Retire several CVEs

8 files changed, 107 insertions, 0 deletions

diff --git a/retired/CVE-2021-26930 b/retired/CVE-2021-26930
new file mode 100644
index 000000000..3613aff23
--- /dev/null
+++ b/retired/CVE-2021-26930
@@ -0,0 +1,13 @@
+Description: error handling issues in blkback's grant mapping
+References:
+ https://xenbits.xen.org/xsa/advisory-365.html
+ https://lore.kernel.org/lkml/20210216124015.28923-1-jgross@suse.com/
+Notes:
+Bugs:
+upstream: released (5.12-rc1) [871997bc9e423f05c7da7c9178e62dde5df2a7f8]
+5.10-upstream-stable: released (5.10.18) [00805af45a21729e2901a37914992786a0d32c46]
+4.19-upstream-stable: released (4.19.177) [98f16e171e2849dba76e2e0346e914452c030dc5]
+4.9-upstream-stable: released (4.9.258) [4cec38115dfd5d5c123ece4f4a55165a5a2e8cc0]
+sid: released (5.10.19-1)
+4.19-buster-security: released (4.19.177-1)
+4.9-stretch-security: released (4.9.258-1)
diff --git a/retired/CVE-2021-26931 b/retired/CVE-2021-26931
new file mode 100644
index 000000000..0c76a002b
--- /dev/null
+++ b/retired/CVE-2021-26931
@@ -0,0 +1,13 @@
+Description: backends treating grant mapping errors as bugs
+References:
+ https://xenbits.xen.org/xsa/advisory-362.html
+ https://lore.kernel.org/lkml/20210216124015.28923-1-jgross@suse.com/
+Notes:
+Bugs:
+upstream: released (5.12-rc1) [5a264285ed1cd32e26d9de4f3c8c6855e467fd63, 3194a1746e8aabe86075fd3c5e7cf1f4632d7f16, 7c77474b2d22176d2bfb592ec74e0f2cb71352c9]
+5.10-upstream-stable: released (5.10.18) [8f8ebd6b1cb5cff96a11cd336027e745d48c2cab, 2814b3aa38a679c63aa535355b02a5bd0f681a83, 9bea436fc3fc9a820b8b34e83708971c1813b892]
+4.19-upstream-stable: released (4.19.177) [a01b49a9bf91a723f541139c063c1ff681ac536a, 717faa776ca2163119239ea58bb78c4d732d8a4f, f84c00fbd27b043fa42a56eaaa14e293877bc69b]
+4.9-upstream-stable: released (4.9.258) [746d5c20c9cbeac0ee9f24a51862eb551c7b8706, a0e570acdb610f2cbe345a32ddbdf941644131b1, 5bf626a00983102b9c70f0bf12adae784b9cfe85]
+sid: released (5.10.19-1)
+4.19-buster-security: released (4.19.177-1)
+4.9-stretch-security: released (4.9.258-1)
diff --git a/retired/CVE-2021-26932 b/retired/CVE-2021-26932
new file mode 100644
index 000000000..bdfb8b29d
--- /dev/null
+++ b/retired/CVE-2021-26932
@@ -0,0 +1,13 @@
+Description: grant mapping error handling issues
+References:
+ https://xenbits.xen.org/xsa/advisory-361.html
+ https://lore.kernel.org/lkml/20210216124015.28923-1-jgross@suse.com/
+Notes:
+Bugs:
+upstream: released (5.12-rc1) [a35f2ef3b7376bfd0a57f7844bd7454389aae1fc, b512e1b077e5ccdbd6e225b15d934ab12453b70a, dbe5283605b3bc12ca45def09cc721a0a5c853a2, ebee0eab08594b2bd5db716288a4f1ae5936e9bc, 36bf1dfb8b266e089afa9b7b984217f17027bf35]
+5.10-upstream-stable: released (5.10.18) [740f4d9d0c34ea99279acf2fc99ae33c0142265a, 0c08037b56a77219a6ec67c2cb19abf38722a525, 1a5c2274349f5b6f3b6bbdf43247e71a50ae6e2f, be89a0300a58c273b6f48bb8db01c807e203098b, 0462dbbe2cab43528f943575b510625cf422921a]
+4.19-upstream-stable: released (4.19.177) [dfed59ee4b41b0937163dfed36752d29e72d0712, c3d586afdb4474f9389eeddf6c9259e33cc0a321, ba75f4393225c4049797388329313d1d9a5ef480, e07f06f6bbeed5bf47fed79ac6a57ec62b33304a, 271a3984f73c485f4c1b796a61cc5bd3994a0463]
+4.9-upstream-stable: released (4.9.258) [34156171ae855364456933c1aea81ea0f2536853, a3c335bbc0ec0b56975a82d4c29c95279631e9bf, c5b81504415eeee141036834eb4d756db4f8105a, 3a707cbd8138284d9f43b66edd29b56ca76b00cd, 06897d9dcc0d3194044815af13252886ecb39c3b]
+sid: released (5.10.19-1)
+4.19-buster-security: released (4.19.177-1)
+4.9-stretch-security: released (4.9.258-1)
diff --git a/retired/CVE-2021-27363 b/retired/CVE-2021-27363
new file mode 100644
index 000000000..67772454c
--- /dev/null
+++ b/retired/CVE-2021-27363
@@ -0,0 +1,14 @@
+Description: show_transport_handle() shows iSCSI transport handle to non-root users
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1930079
+ https://www.openwall.com/lists/oss-security/2021/03/06/1
+ https://bugzilla.suse.com/show_bug.cgi?id=1182716
+Notes:
+Bugs:
+upstream: released (5.12-rc2) [688e8128b7a92df982709a4137ea4588d16f24aa]
+5.10-upstream-stable: released (5.10.21) [c71edc5d2480774ec2fec62bb84064aed6d582bd]
+4.19-upstream-stable: released (4.19.179) [ae84b246a76c4ace5997e5ca7e9fde3e1a526bc3]
+4.9-upstream-stable: released (4.9.260) [a483236b41db0228bd4643d7cc0a4c51d33edd93]
+sid: released (5.10.24-1)
+4.19-buster-security: released (4.19.181-1)
+4.9-stretch-security: released (4.9.258-1) [bugfix/all/scsi-iscsi-restrict-sessions-and-handles-to-admin-ca.patch]
diff --git a/retired/CVE-2021-27364 b/retired/CVE-2021-27364
new file mode 100644
index 000000000..749bbb2ef
--- /dev/null
+++ b/retired/CVE-2021-27364
@@ -0,0 +1,14 @@
+Description: iscsi_if_recv_msg() allows non-root users to connect and send commands
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1930080
+ https://www.openwall.com/lists/oss-security/2021/03/06/1
+ https://bugzilla.suse.com/show_bug.cgi?id=1182717
+Notes:
+Bugs:
+upstream: released (5.12-rc2) [688e8128b7a92df982709a4137ea4588d16f24aa]
+5.10-upstream-stable: released (5.10.21) [c71edc5d2480774ec2fec62bb84064aed6d582bd]
+4.19-upstream-stable: released (4.19.179) [ae84b246a76c4ace5997e5ca7e9fde3e1a526bc3]
+4.9-upstream-stable: released (4.9.260) [a483236b41db0228bd4643d7cc0a4c51d33edd93]
+sid: released (5.10.24-1)
+4.19-buster-security: released (4.19.181-1)
+4.9-stretch-security: released (4.9.258-1) [bugfix/all/scsi-iscsi-restrict-sessions-and-handles-to-admin-ca.patch]
diff --git a/retired/CVE-2021-27365 b/retired/CVE-2021-27365
new file mode 100644
index 000000000..1420a7e0f
--- /dev/null
+++ b/retired/CVE-2021-27365
@@ -0,0 +1,14 @@
+Description: iscsi_host_get_param() allows sysfs params larger than 4k
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1930078
+ https://www.openwall.com/lists/oss-security/2021/03/06/1
+ https://bugzilla.suse.com/show_bug.cgi?id=1182715
+Notes:
+Bugs:
+upstream: released (5.12-rc2) [ec98ea7070e94cc25a422ec97d1421e28d97b7ee, f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5]
+5.10-upstream-stable: released (5.10.21) [76d92bf293c36a52ea5552919ac645ef2edee55d, f40bbcb68131f1c17ed22a1e8a471776b4e57bd3]
+4.19-upstream-stable: released (4.19.179) [b2957d7baff77b399c7408dc12bacc7f63765897, 23e2942885e8db57311cb4f9a719fd0306073c40]
+4.9-upstream-stable: released (4.9.260) [9ce352a1fbfb9d16353ea30cf4b922a1a049fe69, 83da484358770d6e50eace0c140bef981324adca]
+sid: released (5.10.24-1)
+4.19-buster-security: released (4.19.181-1)
+4.9-stretch-security: released (4.9.258-1) [bugfix/all/scsi-iscsi-verify-lengths-on-passthrough-PDUs.patch, bugfix/all/scsi-iscsi-verify-lengths-on-passthrough-PDUs.patch]
diff --git a/retired/CVE-2021-28038 b/retired/CVE-2021-28038
new file mode 100644
index 000000000..90a724a14
--- /dev/null
+++ b/retired/CVE-2021-28038
@@ -0,0 +1,13 @@
+Description: netback fails to honor grant mapping errors
+References:
+ https://xenbits.xen.org/xsa/advisory-367.html
+ https://lore.kernel.org/lkml/20210304110053.8787-1-jgross@suse.com/
+Notes:
+Bugs:
+upstream: released (5.12-rc2) [8310b77b48c5558c140e7a57a702e7819e62f04e, 2991397d23ec597405b116d96de3813420bdcbc3]
+5.10-upstream-stable: released (5.10.21) [545c837d6789afcb23da5494a22e459952fb823f, fa00c0c826ddea48e0dc9c7944506dd67a7be6d2]
+4.19-upstream-stable: released (4.19.179) [1a999d25ef536a14f6a7c25778836857adfba3f8, b62d8b5c814be957ce164453ddf4852167908841]
+4.9-upstream-stable: released (4.9.260)  [d1ae0cfd1fab27d170caf905e519198cb144d523, 2154a1c60be3ccf59b62af636acd2aa44a531432]
+sid: released (5.10.24-1)
+4.19-buster-security: released (4.19.181-1)
+4.9-stretch-security: released (4.9.258-1) [bugfix/all/xen-gnttab-handle-p2m-update-errors-on-a-per-slot-ba.patch, bugfix/all/xen-netback-respect-gnttab_map_refs-s-return-value.patch]
diff --git a/retired/CVE-2021-3348 b/retired/CVE-2021-3348
new file mode 100644
index 000000000..bc54f5bee
--- /dev/null
+++ b/retired/CVE-2021-3348
@@ -0,0 +1,13 @@
+Description: nbd: freeze the queue while we're adding connections
+References:
+ https://lore.kernel.org/linux-block/24dff677353e2e30a71d8b66c4dffdbdf77c4dbd.1611595239.git.josef@toxicpanda.com/
+ https://www.openwall.com/lists/oss-security/2021/01/28/3
+Notes:
+Bugs:
+upstream: released (5.11-rc6) [b98e762e3d71e893b221f871825dc64694cfb258]
+5.10-upstream-stable: released (5.10.13) [41f6f4a3143506ea1499cda2f14a16a2f82118a8]
+4.19-upstream-stable: released (4.19.173) [424838c0f727f1d11ce2ccaabba96f4346c03906]
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.13-1)
+4.19-buster-security: released (4.19.177-1)
+4.9-stretch-security: N/A "Vulnerable code not present"