diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-05-04 21:06:26 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-05-04 21:06:26 +0200 |
commit | c881c15e64062b7f597192202883d039e26bf48b (patch) | |
tree | 60ec3f7c39bd6ff77ba4c548bfa8f82aa72355fe /retired | |
parent | b3899221e25568314287272d73ce3ba515d5b8f2 (diff) |
Retire some CVEs
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2019-14896 | 17 | ||||
-rw-r--r-- | retired/CVE-2019-14897 | 18 | ||||
-rw-r--r-- | retired/CVE-2019-14901 | 16 | ||||
-rw-r--r-- | retired/CVE-2020-10720 | 15 | ||||
-rw-r--r-- | retired/CVE-2020-11884 | 15 |
5 files changed, 81 insertions, 0 deletions
diff --git a/retired/CVE-2019-14896 b/retired/CVE-2019-14896 new file mode 100644 index 000000000..8f67178a1 --- /dev/null +++ b/retired/CVE-2019-14896 @@ -0,0 +1,17 @@ +Description: Heap overflow in add_ie_rates() function of libertas Wifi Driver +References: + https://www.openwall.com/lists/oss-security/2019/11/22/1 + https://patchwork.kernel.org/patch/11257187/ + https://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers.git/commit/?id=e5e884b42639c74b5b57dc277909915c0aefc8bb +Notes: + bwh> Introduced in 2.6.36 by commit e86dc1ca4676 "Libertas: cfg80211 support". + carnil> Fixed as well in 5.4.16. +Bugs: +upstream: released (5.5) [e5e884b42639c74b5b57dc277909915c0aefc8bb] +4.19-upstream-stable: released (4.19.100) cbd56515be5a8ea97134ef762b7a2923b94cb9c4] +4.9-upstream-stable: released (4.9.212) [b5e6f199de3b7f16b641c4ec5ac92906af1a9232] +3.16-upstream-stable: released (3.16.83) [e4646070f91312414af0ca9332a79b7153150fae] +sid: released (5.4.19-1) +4.19-buster-security: released (4.19.98-1) [bugfix/all/libertas-fix-two-buffer-overflows-at-parsing-bss-descriptor.patch] +4.9-stretch-security: released (4.9.210-1) [bugfix/all/libertas-fix-two-buffer-overflows-at-parsing-bss-descriptor.patch] +3.16-jessie-security: released (3.16.81-1) [bugfix/all/libertas-fix-two-buffer-overflows-at-parsing-bss-descriptor.patch] diff --git a/retired/CVE-2019-14897 b/retired/CVE-2019-14897 new file mode 100644 index 000000000..5456af053 --- /dev/null +++ b/retired/CVE-2019-14897 @@ -0,0 +1,18 @@ +Description: Stack overflow in lbs_ibss_join_existing() function of libertas Wifi Driver +References: + https://www.openwall.com/lists/oss-security/2019/11/22/1 + https://patchwork.kernel.org/patch/11257187/ + https://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers.git/commit/?id=e5e884b42639c74b5b57dc277909915c0aefc8bb +Notes: + bwh> Introduced in 2.6.36 by commit e86dc1ca4676 "Libertas: cfg80211 support". + bwh> Upstream fix has unbalanced locking so will need a follow-up fix. + carnil> Fixed as well in 5.4.16. +Bugs: +upstream: released (5.5) [e5e884b42639c74b5b57dc277909915c0aefc8bb] +4.19-upstream-stable: released (4.19.100) cbd56515be5a8ea97134ef762b7a2923b94cb9c4] +4.9-upstream-stable: released (4.9.212) [e5e884b42639c74b5b57dc277909915c0aefc8bb] +3.16-upstream-stable: released (3.16.83) [e4646070f91312414af0ca9332a79b7153150fae] +sid: released (5.4.19-1) +4.19-buster-security: released (4.19.98-1) [bugfix/all/libertas-fix-two-buffer-overflows-at-parsing-bss-descriptor.patch] +4.9-stretch-security: released (4.9.210-1) [bugfix/all/libertas-fix-two-buffer-overflows-at-parsing-bss-descriptor.patch] +3.16-jessie-security: released (3.16.81-1) [bugfix/all/libertas-fix-two-buffer-overflows-at-parsing-bss-descriptor.patch] diff --git a/retired/CVE-2019-14901 b/retired/CVE-2019-14901 new file mode 100644 index 000000000..d7a4732dc --- /dev/null +++ b/retired/CVE-2019-14901 @@ -0,0 +1,16 @@ +Description: heap OOB read in mwifiex wifi driver +References: + https://www.openwall.com/lists/oss-security/2019/11/22/2 + https://patchwork.kernel.org/patch/11257535/ +Notes: + bwh> Introduced in 3.15 by commit 5f2caaf32bc6 "mwifiex: parse TDLS action + bwh> frames during RX". +Bugs: +upstream: released (5.5-rc3) [1e58252e334dc3f3756f424a157d1b7484464c40] +4.19-upstream-stable: released (4.19.95) [21f08020dd8519baf209348c345131a8967e3cef] +4.9-upstream-stable: released (4.9.217) [cb87b895f1468df7a163a6c665bf106a4d26f8c1] +3.16-upstream-stable: released (3.16.83) [ef0449fb4c94e52c1f5f7170b52a738acf9af5ff] +sid: released (5.4.13-1) +4.19-buster-security: released (4.19.98-1) +4.9-stretch-security: released (4.9.210-1) [bugfix/all/mwifiex-fix-heap-overflow-in-mmwifiex_process_tdls_a.patch] +3.16-jessie-security: released (3.16.81-1) [bugfix/all/mwifiex-fix-heap-overflow-in-mmwifiex_process_tdls_a.patch] diff --git a/retired/CVE-2020-10720 b/retired/CVE-2020-10720 new file mode 100644 index 000000000..4f8e8f134 --- /dev/null +++ b/retired/CVE-2020-10720 @@ -0,0 +1,15 @@ +Description: net-gro: fix use-after-free read in napi_gro_frags() +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1781204 +Notes: + carnil> No details by Red Hat provided apart only internal reference to + carnil> http://patchwork.lab.bos.redhat.com/patch/271215/ +Bugs: +upstream: released (5.2-rc3) [a4270d6795b0580287453ea55974d948393e66ef] +4.19-upstream-stable: released (4.19.48) [39fd0dc4a5565a1df7d84b1c92d2050233b15b5a] +4.9-upstream-stable: released (4.9.181) [12855df4065b6e13878d7b8abc948aa719295bc1] +3.16-upstream-stable: released (3.16.75) [f41184b4ba5bbf98b8eecae2a16fca34a669376f] +sid: released (5.2.6-1) +4.19-buster-security: released (4.19.67-1) +4.9-stretch-security: released (4.9.184-1) +3.16-jessie-security: released (3.16.76-1) diff --git a/retired/CVE-2020-11884 b/retired/CVE-2020-11884 new file mode 100644 index 000000000..9741349f4 --- /dev/null +++ b/retired/CVE-2020-11884 @@ -0,0 +1,15 @@ +Description: s390/mm: fix page table upgrade vs 2ndary address mode accesses +References: +Notes: + carnil> Embargoed until 2020-04-28. + carnil> Introduced in 0aaba41b58bc ("s390: remove all code using the + carnil> access register mode") in 4.15-rc1. +Bugs: +upstream: released (5.7-rc4) [316ec154810960052d4586b634156c54d0778f74] +4.19-upstream-stable: released (4.19.119) [215d1f3928713d6eaec67244bcda72105b898000] +4.9-upstream-stable: N/A "Vulnerable code introduced later" +3.16-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (5.6.7-1) [bugfix/s390x/s390-mm-fix-page-table-upgrade-vs-2ndary-address-mod.patch] +4.19-buster-security: released (4.19.98-1+deb10u1) [bugfix/s390x/s390-mm-fix-page-table-upgrade-vs-2ndary-address-mod.patch] +4.9-stretch-security: N/A "Vulnerable code introduced later" +3.16-jessie-security: N/A "Vulnerable code introduced later" |