Retire two CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-08-16 22:50:28 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-08-16 22:50:28 +0200
commit: d81344ea692c2af19b49495348d83c3066fa204b (patch)
tree: fc47d61f198697a88b01d38aa35b75d3808d62c2 /retired
parent: 8bc52247921554f653ccd428bbc3484adda21812 (diff)
2 files changed, 35 insertions, 0 deletions
diff --git a/retired/CVE-2023-3108 b/retired/CVE-2023-3108
new file mode 100644
index 00000000..458c0165
--- /dev/null
+++ b/retired/CVE-2023-3108
@@ -0,0 +1,17 @@
+Description: rypto: fix af_alg_make_sg() conversion to iov_iter
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2221472
+Notes:
+ carnil> If I understand correctly then this was introduced only anyway
+ carnil> in 1d10eb2f156f ("crypto: switch af_alg_make_sg() to iov_iter")
+ carnil> which is as well in 4.0-rc1. So actually no released version
+ carnil> was ever affected.
+Bugs:
+upstream: released (4.0-rc1) [9399f0c51489ae8c16d6559b82a452fdc1895e91]
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Fixed before branching point"
+4.19-upstream-stable: N/A "Fixed before branching point"
+sid: released (4.0.2-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Fixed before branching point"
diff --git a/retired/CVE-2023-33250 b/retired/CVE-2023-33250
new file mode 100644
index 00000000..52cf845a
--- /dev/null
+++ b/retired/CVE-2023-33250
@@ -0,0 +1,18 @@
+Description: KASAN: slab-use-after-free in iopt_unmap_iova_range
+References:
+ https://groups.google.com/g/syzkaller/c/G6P9yecsTZ8/m/iiqFVOM9BwAJ
+ https://lore.kernel.org/linux-iommu/ZDabT%2FuRl%2FjxFhm0%40ip-172-31-85-199.ec2.internal/T/
+Notes:
+ bwh> The use-after-free is the unlocked read of area->num_accesses,
+ bwh> introduced in 6.2 by commit 8d40205f6093 "iommufd: Add kAPI
+ bwh> toward external drivers for kernel access".
+ carnil> Fixed as well in 6.4.4 for 6.4.y.
+Bugs:
+upstream: released (6.5-rc1) [dbe245cdf5189e88d680379ed13901356628b650, 804ca14d04df09bf7924bacc5ad22a4bed80c94f]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.4.4-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2023-08-16 22:50:28 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-08-16 22:50:28 +0200
commit	d81344ea692c2af19b49495348d83c3066fa204b (patch)
tree	fc47d61f198697a88b01d38aa35b75d3808d62c2 /retired
parent	8bc52247921554f653ccd428bbc3484adda21812 (diff)