From 1d38d666c28b2ab722d5f8ab709049f7f71b5774 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 17 Jan 2022 19:39:16 +0100 Subject: Retire two CVEs --- active/CVE-2021-46283 | 16 ---------------- active/CVE-2022-0264 | 13 ------------- retired/CVE-2021-46283 | 16 ++++++++++++++++ retired/CVE-2022-0264 | 13 +++++++++++++ 4 files changed, 29 insertions(+), 29 deletions(-) delete mode 100644 active/CVE-2021-46283 delete mode 100644 active/CVE-2022-0264 create mode 100644 retired/CVE-2021-46283 create mode 100644 retired/CVE-2022-0264 diff --git a/active/CVE-2021-46283 b/active/CVE-2021-46283 deleted file mode 100644 index 15525565..00000000 --- a/active/CVE-2021-46283 +++ /dev/null @@ -1,16 +0,0 @@ -Description: netfilter: nf_tables: initialize set before expression setup -References: - https://bugzilla.suse.com/show_bug.cgi?id=1194518 - https://syzkaller.appspot.com/bug?id=22c3987f75a7b90e238a26b5a5920525c2d1f345 -Notes: - carnil> Commit fixes 65038428b2c6 ("netfilter: nf_tables: allow to - carnil> specify stateful expression in set definition") in 5.7-rc1. -Bugs: -upstream: released (5.13-rc7) [ad9f151e560b016b6ad3280b48e42fa11e1a5440] -5.10-upstream-stable: released (5.10.64) [36983fc2f87ea3b74a33bf460c9ee7329735b7b5] -4.19-upstream-stable: N/A "Vulnerable code not present" -4.9-upstream-stable: N/A "Vulnerable code not present" -sid: released (5.14.6-1) -5.10-bullseye-security: released (5.10.70-1) -4.19-buster-security: N/A "Vulnerable code not present" -4.9-stretch-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2022-0264 b/active/CVE-2022-0264 deleted file mode 100644 index d65fcd08..00000000 --- a/active/CVE-2022-0264 +++ /dev/null @@ -1,13 +0,0 @@ -Description: bpf: Fix kernel address leakage in atomic fetch -References: - https://bugzilla.redhat.com/show_bug.cgi?id=2041547 -Notes: -Bugs: -upstream: released (5.16-rc6) [7d3baf0afa3aa9102d6a521a8e4c41888bb79882] -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -4.9-upstream-stable: N/A "Vulnerable code not present" -sid: released (5.15.5-2) -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" -4.9-stretch-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46283 b/retired/CVE-2021-46283 new file mode 100644 index 00000000..15525565 --- /dev/null +++ b/retired/CVE-2021-46283 @@ -0,0 +1,16 @@ +Description: netfilter: nf_tables: initialize set before expression setup +References: + https://bugzilla.suse.com/show_bug.cgi?id=1194518 + https://syzkaller.appspot.com/bug?id=22c3987f75a7b90e238a26b5a5920525c2d1f345 +Notes: + carnil> Commit fixes 65038428b2c6 ("netfilter: nf_tables: allow to + carnil> specify stateful expression in set definition") in 5.7-rc1. +Bugs: +upstream: released (5.13-rc7) [ad9f151e560b016b6ad3280b48e42fa11e1a5440] +5.10-upstream-stable: released (5.10.64) [36983fc2f87ea3b74a33bf460c9ee7329735b7b5] +4.19-upstream-stable: N/A "Vulnerable code not present" +4.9-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.14.6-1) +5.10-bullseye-security: released (5.10.70-1) +4.19-buster-security: N/A "Vulnerable code not present" +4.9-stretch-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2022-0264 b/retired/CVE-2022-0264 new file mode 100644 index 00000000..d65fcd08 --- /dev/null +++ b/retired/CVE-2022-0264 @@ -0,0 +1,13 @@ +Description: bpf: Fix kernel address leakage in atomic fetch +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2041547 +Notes: +Bugs: +upstream: released (5.16-rc6) [7d3baf0afa3aa9102d6a521a8e4c41888bb79882] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +4.9-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-2) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" +4.9-stretch-security: N/A "Vulnerable code not present" -- cgit v1.2.3