Retire several CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2024-02-24 16:40:23 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-02-24 16:40:23 +0100
commit: 62bda9a103e19908f3af0046dd2c83ee6d85637c (patch)
tree: 93c86b4856cfd9401a24c7a4835a4c6b7956ee99 /retired
parent: f9074dc0b675f207ab224d857e5d73e19c4c8304 (diff)
11 files changed, 177 insertions, 0 deletions
diff --git a/retired/CVE-2023-52453 b/retired/CVE-2023-52453
new file mode 100644
index 00000000..8ff00f9f
--- /dev/null
+++ b/retired/CVE-2023-52453
@@ -0,0 +1,16 @@
+Description: hisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume
+References:
+Notes:
+ ksecbot> Commit fixes d9a871e4a143 ("hisi_acc_vfio_pci: Introduce
+ ksecbot> support for PRE_COPY state transitions") in 6.2-rc1.
+Bugs:
+upstream: released (6.8-rc1) [be12ad45e15b5ee0e2526a50266ba1d295d26a88]
+6.7-upstream-stable: released (6.7.2) [6bda81e24a35a856f58e6a5786de579b07371603]
+6.6-upstream-stable: released (6.6.14) [45f80b2f230df10600e6fa1b83b28bf1c334185e]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52454 b/retired/CVE-2023-52454
new file mode 100644
index 00000000..febef743
--- /dev/null
+++ b/retired/CVE-2023-52454
@@ -0,0 +1,16 @@
+Description: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length
+References:
+Notes:
+ carnil> Commit fixes 872d26a391da ("nvmet-tcp: add NVMe over TCP target
+ carnil> driver") 5.0-rc1.
+Bugs:
+upstream: released (6.8-rc1) [efa56305908ba20de2104f1b8508c6a7401833be]
+6.7-upstream-stable: released (6.7.2) [70154e8d015c9b4fb56c1a2ef1fc8b83d45c7f68]
+6.6-upstream-stable: released (6.6.14) [24e05760186dc070d3db190ca61efdbce23afc88]
+6.1-upstream-stable: released (6.1.75) [2871aa407007f6f531fae181ad252486e022df42]
+5.10-upstream-stable: released (5.10.209) [f775f2621c2ac5cc3a0b3a64665dad4fb146e510]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52455 b/retired/CVE-2023-52455
new file mode 100644
index 00000000..002049f3
--- /dev/null
+++ b/retired/CVE-2023-52455
@@ -0,0 +1,16 @@
+Description: iommu: Don't reserve 0-length IOVA region
+References:
+Notes:
+ carnil> Commit fixes a5bf3cfce8cb ("iommu: Implement
+ carnil> of_iommu_get_resv_regions()") in 6.3-rc1.
+Bugs:
+upstream: released (6.8-rc1) [bb57f6705960bebeb832142ce9abf43220c3eab1]
+6.7-upstream-stable: released (6.7.2) [5e23e283910c9f30248732ae0770bcb0c9438abf]
+6.6-upstream-stable: released (6.6.14) [98b8a550da83cc392a14298c4b3eaaf0332ae6ad]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52456 b/retired/CVE-2023-52456
new file mode 100644
index 00000000..67375b46
--- /dev/null
+++ b/retired/CVE-2023-52456
@@ -0,0 +1,16 @@
+Description: serial: imx: fix tx statemachine deadlock
+References:
+Notes:
+ carnil> Commit fixes cb1a60923609 ("serial: imx: implement rts delaying
+ carnil> for rs485") in 5.9-rc1.
+Bugs:
+upstream: released (6.8-rc1) [78d60dae9a0c9f09aa3d6477c94047df2fe6f7b0]
+6.7-upstream-stable: released (6.7.2) [9a662d06c22ddfa371958c2071dc350436be802b]
+6.6-upstream-stable: released (6.6.14) [763cd68746317b5d746dc2649a3295c1efb41181]
+6.1-upstream-stable: released (6.1.75) [63ee7be01a3f7d28b1ea8b8d7944f12bb7b0ed06]
+5.10-upstream-stable: released (5.10.209) [6e04a9d30509fb53ba6df5d655ed61d607a7cfda]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52457 b/retired/CVE-2023-52457
new file mode 100644
index 00000000..4da35150
--- /dev/null
+++ b/retired/CVE-2023-52457
@@ -0,0 +1,17 @@
+Description: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed
+References:
+Notes:
+ carnil> Introduced in e3f0c638f428 ("serial: 8250: omap: Fix unpaired
+ carnil> pm_runtime_put_sync() in omap8250_remove()"). Vulnerable versions: 5.4.225
+ carnil> 5.10.156 5.15.80 6.0.10 6.1-rc6.
+Bugs:
+upstream: released (6.8-rc1) [ad90d0358bd3b4554f243a425168fc7cebe7d04e]
+6.7-upstream-stable: released (6.7.2) [95e4e0031effad9837af557ecbfd4294a4d8aeee]
+6.6-upstream-stable: released (6.6.14) [887a558d0298d36297daea039954c39940228d9b]
+6.1-upstream-stable: released (6.1.75) [d74173bda29aba58f822175d983d07c8ed335494]
+5.10-upstream-stable: released (5.10.209) [bc57f3ef8a9eb0180606696f586a6dcfaa175ed0]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52459 b/retired/CVE-2023-52459
new file mode 100644
index 00000000..237ed942
--- /dev/null
+++ b/retired/CVE-2023-52459
@@ -0,0 +1,16 @@
+Description: media: v4l: async: Fix duplicated list deletion
+References:
+Notes:
+ carnil> Commit fixes 28a1295795d8 ("media: v4l: async: Allow multiple
+ carnil> connections between entities") in 6.6-rc1.
+Bugs:
+upstream: released (6.8-rc1) [3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2]
+6.7-upstream-stable: released (6.7.2) [49d82811428469566667f22749610b8c132cdb3e]
+6.6-upstream-stable: released (6.6.14) [b7062628caeaec90e8f691ebab2d70f31b7b6b91]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52460 b/retired/CVE-2023-52460
new file mode 100644
index 00000000..1fd6acc0
--- /dev/null
+++ b/retired/CVE-2023-52460
@@ -0,0 +1,16 @@
+Description: drm/amd/display: Fix NULL pointer dereference at hibernate
+References:
+Notes:
+ carnil> Commit fixes 7966f319c66d ("drm/amd/display: Introduce DML2")
+ carnil> in 6.7-rc1.
+Bugs:
+upstream: released (6.8-rc1) [b719a9c15d52d4f56bdea8241a5d90fd9197ce99]
+6.7-upstream-stable: released (6.7.2) [6b80326efff093d037e0971831dca6ebddba9b45]
+6.6-upstream-stable: N/A "Vulnerable code not present"
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52461 b/retired/CVE-2023-52461
new file mode 100644
index 00000000..feb497c7
--- /dev/null
+++ b/retired/CVE-2023-52461
@@ -0,0 +1,16 @@
+Description: drm/sched: Fix bounds limiting when given a malformed entity
+References:
+Notes:
+ carnil> Commit fixes 56e449603f0ac5 ("drm/sched: Convert the GPU
+ carnil> scheduler to variable number of run-queues") in 6.7-rc1.
+Bugs:
+upstream: released (6.8-rc1) [2bbe6ab2be53858507f11f99f856846d04765ae3]
+6.7-upstream-stable: released (6.7.2) [1470d173925d697b497656b93f7c5bddae2e64b2]
+6.6-upstream-stable: N/A "Vulnerable code not present"
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52462 b/retired/CVE-2023-52462
new file mode 100644
index 00000000..bc8e940d
--- /dev/null
+++ b/retired/CVE-2023-52462
@@ -0,0 +1,16 @@
+Description: bpf: fix check for attempt to corrupt spilled pointer
+References:
+Notes:
+ carnil> Commit fixes 27113c59b6d0 ("bpf: Check the other end of
+ carnil> slot_type for STACK_SPILL") in 5.16-rc1 and 5.10.163.
+Bugs:
+upstream: released (6.8-rc1) [ab125ed3ec1c10ccc36bc98c7a4256ad114a3dae]
+6.7-upstream-stable: released (6.7.2) [40617d45ea05535105e202a8a819e388a2b1f036]
+6.6-upstream-stable: released (6.6.14) [8dc15b0670594543c356567a1a45b0182ec63174]
+6.1-upstream-stable: released (6.1.75) [fc3e3c50a0a4cac1463967c110686189e4a59104]
+5.10-upstream-stable: released (5.10.209) [2757f17972d87773b3677777f5682510f13c66ef]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-52463 b/retired/CVE-2023-52463
new file mode 100644
index 00000000..9a4f2a74
--- /dev/null
+++ b/retired/CVE-2023-52463
@@ -0,0 +1,16 @@
+Description: efivarfs: force RO when remounting if SetVariable is not supported
+References:
+Notes:
+ carnil> Commit fixes f88814cc2578 ("efi/efivars: Expose RT service
+ carnil> availability via efivars abstraction") in 5.8-rc7 (and 5.7.11)
+Bugs:
+upstream: released (6.8-rc1) [0e8d2444168dd519fea501599d150e62718ed2fe]
+6.7-upstream-stable: released (6.7.2) [d4a714873db0866cc471521114eeac4a5072d548]
+6.6-upstream-stable: released (6.6.14) [0049fe7e4a85849bdd778cdb72e51a791ff3d737]
+6.1-upstream-stable: released (6.1.75) [d4a9aa7db574a0da64307729cc031fb68597aa8b]
+5.10-upstream-stable: released (5.10.209) [94c742324ed7e42c5bd6a9ed22e4ec6d764db4d8]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2024-26599 b/retired/CVE-2024-26599
new file mode 100644
index 00000000..267ed3fc
--- /dev/null
+++ b/retired/CVE-2024-26599
@@ -0,0 +1,16 @@
+Description: pwm: Fix out-of-bounds access in of_pwm_single_xlate()
+References:
+Notes:
+ carnil> Commit fixes 3ab7b6ac5d82 ("pwm: Introduce single-PWM of_xlate
+ carnil> function") in 5.17-rc1.
+Bugs:
+upstream: released (6.8-rc1) [a297d07b9a1e4fb8cda25a4a2363a507d294b7c9]
+6.7-upstream-stable: released (6.7.2) [bae45b7ebb31984b63b13c3519fd724b3ce92123]
+6.6-upstream-stable: released (6.6.14) [e5f2b4b62977fb6c2efcbc5779e0c9dce18215f7]
+6.1-upstream-stable: released (6.1.75) [7b85554c7c2aee91171e038e4d5442ffa130b282]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-02-24 16:40:23 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-02-24 16:40:23 +0100
commit	62bda9a103e19908f3af0046dd2c83ee6d85637c (patch)
tree	93c86b4856cfd9401a24c7a4835a4c6b7956ee99 /retired
parent	f9074dc0b675f207ab224d857e5d73e19c4c8304 (diff)