From 1551e196a8e81a3b331ab17423d27d631d1cb851 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 25 Sep 2021 10:04:53 +0200 Subject: Retire some CVEs --- active/CVE-2021-3739 | 19 ------------------- active/CVE-2021-38166 | 16 ---------------- active/CVE-2021-41073 | 14 -------------- retired/CVE-2021-3739 | 19 +++++++++++++++++++ retired/CVE-2021-38166 | 16 ++++++++++++++++ retired/CVE-2021-41073 | 14 ++++++++++++++ 6 files changed, 49 insertions(+), 49 deletions(-) delete mode 100644 active/CVE-2021-3739 delete mode 100644 active/CVE-2021-38166 delete mode 100644 active/CVE-2021-41073 create mode 100644 retired/CVE-2021-3739 create mode 100644 retired/CVE-2021-38166 create mode 100644 retired/CVE-2021-41073 diff --git a/active/CVE-2021-3739 b/active/CVE-2021-3739 deleted file mode 100644 index 5d63ffae..00000000 --- a/active/CVE-2021-3739 +++ /dev/null @@ -1,19 +0,0 @@ -Description: btrfs: fix NULL pointer dereference when deleting device by invalid id -References: - https://www.openwall.com/lists/oss-security/2021/08/25/3 - https://lore.kernel.org/linux-btrfs/CAFcO6XO5TC5sEo-C9JGC75JkNAzkOSSLA3a=bwQqXFFbRTZ7Gw@mail.gmail.com/T/#md4b850f33616b7364f86e6fed144abc925f3669c - https://lore.kernel.org/linux-btrfs/20210806102415.304717-1-wqu@suse.com/T/#u - https://bugzilla.redhat.com/show_bug.cgi?id=1997958 -Notes: - carnil> Commit fixes a27a94c2b0c7 ("btrfs: Make - carnil> btrfs_find_device_by_devspec return btrfs_device directly") in - carnil> 4.20-rc1. -Bugs: -upstream: released (5.15-rc1) [e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091] -5.10-upstream-stable: released (5.10.62) [c43add24dffdbac269d5610465ced70cfc1bad9e] -4.19-upstream-stable: N/A "Vulnerable code introduced later" -4.9-upstream-stable: N/A "Vulnerable code introduced later" -sid: released (5.14.6-1) -5.10-bullseye-security: released (5.10.46-5) [bugfix/all/btrfs-fix-NULL-pointer-dereference-when-deleting-dev.patch] -4.19-buster-security: N/A "Vulnerable code introduced later" -4.9-stretch-security: N/A "Vulnerable code introduced later" diff --git a/active/CVE-2021-38166 b/active/CVE-2021-38166 deleted file mode 100644 index 6fea1d37..00000000 --- a/active/CVE-2021-38166 +++ /dev/null @@ -1,16 +0,0 @@ -Description: bpf: Fix integer overflow involving bucket_size -References: - https://lore.kernel.org/bpf/20210806150419.109658-1-th.yasumatsu@gmail.com/ - https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=c4eb1f403243fc7bbb7de644db8587c03de36da6 -Notes: - carnil> Commit fixes 057996380a42 ("bpf: Add batch ops to all htab bpf - carnil> map") which is in 5.6-rc1. -Bugs: -upstream: released (5.14-rc6) [c4eb1f403243fc7bbb7de644db8587c03de36da6] -5.10-upstream-stable: released (5.10.60) [e95620c3bdff83bdb15484e6ea7cc47af36fbc6d] -4.19-upstream-stable: N/A "Vulnerable code introduced later" -4.9-upstream-stable: N/A "Vulnerable code introduced later" -sid: released (5.14.6-1) -5.10-bullseye-security: released (5.10.46-5) [bugfix/all/bpf-Fix-integer-overflow-involving-bucket_size.patch] -4.19-buster-security: N/A "Vulnerable code introduced later" -4.9-stretch-security: N/A "Vulnerable code introduced later" diff --git a/active/CVE-2021-41073 b/active/CVE-2021-41073 deleted file mode 100644 index 2bfa8d69..00000000 --- a/active/CVE-2021-41073 +++ /dev/null @@ -1,14 +0,0 @@ -Description: io_uring: ensure symmetry in handling iter types in loop_rw_iter() -References: - https://www.openwall.com/lists/oss-security/2021/09/18/2 - https://twitter.com/chompie1337/status/1439743758447398918 -Notes: -Bugs: -upstream: released (5.15-rc2) [16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc] -5.10-upstream-stable: released (5.10.68) [ce8f81b76d3bef7b9fe6c8f84d029ab898b19469] -4.19-upstream-stable: N/A "Vulnerable code introduced later" -4.9-upstream-stable: N/A "Vulnerable code introduced later" -sid: released (5.14.6-2) [bugfix/all/io_uring-ensure-symmetry-in-handling-iter-types-in-l.patch] -5.10-bullseye-security: released (5.10.46-5) [bugfix/all/io_uring-ensure-symmetry-in-handling-iter-types-in-l.patch] -4.19-buster-security: N/A "Vulnerable code introduced later" -4.9-stretch-security: N/A "Vulnerable code introduced later" diff --git a/retired/CVE-2021-3739 b/retired/CVE-2021-3739 new file mode 100644 index 00000000..5d63ffae --- /dev/null +++ b/retired/CVE-2021-3739 @@ -0,0 +1,19 @@ +Description: btrfs: fix NULL pointer dereference when deleting device by invalid id +References: + https://www.openwall.com/lists/oss-security/2021/08/25/3 + https://lore.kernel.org/linux-btrfs/CAFcO6XO5TC5sEo-C9JGC75JkNAzkOSSLA3a=bwQqXFFbRTZ7Gw@mail.gmail.com/T/#md4b850f33616b7364f86e6fed144abc925f3669c + https://lore.kernel.org/linux-btrfs/20210806102415.304717-1-wqu@suse.com/T/#u + https://bugzilla.redhat.com/show_bug.cgi?id=1997958 +Notes: + carnil> Commit fixes a27a94c2b0c7 ("btrfs: Make + carnil> btrfs_find_device_by_devspec return btrfs_device directly") in + carnil> 4.20-rc1. +Bugs: +upstream: released (5.15-rc1) [e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091] +5.10-upstream-stable: released (5.10.62) [c43add24dffdbac269d5610465ced70cfc1bad9e] +4.19-upstream-stable: N/A "Vulnerable code introduced later" +4.9-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (5.14.6-1) +5.10-bullseye-security: released (5.10.46-5) [bugfix/all/btrfs-fix-NULL-pointer-dereference-when-deleting-dev.patch] +4.19-buster-security: N/A "Vulnerable code introduced later" +4.9-stretch-security: N/A "Vulnerable code introduced later" diff --git a/retired/CVE-2021-38166 b/retired/CVE-2021-38166 new file mode 100644 index 00000000..6fea1d37 --- /dev/null +++ b/retired/CVE-2021-38166 @@ -0,0 +1,16 @@ +Description: bpf: Fix integer overflow involving bucket_size +References: + https://lore.kernel.org/bpf/20210806150419.109658-1-th.yasumatsu@gmail.com/ + https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=c4eb1f403243fc7bbb7de644db8587c03de36da6 +Notes: + carnil> Commit fixes 057996380a42 ("bpf: Add batch ops to all htab bpf + carnil> map") which is in 5.6-rc1. +Bugs: +upstream: released (5.14-rc6) [c4eb1f403243fc7bbb7de644db8587c03de36da6] +5.10-upstream-stable: released (5.10.60) [e95620c3bdff83bdb15484e6ea7cc47af36fbc6d] +4.19-upstream-stable: N/A "Vulnerable code introduced later" +4.9-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (5.14.6-1) +5.10-bullseye-security: released (5.10.46-5) [bugfix/all/bpf-Fix-integer-overflow-involving-bucket_size.patch] +4.19-buster-security: N/A "Vulnerable code introduced later" +4.9-stretch-security: N/A "Vulnerable code introduced later" diff --git a/retired/CVE-2021-41073 b/retired/CVE-2021-41073 new file mode 100644 index 00000000..2bfa8d69 --- /dev/null +++ b/retired/CVE-2021-41073 @@ -0,0 +1,14 @@ +Description: io_uring: ensure symmetry in handling iter types in loop_rw_iter() +References: + https://www.openwall.com/lists/oss-security/2021/09/18/2 + https://twitter.com/chompie1337/status/1439743758447398918 +Notes: +Bugs: +upstream: released (5.15-rc2) [16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc] +5.10-upstream-stable: released (5.10.68) [ce8f81b76d3bef7b9fe6c8f84d029ab898b19469] +4.19-upstream-stable: N/A "Vulnerable code introduced later" +4.9-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (5.14.6-2) [bugfix/all/io_uring-ensure-symmetry-in-handling-iter-types-in-l.patch] +5.10-bullseye-security: released (5.10.46-5) [bugfix/all/io_uring-ensure-symmetry-in-handling-iter-types-in-l.patch] +4.19-buster-security: N/A "Vulnerable code introduced later" +4.9-stretch-security: N/A "Vulnerable code introduced later" -- cgit v1.2.3