2019-3846
new file mode 100644
index 00000000..ca3b07c8
--- /dev/null
+++ b/retired/CVE-2019-3846
@@ -0,0 +1,13 @@
+Description: Buffer overflow / read checks in mwifiex
+References:
+ https://lore.kernel.org/linux-wireless/20190529125220.17066-1-tiwai@suse.de/
+Notes:
+Bugs:
+upstream: released (5.2-rc6) [13ec7f10b87f5fc04c4ccbd491c94c7980236a74]
+4.19-upstream-stable: released (4.19.59) [d4c0f752c1d2c6383cc7582c19b2ed7159d45937]
+4.9-upstream-stable: released (4.9.186) [58ec3690a908494f7a7c3e8a302eb491bef9d979]
+3.16-upstream-stable: released (3.16.70) [a24ac7326f38ffab2b63141496d075da144cec7d]
+sid: released (4.19.37-4) [bugfix/all/mwifiex-fix-possible-buffer-overflows-at-parsing-bss.patch]
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.168-1+deb9u3) [bugfix/all/mwifiex-fix-possible-buffer-overflows-at-parsing-bss.patch]
+3.16-jessie-security: released (3.16.68-2) [bugfix/all/mwifiex-fix-possible-buffer-overflows-at-parsing-bss.patch]