Retire CVEs

24 files changed, 389 insertions, 0 deletions

diff --git a/retired/CVE-2021-46959 b/retired/CVE-2021-46959
new file mode 100644
index 00000000..4f0dd358
--- /dev/null
+++ b/retired/CVE-2021-46959
@@ -0,0 +1,17 @@
+Description: spi: Fix use-after-free with devm_spi_alloc_*
+References:
+Notes:
+ carnil> Introduced in 5e844cc37a5c ("spi: Introduce device-managed SPI controller
+ carnil> allocation"). Vulnerable versions: 4.4.248 4.9.248 4.14.212 4.19.163 5.4.80
+ carnil> 5.9.11 5.10-rc5.
+Bugs:
+upstream: released (5.13-rc1) [794aaf01444d4e765e2b067cba01cc69c1c68ed9]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [c7fabe372a9031acd00498bc718ce27c253abfd1]
+4.19-upstream-stable: released (4.19.191) [28a5529068c51cdf0295ab1e11a99a3a909a03e4]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47016 b/retired/CVE-2021-47016
new file mode 100644
index 00000000..8287b06f
--- /dev/null
+++ b/retired/CVE-2021-47016
@@ -0,0 +1,17 @@
+Description: m68k: mvme147,mvme16x: Don't wipe PCC timer config bits
+References:
+Notes:
+ carnil> Introduced in 7529b90d051e ("m68k: mvme147: Handle timer counter overflow")
+ carnil> 19999a8b8782 ("m68k: mvme16x: Handle timer counter overflow"). Vulnerable
+ carnil> versions: 5.2-rc1.
+Bugs:
+upstream: released (5.13-rc1) [43262178c043032e7c42d00de44c818ba05f9967]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [1dfb26df15fc7036a74221d43de7427f74293dae]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47020 b/retired/CVE-2021-47020
new file mode 100644
index 00000000..16be4b37
--- /dev/null
+++ b/retired/CVE-2021-47020
@@ -0,0 +1,16 @@
+Description: soundwire: stream: fix memory leak in stream config error path
+References:
+Notes:
+ carnil> Introduced in 89e590535f32 ("soundwire: Add support for SoundWire stream
+ carnil> management"). Vulnerable versions: 4.18-rc1.
+Bugs:
+upstream: released (5.13-rc1) [48f17f96a81763c7c8bf5500460a359b9939359f]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [7c468deae306d0cbbd539408c26cfec04c66159a]
+4.19-upstream-stable: released (4.19.191) [342260fe821047c3d515e3d28085d73fbdce3e80]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47054 b/retired/CVE-2021-47054
new file mode 100644
index 00000000..1cd055ab
--- /dev/null
+++ b/retired/CVE-2021-47054
@@ -0,0 +1,16 @@
+Description: bus: qcom: Put child node before return
+References:
+Notes:
+ carnil> Introduced in 335a12754808 ("bus: qcom: add EBI2 driver"). Vulnerable versions:
+ carnil> 4.9-rc1.
+Bugs:
+upstream: released (5.13-rc1) [ac6ad7c2a862d682bb584a4bc904d89fa7721af8]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [00f6abd3509b1d70d0ab0fbe65ce5685cebed8be]
+4.19-upstream-stable: released (4.19.191) [a399dd80e697a02cfb23e2fc09b87849994043d9]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47055 b/retired/CVE-2021-47055
new file mode 100644
index 00000000..0a618193
--- /dev/null
+++ b/retired/CVE-2021-47055
@@ -0,0 +1,17 @@
+Description: mtd: require write permissions for locking and badblock ioctls
+References:
+Notes:
+ carnil> Introduced in f7e6b19bc764 ("mtd: properly check all write ioctls for
+ carnil> permissions"). Vulnerable versions: 4.4.233 4.9.233 4.14.194 4.19.139 5.4.58
+ carnil> 5.7.15 5.8.1 5.9-rc1.
+Bugs:
+upstream: released (5.13-rc1) [1e97743fd180981bef5f01402342bb54bf1c6366]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [7b6552719c0ccbbea29dde4be141da54fdb5877e]
+4.19-upstream-stable: released (4.19.191) [75ed985bd6c8ac1d4e673e93ea9d96c9908c1d37]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47056 b/retired/CVE-2021-47056
new file mode 100644
index 00000000..4997c4e8
--- /dev/null
+++ b/retired/CVE-2021-47056
@@ -0,0 +1,16 @@
+Description: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
+References:
+Notes:
+ carnil> Introduced in 25c6ffb249f6 ("crypto: qat - check if PF is running"). Vulnerable
+ carnil> versions: 4.7-rc1.
+Bugs:
+upstream: released (5.13-rc1) [8609f5cfdc872fc3a462efa6a3eca5cb1e2f6446]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [1f50392650ae794a1aea41c213c6a3e1c824413c]
+4.19-upstream-stable: released (4.19.191) [09d16cee6285d37cc76311c29add6d97a7e4acda]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47057 b/retired/CVE-2021-47057
new file mode 100644
index 00000000..38e12f22
--- /dev/null
+++ b/retired/CVE-2021-47057
@@ -0,0 +1,16 @@
+Description: crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map
+References:
+Notes:
+ carnil> Introduced in ac2614d721de ("crypto: sun8i-ss - Add support for the PRNG").
+ carnil> Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [98b5ef3e97b16eaeeedb936f8bda3594ff84a70e]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [617ec35ed51f731a593ae7274228ef2cfc9cb781]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47058 b/retired/CVE-2021-47058
new file mode 100644
index 00000000..6d41a6f3
--- /dev/null
+++ b/retired/CVE-2021-47058
@@ -0,0 +1,16 @@
+Description: regmap: set debugfs_name to NULL after it is freed
+References:
+Notes:
+ carnil> Introduced in cffa4b2122f5 ("regmap: debugfs: Fix a memory leak when calling
+ carnil> regmap_attach_dev"). Vulnerable versions: 4.19.168 5.4.90 5.10.8 5.11-rc3.
+Bugs:
+upstream: released (5.13-rc1) [e41a962f82e7afb5b1ee644f48ad0b3aee656268]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [eb949f891226c012138ffd9df90d1e509f428ae6]
+4.19-upstream-stable: released (4.19.191) [2dc1554d5f0fdaf47cc5bea442b84b9226fea867]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47059 b/retired/CVE-2021-47059
new file mode 100644
index 00000000..ddb3ebd2
--- /dev/null
+++ b/retired/CVE-2021-47059
@@ -0,0 +1,16 @@
+Description: crypto: sun8i-ss - fix result memory leak on error path
+References:
+Notes:
+ carnil> Introduced in d9b45418a917 ("crypto: sun8i-ss - support hash algorithms").
+ carnil> Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [1dbc6a1e25be8575d6c4114d1d2b841a796507f7]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [1f12aaf07f61122cf5074d29714ee26f8d44b0e7]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47062 b/retired/CVE-2021-47062
new file mode 100644
index 00000000..981662cf
--- /dev/null
+++ b/retired/CVE-2021-47062
@@ -0,0 +1,16 @@
+Description: KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs
+References:
+Notes:
+ carnil> Introduced in ad73109ae7ec ("KVM: SVM: Provide support to launch and run an
+ carnil> SEV-ES guest"). Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.13-rc1) [c36b16d29f3af5f32fc1b2a3401bf48f71cabee1]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47064 b/retired/CVE-2021-47064
new file mode 100644
index 00000000..81c601af
--- /dev/null
+++ b/retired/CVE-2021-47064
@@ -0,0 +1,16 @@
+Description: mt76: fix potential DMA mapping leak
+References:
+Notes:
+ carnil> Introduced in 27d5c528a7ca ("mt76: fix double DMA unmap of the first buffer on
+ carnil> 7615/7915"). Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [b4403cee6400c5f679e9c4a82b91d61aa961eccf]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [9fa26701cd1fc4d932d431971efc5746325bdfce]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47065 b/retired/CVE-2021-47065
new file mode 100644
index 00000000..561d95c0
--- /dev/null
+++ b/retired/CVE-2021-47065
@@ -0,0 +1,16 @@
+Description: rtw88: Fix array overrun in rtw_get_tx_power_params()
+References:
+Notes:
+ carnil> Introduced in fa6dfe6bff24 ("rtw88: resolve order of tx power setting
+ carnil> routines"). Vulnerable versions: 5.3-rc1.
+Bugs:
+upstream: released (5.13-rc1) [2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [95fb153c6027924cda3422120169d1890737f3a0]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47066 b/retired/CVE-2021-47066
new file mode 100644
index 00000000..f9518492
--- /dev/null
+++ b/retired/CVE-2021-47066
@@ -0,0 +1,16 @@
+Description: async_xor: increase src_offs when dropping destination page
+References:
+Notes:
+ carnil> Introduced in 29bcff787a25 ("md/raid5: add new xor function to support
+ carnil> different page offset"). Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [ceaf2966ab082bbc4d26516f97b3ca8a676e2af8]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [cab2e8e5997b592fdb7d02cf2387b4b8e3057174]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47067 b/retired/CVE-2021-47067
new file mode 100644
index 00000000..724bceae
--- /dev/null
+++ b/retired/CVE-2021-47067
@@ -0,0 +1,16 @@
+Description: soc/tegra: regulators: Fix locking up when voltage-spread is out of range
+References:
+Notes:
+ carnil> Introduced in 783807436f36 ("soc/tegra: regulators: Add regulators coupler for
+ carnil> Tegra30"). Vulnerable versions: 5.5-rc1.
+Bugs:
+upstream: released (5.13-rc1) [ef85bb582c41524e9e68dfdbde48e519dac4ab3d]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [a1ad124c836816fac8bd5e461d36eaf33cee4e24]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47068 b/retired/CVE-2021-47068
new file mode 100644
index 00000000..efc01dc2
--- /dev/null
+++ b/retired/CVE-2021-47068
@@ -0,0 +1,17 @@
+Description: net/nfc: fix use-after-free llcp_sock_bind/connect
+References:
+Notes:
+ carnil> Introduced in c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()").
+ carnil> Vulnerable versions: 4.4.267 4.9.267 4.14.231 4.19.187 5.4.112 5.10.30 5.11.14
+ carnil> 5.12-rc7.
+Bugs:
+upstream: released (5.13-rc1) [c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [6b7021ed36dabf29e56842e3408781cd3b82ef6e]
+4.19-upstream-stable: released (4.19.191) [48fba458fe54cc2a980a05c13e6c19b8b2cfb610]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47069 b/retired/CVE-2021-47069
new file mode 100644
index 00000000..5e20cf08
--- /dev/null
+++ b/retired/CVE-2021-47069
@@ -0,0 +1,18 @@
+Description: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry
+References:
+Notes:
+ carnil> Introduced in c5b2cbdbdac563 ("ipc/mqueue.c: update/document memory barriers")
+ carnil> 8116b54e7e23ef ("ipc/sem.c: document and update memory barriers")
+ carnil> 0d97a82ba830d8 ("ipc/msg.c: update and document memory barriers"). Vulnerable
+ carnil> versions: 5.6-rc1.
+Bugs:
+upstream: released (5.13-rc3) [a11ddb37bf367e6b5239b95ca759e5389bb46048]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.40) [4528c0c323085e645b8765913b4a7fd42cf49b65]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.40-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47071 b/retired/CVE-2021-47071
new file mode 100644
index 00000000..ff3dbfe7
--- /dev/null
+++ b/retired/CVE-2021-47071
@@ -0,0 +1,16 @@
+Description: uio_hv_generic: Fix a memory leak in error handling paths
+References:
+Notes:
+ carnil> Introduced in cdfa835c6e5e ("uio_hv_generic: defer opening vmbus until first
+ carnil> use"). Vulnerable versions: 4.20-rc1.
+Bugs:
+upstream: released (5.13-rc3) [3ee098f96b8b6c1a98f7f97915f8873164e6af9d]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.40) [d84b5e912212b05f6b5bde9f682046accfbe0354]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.40-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47072 b/retired/CVE-2021-47072
new file mode 100644
index 00000000..b05ec7a6
--- /dev/null
+++ b/retired/CVE-2021-47072
@@ -0,0 +1,16 @@
+Description: btrfs: fix removed dentries still existing after log is synced
+References:
+Notes:
+ carnil> Introduced in 64d6b281ba4db0 ("btrfs: remove unnecessary
+ carnil> check_parent_dirs_for_sync()"). Vulnerable versions: 5.12-rc1.
+Bugs:
+upstream: released (5.13-rc3) [54a40fc3a1da21b52dbf19f72fdc27a2ec740760]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47073 b/retired/CVE-2021-47073
new file mode 100644
index 00000000..82b98448
--- /dev/null
+++ b/retired/CVE-2021-47073
@@ -0,0 +1,16 @@
+Description: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
+References:
+Notes:
+ carnil> Introduced in 1a258e670434 ("platform/x86: dell-smbios-wmi: Add new WMI
+ carnil> dispatcher driver"). Vulnerable versions: 4.15-rc1.
+Bugs:
+upstream: released (5.13-rc3) [3a53587423d25c87af4b4126a806a0575104b45e]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.40) [0cf036a0d325200e6c27b90908e51195bbc557b1]
+4.19-upstream-stable: released (4.19.192) [75cfc833da4a2111106d4c134e93e0c7f41e35e7]
+sid: released (5.10.40-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47075 b/retired/CVE-2021-47075
new file mode 100644
index 00000000..2d31abef
--- /dev/null
+++ b/retired/CVE-2021-47075
@@ -0,0 +1,16 @@
+Description: nvmet: fix memory leak in nvmet_alloc_ctrl()
+References:
+Notes:
+ carnil> Introduced in 94a39d61f80f ("nvmet: make ctrl-id configurable"). Vulnerable
+ carnil> versions: 5.7-rc1.
+Bugs:
+upstream: released (5.13-rc3) [fec356a61aa3d3a66416b4321f1279e09e0f256f]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.40) [4720f29acb3fe67aa8aa71e6b675b079d193aaeb]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.40-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47078 b/retired/CVE-2021-47078
new file mode 100644
index 00000000..f66a2904
--- /dev/null
+++ b/retired/CVE-2021-47078
@@ -0,0 +1,15 @@
+Description: RDMA/rxe: Clear all QP fields if creation failed
+References:
+Notes:
+ carnil> Introduced in 8700e3e7c485 ("Soft RoCE driver"). Vulnerable versions: 4.8-rc1.
+Bugs:
+upstream: released (5.13-rc3) [67f29896fdc83298eed5a6576ff8f9873f709228]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.40) [2ee4d79c364914989c80de382c0b1a7259a7e4b3]
+4.19-upstream-stable: released (4.19.192) [f3783c415bf6d2ead3d7aa2c38802bbe10723646]
+sid: released (5.10.40-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-47079 b/retired/CVE-2021-47079
new file mode 100644
index 00000000..51978990
--- /dev/null
+++ b/retired/CVE-2021-47079
@@ -0,0 +1,16 @@
+Description: platform/x86: ideapad-laptop: fix a NULL pointer dereference
+References:
+Notes:
+ carnil> Introduced in ff36b0d953dc4 ("platform/x86: ideapad-laptop: rework and create
+ carnil> new ACPI helpers"). Vulnerable versions: 5.12-rc1.
+Bugs:
+upstream: released (5.13-rc3) [ff67dbd554b2aaa22be933eced32610ff90209dd]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47080 b/retired/CVE-2021-47080
new file mode 100644
index 00000000..ea9ce187
--- /dev/null
+++ b/retired/CVE-2021-47080
@@ -0,0 +1,16 @@
+Description: RDMA/core: Prevent divide-by-zero error triggered by the user
+References:
+Notes:
+ carnil> Introduced in 9f85cbe50aa0 ("RDMA/uverbs: Expose the new GID query API to user
+ carnil> space"). Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc3) [54d87913f147a983589923c7f651f97de9af5be1]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.40) [66ab7fcdac34b890017f04f391507ef5b2b89a13]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.40-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-47081 b/retired/CVE-2021-47081
new file mode 100644
index 00000000..ee49ee5b
--- /dev/null
+++ b/retired/CVE-2021-47081
@@ -0,0 +1,16 @@
+Description: habanalabs/gaudi: Fix a potential use after free in gaudi_memset_device_memory
+References:
+Notes:
+ carnil> Introduced in 423815bf02e25 ("habanalabs/gaudi: remove PCI access to SM
+ carnil> block"). Vulnerable versions: 5.12-rc1.
+Bugs:
+upstream: released (5.13-rc3) [115726c5d312b462c9d9931ea42becdfa838a076]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"