Retire several CVEs

9 files changed, 140 insertions, 0 deletions

diff --git a/retired/CVE-2020-24586 b/retired/CVE-2020-24586
new file mode 100644
index 000000000..dedc11284
--- /dev/null
+++ b/retired/CVE-2020-24586
@@ -0,0 +1,17 @@
+Description:
+References:
+ https://papers.mathyvanhoef.com/usenix2021.pdf
+ https://www.fragattacks.com/
+ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
+ https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
+ https://lore.kernel.org/linux-wireless/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid/
+ https://lore.kernel.org/linux-wireless/20210511200110.037aa5ca0390.I7bb888e2965a0db02a67075fcb5deb50eb7408aa@changeid/
+Notes:
+Bugs:
+upstream: released (5.13-rc4) [94034c40ab4a3fcf581fbc7f8fdf4e29943c4a24, 3edc6b0d6c061a70d8ca3c3c72eb1f58ce29bfb1]
+5.10-upstream-stable: released (5.10.42) [42d98e02193d163c1523a8840a2effcc4c6eb111, 6abcc01e8b3b804a7f18721666d978f39470e30c]
+4.19-upstream-stable: released (4.19.193) [76ffc27967211afba6f0045ac840e7027fbeefcf, 8b8713c47b032088f83385876a0a7beb00a5be89]
+4.9-upstream-stable: released (4.9.271) [bb47466456af2f1ac7ab48e5e69d4d8e0dd361e8, 9a1bb171d89d6b3433ebf271f8087e4d8014bd08]
+sid: released (5.10.46-1)
+4.19-buster-security: released (4.19.194-1)
+4.9-stretch-security: released (4.9.272-1)
diff --git a/retired/CVE-2020-24587 b/retired/CVE-2020-24587
new file mode 100644
index 000000000..830d8c78b
--- /dev/null
+++ b/retired/CVE-2020-24587
@@ -0,0 +1,20 @@
+Description:
+References:
+ https://papers.mathyvanhoef.com/usenix2021.pdf
+ https://www.fragattacks.com/
+ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
+ https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
+ https://lore.kernel.org/linux-wireless/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid/
+ https://lore.kernel.org/linux-wireless/20210511200110.037aa5ca0390.I7bb888e2965a0db02a67075fcb5deb50eb7408aa@changeid/
+Notes:
+ carnil> One of the commits was not backported to 4.19.y and 4.9.y aka
+ carnil> c3944a562102 ("ath11k: Clear the fragment cache during key
+ carnil> install").
+Bugs:
+upstream: released (5.13-rc4) [94034c40ab4a3fcf581fbc7f8fdf4e29943c4a24, 3edc6b0d6c061a70d8ca3c3c72eb1f58ce29bfb1, c3944a5621026c176001493d48ee66ff94e1a39a]
+5.10-upstream-stable: released (5.10.42) [42d98e02193d163c1523a8840a2effcc4c6eb111, 6abcc01e8b3b804a7f18721666d978f39470e30c, cc5d84b1b07d5239c2ca591cab3e3e4e7b0384e4]
+4.19-upstream-stable: released (4.19.193) [76ffc27967211afba6f0045ac840e7027fbeefcf, 8b8713c47b032088f83385876a0a7beb00a5be89]
+4.9-upstream-stable: released (4.9.271) [bb47466456af2f1ac7ab48e5e69d4d8e0dd361e8, 9a1bb171d89d6b3433ebf271f8087e4d8014bd08]
+sid: released (5.10.46-1)
+4.19-buster-security: released (4.19.194-1)
+4.9-stretch-security: released (4.9.272-1)
diff --git a/retired/CVE-2020-24588 b/retired/CVE-2020-24588
new file mode 100644
index 000000000..6334438d2
--- /dev/null
+++ b/retired/CVE-2020-24588
@@ -0,0 +1,19 @@
+Description:
+References:
+ https://papers.mathyvanhoef.com/usenix2021.pdf
+ https://www.fragattacks.com/
+ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
+ https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
+ https://lore.kernel.org/linux-wireless/20210511200110.25d93176ddaf.I9e265b597f2cd23eb44573f35b625947b386a9de@changeid/
+ https://lore.kernel.org/linux-wireless/20210511200110.11968c725b5c.Idd166365ebea2771c0c0a38c78b5060750f90e17@changeid/
+Notes:
+ carnil> 079a108feba4 ("ath10k: drop MPDU which has discard flag set by
+ carnil> firmware for SDIO") was not backported to 4.9.y and 4.19.y.
+Bugs:
+upstream: released (5.13-rc4) [2b8a1fee3488c602aca8bea004a087e60806a5cf, 270032a2a9c4535799736142e1e7c413ca7b836e, 079a108feba474b4b32bd3471db03e11f2f83b81], released (5.13-rc5) [2c2bdd2372afcfcf24fe11c65ebe3361b7e1cd9f]
+5.10-upstream-stable: released (5.10.42) [c730d72aa6e85a71ee74530d601d4d894d791b43, 9b21fcae6f68a775630171eafaea5558a7ad5592, c4d5271830c606af4a6803b645af30e79e2a5e8b]
+4.19-upstream-stable: released (4.19.193) [8ea9e997642360ea097710cfa7b1cd750a73fe64, ecefa9018e091c941d87e290f8f038675355c57d]
+4.9-upstream-stable: released (4.9.271) [81bcb7d7d5071511eb86cc3b7793607bac9d4060, fb2bc761f513809a95e262936054dba600f5de59]
+sid: released (5.10.46-1)
+4.19-buster-security: released (4.19.194-1)
+4.9-stretch-security: released (4.9.272-1)
diff --git a/retired/CVE-2020-26139 b/retired/CVE-2020-26139
new file mode 100644
index 000000000..ccac3b6ca
--- /dev/null
+++ b/retired/CVE-2020-26139
@@ -0,0 +1,15 @@
+Description:
+References:
+ https://papers.mathyvanhoef.com/usenix2021.pdf
+ https://www.fragattacks.com/
+ https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
+ https://lore.kernel.org/linux-wireless/20210511200110.cb327ed0cabe.Ib7dcffa2a31f0913d660de65ba3c8aca75b1d10f@changeid/
+Notes:
+Bugs:
+upstream: released (5.13-rc4) [a8c4d76a8dd4fb9666fc8919a703d85fb8f44ed8]
+5.10-upstream-stable: released (5.10.42) [2b9b07b9a06fab16bda3d33da3be70fe33bd95cb]
+4.19-upstream-stable: released (4.19.193) [24347f561816634ab780bf7e03deeb049898b3bc]
+4.9-upstream-stable: released (4.9.271) [5551cb1c68d4ecdabf8b9ea33410f68532b895cc]
+sid: released (5.10.46-1)
+4.19-buster-security: released (4.19.194-1)
+4.9-stretch-security: released (4.9.272-1)
diff --git a/retired/CVE-2020-26147 b/retired/CVE-2020-26147
new file mode 100644
index 000000000..54e7eb56c
--- /dev/null
+++ b/retired/CVE-2020-26147
@@ -0,0 +1,15 @@
+Description: mac80211: assure all fragments are encrypted
+References:
+ https://papers.mathyvanhoef.com/usenix2021.pdf
+ https://www.fragattacks.com/
+ https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
+ https://lore.kernel.org/linux-wireless/20210511200110.30c4394bb835.I5acfdb552cc1d20c339c262315950b3eac491397@changeid/
+Notes:
+Bugs:
+upstream: released (5.13-rc4) [965a7d72e798eb7af0aa67210e37cf7ecd1c9cad]
+5.10-upstream-stable: released (5.10.42) [f7829b014bb670a77f6f66d265b058534367d04b]
+4.19-upstream-stable: released (4.19.193) [3c919823e4cad7bdc2c92b0dd3b4dc463c9315bd]
+4.9-upstream-stable: released (4.9.271) [29bc5b2bccf5f5601cabf9562454f213fb8dcd67]
+sid: released (5.10.46-1)
+4.19-buster-security: released (4.19.194-1)
+4.9-stretch-security: released (4.9.272-1)
diff --git a/retired/CVE-2021-28691 b/retired/CVE-2021-28691
new file mode 100644
index 000000000..80867be55
--- /dev/null
+++ b/retired/CVE-2021-28691
@@ -0,0 +1,14 @@
+Description: XSA-374: xen-netback: take a reference to the RX task thread
+References:
+ https://xenbits.xen.org/xsa/advisory-374.html
+Notes:
+ carnil> Commit fixes 2ac061ce97f4 ('xen/netback: cleanup init and
+ carnil> deinit code') in 5.5-rc1.
+Bugs:
+upstream: released (5.13-rc6) [107866a8eb0b664675a260f1ba0655010fac1e08]
+5.10-upstream-stable: released (5.10.43) [6b53db8c4c14b4e7256f058d202908b54a7b85b4]
+4.19-upstream-stable: N/A "Vulnerable code introduced later"
+4.9-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (5.10.46-1)
+4.19-buster-security: N/A "Vulnerable code introduced later"
+4.9-stretch-security: N/A "Vulnerable code introduced later"
diff --git a/retired/CVE-2021-3564 b/retired/CVE-2021-3564
new file mode 100644
index 000000000..59a96f2e7
--- /dev/null
+++ b/retired/CVE-2021-3564
@@ -0,0 +1,14 @@
+Description: Bluetooth: fix the erroneous flush_work() order
+References:
+ https://www.openwall.com/lists/oss-security/2021/05/25/1
+ https://www.openwall.com/lists/oss-security/2021/06/01/2
+ https://lore.kernel.org/linux-bluetooth/20210525123902.189012-1-gregkh@linuxfoundation.org/
+Notes:
+Bugs:
+upstream: released (5.13-rc5) [6a137caec23aeb9e036cdfd8a46dd8a366460e5d]
+5.10-upstream-stable: released (5.10.43) [3795007c8dfc8bca176529bfeceb17c6f4ef7e44]
+4.19-upstream-stable: released (4.19.194) [64700748e8a7af4883538c72ada57999d9a78e92]
+4.9-upstream-stable: released (4.9.272) [75aa7baab3e18a98f232f14dd9cc6965bcf9b31a]
+sid: released (5.10.46-1)
+4.19-buster-security: released (4.19.194-1)
+4.9-stretch-security: released (4.9.272-1)
diff --git a/retired/CVE-2021-3573 b/retired/CVE-2021-3573
new file mode 100644
index 000000000..6a134d198
--- /dev/null
+++ b/retired/CVE-2021-3573
@@ -0,0 +1,13 @@
+Description: Bluetooth: use correct lock to prevent UAF of hdev object
+References:
+ https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52
+ https://www.openwall.com/lists/oss-security/2021/06/08/2
+Notes:
+Bugs:
+upstream: released (5.13-rc5) [e305509e678b3a4af2b3cfd410f409f7cdaabb52]
+5.10-upstream-stable: released (5.10.43) [74caf718cc7422a957aac381c73d798c0a999a65]
+4.19-upstream-stable: released (4.19.194) [2b9e9c2ed0f1910b5201c5d37b355b60201df415]
+4.9-upstream-stable: released (4.9.272) [3c62132da179fd30531958d51c68ba4915996556]
+sid: released (5.10.46-1)
+4.19-buster-security: released (4.19.194-1)
+4.9-stretch-security: released (4.9.272-1)
diff --git a/retired/CVE-2021-3587 b/retired/CVE-2021-3587
new file mode 100644
index 000000000..f00e00312
--- /dev/null
+++ b/retired/CVE-2021-3587
@@ -0,0 +1,13 @@
+Description: nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
+References:
+ https://www.openwall.com/lists/oss-security/2021/06/01/1
+ https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=4ac06a1e013cf5fdd963317ffd3b968560f33bba
+Notes:
+Bugs:
+upstream: released (5.13-rc5) [4ac06a1e013cf5fdd963317ffd3b968560f33bba]
+5.10-upstream-stable: released (5.10.43) [4ac06a1e013cf5fdd963317ffd3b968560f33bba]
+4.19-upstream-stable: released (4.19.194) [93e4ac2a9979a9a4ecc158409ed9c3044dc0ae1f]
+4.9-upstream-stable: released (4.9.272) [39c15bd2e5d11bcf7f4c3dba2aad9e1e110a5d94]
+sid: released (5.10.46-1)
+4.19-buster-security: released (4.19.194-1)
+4.9-stretch-security: released (4.9.272-1)