Retire CVE-2020-7053

1 files changed, 21 insertions, 0 deletions

diff --git a/retired/CVE-2020-7053 b/retired/CVE-2020-7053
new file mode 100644
index 000000000..0a456d1bf
--- /dev/null
+++ b/retired/CVE-2020-7053
@@ -0,0 +1,21 @@
+Description: drm/i915: Fix use-after-free when destroying GEM context
+References:
+ https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com/
+ https://bugzilla.suse.com/show_bug.cgi?id=1160966
+Notes:
+ carnil> Issue was (differently) fixed in mainline by commit
+ carnil> 7dc40713618c ("drm/i915: Introduce a mutex for file_priv-
+ carnil> >context_idr") as part of a more complex patch which is part of
+ carnil> 5.2-rc1. There is a proposed simplified fix by Tyler Hicks for
+ carnil> 4.19.y, 4.14.y.
+ carnil> Introduced in 1acfc104cdf8 ("drm/i915: Enable rcu-only context
+ carnil> lookups") in 4.14-rc1.
+Bugs:
+upstream: released (5.2-rc1) [7dc40713618c884bf07c030d1ab1f47a9dc1f310]
+4.19-upstream-stable: released (4.19.97) [afb89cd5f2ba2d5d04b85b2692a9a3d86b6fabd7]
+4.9-upstream-stable: N/A "Vulnerable code introduced later"
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (5.2.6-1)
+4.19-buster-security: released (4.19.98-1)
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"