Retire some CVEs

8 files changed, 127 insertions, 0 deletions

diff --git a/retired/CVE-2023-52611 b/retired/CVE-2023-52611
new file mode 100644
index 00000000..b51090d9
--- /dev/null
+++ b/retired/CVE-2023-52611
@@ -0,0 +1,16 @@
+Description: wifi: rtw88: sdio: Honor the host max_req_size in the RX path
+References:
+Notes:
+ carnil> Introduced in 65371a3f14e7 ("wifi: rtw88: sdio: Add HCI implementation for SDIO
+ carnil> based chipsets"). Vulnerable versions: 6.4-rc1.
+Bugs:
+upstream: released (6.8-rc1) [00384f565a91c08c4bedae167f749b093d10e3fe]
+6.7-upstream-stable: released (6.7.2) [0e9ffff72a0674cd6656314dbd99cdd2123a3030]
+6.6-upstream-stable: released (6.6.14) [5b5ddf21b978ec315cab9d9e7e6ac7374791a8c7]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52613 b/retired/CVE-2023-52613
new file mode 100644
index 00000000..7743cf66
--- /dev/null
+++ b/retired/CVE-2023-52613
@@ -0,0 +1,16 @@
+Description: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment
+References:
+Notes:
+ carnil> Introduced in e7e3a7c35791 ("thermal/drivers/loongson-2: Add thermal management
+ carnil> support"). Vulnerable versions: 6.6-rc1.
+Bugs:
+upstream: released (6.8-rc1) [15ef92e9c41124ee9d88b01208364f3fe1f45f84]
+6.7-upstream-stable: released (6.7.2) [6010a9fc14eb1feab5cafd84422001134fe8ec58]
+6.6-upstream-stable: released (6.6.14) [70481755ed77400e783200e2d022e5fea16060ce]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-24860 b/retired/CVE-2024-24860
new file mode 100644
index 00000000..618d9412
--- /dev/null
+++ b/retired/CVE-2024-24860
@@ -0,0 +1,15 @@
+Description:
+References:
+ https://bugzilla.openanolis.cn/show_bug.cgi?id=8151
+Notes:
+ carnil> Introduced by 18f81241b74f ("Bluetooth: Move {min,max}_key_size
+ carnil> debugfs ...") in 5.6-rc1.
+Bugs:
+upstream: released (6.8-rc1) [da9065caa594d19b26e1a030fd0cc27bd365d685]
+6.1-upstream-stable: released (6.1.75) [96860d9ad462db61f4eeb09934235c38eab655c4]
+5.10-upstream-stable: released (5.10.209) [394c6c0b6d9bdd7d6ebca35ca9cfbabf44c0c257]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-26631 b/retired/CVE-2024-26631
new file mode 100644
index 00000000..c0c6aea8
--- /dev/null
+++ b/retired/CVE-2024-26631
@@ -0,0 +1,16 @@
+Description: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work
+References:
+Notes:
+ carnil> Introduced in 2d9a93b4902b ("mld: convert from timer to delayed work").
+ carnil> Vulnerable versions: 5.13-rc1.
+Bugs:
+upstream: released (6.8-rc1) [2e7ef287f07c74985f1bf2858bedc62bd9ebf155]
+6.7-upstream-stable: released (6.7.2) [3bb5849675ae1d592929798a2b37ea450879c855]
+6.6-upstream-stable: released (6.6.14) [3cc283fd16fba72e2cefe3a6f48d7a36b0438900]
+6.1-upstream-stable: released (6.1.75) [380540bb06bb1d1b12bdc947d1b8f56cda6b5663]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-26632 b/retired/CVE-2024-26632
new file mode 100644
index 00000000..7bbc26c5
--- /dev/null
+++ b/retired/CVE-2024-26632
@@ -0,0 +1,16 @@
+Description: block: Fix iterating over an empty bio with bio_for_each_folio_all
+References:
+Notes:
+ carnil> Introduced in 640d1930bef4 ("block: Add bio_for_each_folio_all()"). Vulnerable
+ carnil> versions: 5.17-rc1.
+Bugs:
+upstream: released (6.8-rc1) [7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7]
+6.7-upstream-stable: released (6.7.2) [ca3ede3f5893e2d26d4dbdef1eec28a8487fafde]
+6.6-upstream-stable: released (6.6.14) [a6bd8182137a12d22d3f2cee463271bdcb491659]
+6.1-upstream-stable: released (6.1.75) [c6350b5cb78e9024c49eaee6fdb914ad2903a5fe]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-26634 b/retired/CVE-2024-26634
new file mode 100644
index 00000000..cfd29950
--- /dev/null
+++ b/retired/CVE-2024-26634
@@ -0,0 +1,16 @@
+Description: net: fix removing a namespace with conflicting altnames
+References:
+Notes:
+ carnil> Introduced in 7663d522099e ("net: check for altname conflicts when changing
+ carnil> netdev's netns"). Vulnerable versions: 6.1.60 6.5.9 6.6-rc7.
+Bugs:
+upstream: released (6.8-rc2) [d09486a04f5da0a812c26217213b89a3b1acf836]
+6.7-upstream-stable: released (6.7.3) [8072699aa9e67d1727692cfb3c347263bb627fb9]
+6.6-upstream-stable: released (6.6.15) [e855dded4b70d1975ee7b9fed0c700391e3c8ea6]
+6.1-upstream-stable: released (6.1.76) [a2232f29bf52c24f827865b3c90829c44b6c695b]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-26637 b/retired/CVE-2024-26637
new file mode 100644
index 00000000..2549f401
--- /dev/null
+++ b/retired/CVE-2024-26637
@@ -0,0 +1,16 @@
+Description: wifi: ath11k: rely on mac80211 debugfs handling for vif
+References:
+Notes:
+ carnil> Introduced in 0a3d898ee9a8 ("wifi: mac80211: add/remove driver debugfs entries
+ carnil> as appropriate"). Vulnerable versions: 6.7.
+Bugs:
+upstream: released (6.8-rc2) [556857aa1d0855aba02b1c63bc52b91ec63fc2cc]
+6.7-upstream-stable: released (6.7.3) [aa74ce30a8a40d19a4256de4ae5322e71344a274]
+6.6-upstream-stable: N/A "Vulnerable code not present"
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-26638 b/retired/CVE-2024-26638
new file mode 100644
index 00000000..f4c823c6
--- /dev/null
+++ b/retired/CVE-2024-26638
@@ -0,0 +1,16 @@
+Description: nbd: always initialize struct msghdr completely
+References:
+Notes:
+ carnil> Introduced in f94fd25cb0aa ("tcp: pass back data left in socket after
+ carnil> receive"). Vulnerable versions: 5.19-rc1.
+Bugs:
+upstream: released (6.8-rc1) [78fbb92af27d0982634116c7a31065f24d092826]
+6.7-upstream-stable: released (6.7.3) [b0028f333420a65a53a63978522db680b37379dd]
+6.6-upstream-stable: released (6.6.15) [1960f2b534da1e6c65fb96f9e98bda773495f406]
+6.1-upstream-stable: released (6.1.76) [d9c54763e5cdbbd3f81868597fe8aca3c96e6387]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"