summaryrefslogtreecommitdiffstats
path: root/ignored
diff options
context:
space:
mode:
Diffstat (limited to 'ignored')
-rw-r--r--ignored/CVE-2018-1292919
-rw-r--r--ignored/CVE-2018-1293020
-rw-r--r--ignored/CVE-2018-1293120
-rw-r--r--ignored/CVE-2022-4184815
-rw-r--r--ignored/CVE-2022-4403216
-rw-r--r--ignored/CVE-2022-4403316
-rw-r--r--ignored/CVE-2022-4588416
-rw-r--r--ignored/CVE-2022-4588516
8 files changed, 138 insertions, 0 deletions
diff --git a/ignored/CVE-2018-12929 b/ignored/CVE-2018-12929
new file mode 100644
index 00000000..cf4d4f64
--- /dev/null
+++ b/ignored/CVE-2018-12929
@@ -0,0 +1,19 @@
+Description: use-after-free in ntfs_read_locked_inode()
+References:
+Notes:
+ carnil> Upload for Debian disables NTFS_FS and marks it as BROKEN
+ jmm> Setting as ignored for upstream since dead/unmaintained and
+ jmm> ignored for all suites where it's marked as BROKEN
+Bugs:
+upstream: ignored
+6.1-upstream-stable: ignored
+5.10-upstream-stable: ignored
+4.19-upstream-stable: ignored
+4.9-upstream-stable: ignored "EOL"
+3.16-upstream-stable: ignored "ntfs is not supportable"
+sid: released (4.19.37-1) [debian/ntfs-mark-it-as-broken.patch]
+6.1-bookworm-security: N/A "Fixed before branch point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: ignored "EOL"
+3.16-jessie-security: ignored "ntfs is not supportable"
diff --git a/ignored/CVE-2018-12930 b/ignored/CVE-2018-12930
new file mode 100644
index 00000000..46a79bab
--- /dev/null
+++ b/ignored/CVE-2018-12930
@@ -0,0 +1,20 @@
+Description: out-of-bounds-write in ntfs_end_buffer_async_read()
+References:
+Notes:
+ jmm> Red Hat fixed that in RHSA-2019:0641
+ carnil> Upload for Debian disables NTFS_FS and marks it as BROKEN
+ jmm> Setting as ignored for upstream since dead/unmaintained and
+ jmm> ignored for all suites where it's marked as BROKEN
+Bugs:
+upstream: ignored
+6.1-upstream-stable: ignored
+5.10-upstream-stable: ignored
+4.19-upstream-stable: ignored
+4.9-upstream-stable: ignored "EOL"
+3.16-upstream-stable: ignored "ntfs is not supportable"
+sid: released (4.19.37-1) [debian/ntfs-mark-it-as-broken.patch]
+6.1-bookworm-security: N/A "Fixed before branch point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: ignored "EOL"
+3.16-jessie-security: ignored "ntfs is not supportable"
diff --git a/ignored/CVE-2018-12931 b/ignored/CVE-2018-12931
new file mode 100644
index 00000000..73648271
--- /dev/null
+++ b/ignored/CVE-2018-12931
@@ -0,0 +1,20 @@
+Description: out-of-bounds write in ntfs_attr_find()
+References:
+Notes:
+ jmm> Red Hat fixed that in RHSA-2019:0641
+ carnil> Upload for Debian disables NTFS_FS and marks it as BROKEN
+ jmm> Setting as ignored for upstream since dead/unmaintained and
+ jmm> ignored for all suites where it's marked as BROKEN
+Bugs:
+upstream: ignored
+6.1-upstream-stable: ignored
+5.10-upstream-stable: ignored
+4.19-upstream-stable: ignored
+4.9-upstream-stable: ignored "EOL"
+3.16-upstream-stable: ignored "ntfs is not supportable"
+sid: released (4.19.37-1) [debian/ntfs-mark-it-as-broken.patch]
+6.1-bookworm-security: N/A "Fixed before branch point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: ignored "EOL"
+3.16-jessie-security: ignored "ntfs is not supportable"
diff --git a/ignored/CVE-2022-41848 b/ignored/CVE-2022-41848
new file mode 100644
index 00000000..ecdb6a6c
--- /dev/null
+++ b/ignored/CVE-2022-41848
@@ -0,0 +1,15 @@
+Description: char: pcmcia: synclink_cs: Fix use-after-free in mgslpc_ops
+References:
+ https://lore.kernel.org/lkml/20220919040251.GA302541@ubuntu/T/#rc85e751f467b3e6f9ccef92cfa7fb8a6cc50c270
+Notes:
+ carnil> Negligible security impact, would need physical access to
+ carnil> "exploit"
+Bugs:
+upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
diff --git a/ignored/CVE-2022-44032 b/ignored/CVE-2022-44032
new file mode 100644
index 00000000..0a5b4ee8
--- /dev/null
+++ b/ignored/CVE-2022-44032
@@ -0,0 +1,16 @@
+Description: char: pcmcia: cm4000_cs: Fix use-after-free in cm4000_fops
+References:
+ https://lore.kernel.org/lkml/20220915020834.GA110086@ubuntu/
+ https://lore.kernel.org/lkml/20220919040701.GA302806@ubuntu/
+Notes:
+ carnil> Negligible security impact, would need physical access to
+ carnil> "exploit"
+Bugs:
+upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
diff --git a/ignored/CVE-2022-44033 b/ignored/CVE-2022-44033
new file mode 100644
index 00000000..fd8d99da
--- /dev/null
+++ b/ignored/CVE-2022-44033
@@ -0,0 +1,16 @@
+Description: char: pcmcia: cm4040_cs: Fix use-after-free in reader_fops
+References:
+ https://lore.kernel.org/lkml/20220915020834.GA110086@ubuntu/
+ https://lore.kernel.org/lkml/20220919040457.GA302681@ubuntu/
+Notes:
+ carnil> Negligible security impact, would need physical access to
+ carnil> "exploit"
+Bugs:
+upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
diff --git a/ignored/CVE-2022-45884 b/ignored/CVE-2022-45884
new file mode 100644
index 00000000..ad9d2013
--- /dev/null
+++ b/ignored/CVE-2022-45884
@@ -0,0 +1,16 @@
+Description: media: dvb-core: Fix use-after-free due to race condition occurring in dvb_register_device()
+References:
+ https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/
+ https://lore.kernel.org/linux-media/20221115131822.6640-4-imv4bel@gmail.com/
+Notes:
+ carnil> Negligible security impact, would need physical access to
+ carnil> "exploit"
+Bugs:
+upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
diff --git a/ignored/CVE-2022-45885 b/ignored/CVE-2022-45885
new file mode 100644
index 00000000..5980995f
--- /dev/null
+++ b/ignored/CVE-2022-45885
@@ -0,0 +1,16 @@
+Description: media: dvb-core: Fix use-after-free due to race condition occurring in dvb_frontend
+References:
+ https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/
+ https://lore.kernel.org/linux-media/20221115131822.6640-2-imv4bel@gmail.com/
+Notes:
+ carnil> Negligible security impact, would need physical access to
+ carnil> "exploit"
+Bugs:
+upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"
+4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway"

© 2014-2024 Faster IT GmbH | imprint | privacy policy