summaryrefslogtreecommitdiffstats
path: root/retired
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2024-03-26 20:48:42 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2024-03-26 20:48:42 +0100
commit47d3d8e470b8c1866c57d312840357915944314c (patch)
tree7c79b4c4e0b8a7f8e723c80548a763f3869b84b0 /retired
parent7e1edb9178af8278e8c6dad575ef962f323c8fe8 (diff)
Retire some CVEs
Diffstat (limited to 'retired')
-rw-r--r--retired/CVE-2023-5262616
-rw-r--r--retired/CVE-2024-2664916
-rw-r--r--retired/CVE-2024-2665016
3 files changed, 48 insertions, 0 deletions
diff --git a/retired/CVE-2023-52626 b/retired/CVE-2023-52626
new file mode 100644
index 00000000..df266106
--- /dev/null
+++ b/retired/CVE-2023-52626
@@ -0,0 +1,16 @@
+Description: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context
+References:
+Notes:
+ carnil> Introduced in 92214be5979c ("net/mlx5e: Update doorbell for port timestamping
+ carnil> CQ before the software counter"). Vulnerable versions: 6.5.13 6.6.3 6.7-rc2.
+Bugs:
+upstream: released (6.8-rc2) [3876638b2c7ebb2c9d181de1191db0de8cac143a]
+6.7-upstream-stable: released (6.7.3) [33cdeae8c6fb58cc445f859b67c014dc9f60b4e0]
+6.6-upstream-stable: released (6.6.15) [40e0d0746390c5b0c31144f4f1688d72f3f8d790]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-26649 b/retired/CVE-2024-26649
new file mode 100644
index 00000000..d5f2f115
--- /dev/null
+++ b/retired/CVE-2024-26649
@@ -0,0 +1,16 @@
+Description: drm/amdgpu: Fix the null pointer when load rlc firmware
+References:
+Notes:
+ carnil> Introduced in 3da9b71563cb ("drm/amd: Use `amdgpu_ucode_*` helpers for GFX10").
+ carnil> Vulnerable versions: 6.3-rc1.
+Bugs:
+upstream: released (6.8-rc1) [bc03c02cc1991a066b23e69bbcc0f66e8f1f7453]
+6.7-upstream-stable: released (6.7.3) [d3887448486caeef9687fb5dfebd4ff91e0f25aa]
+6.6-upstream-stable: released (6.6.15) [8b5bacce2d13dbe648f0bfd3f738ecce8db4978c]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-26650 b/retired/CVE-2024-26650
new file mode 100644
index 00000000..403b2741
--- /dev/null
+++ b/retired/CVE-2024-26650
@@ -0,0 +1,16 @@
+Description: platform/x86: p2sb: Allow p2sb_bar() calls during PCI device probe
+References:
+Notes:
+ carnil> Introduced in 9745fb07474f ("platform/x86/intel: Add Primary to Sideband (P2SB)
+ carnil> bridge support"). Vulnerable versions: 6.0-rc1.
+Bugs:
+upstream: released (6.8-rc2) [5913320eb0b3ec88158cfcb0fa5e996bf4ef681b]
+6.7-upstream-stable: released (6.7.3) [d281ac9a987c553d93211b90fd4fe97d8eca32cd]
+6.6-upstream-stable: released (6.6.15) [847e1eb30e269a094da046c08273abe3f3361cf2]
+6.1-upstream-stable: released (6.1.76) [2841631a03652f32b595c563695d0461072e0de4]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"

© 2014-2024 Faster IT GmbH | imprint | privacy policy