From 4bb654606ab55a981044175caa5373846e31b960 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 15 Jun 2020 07:33:54 +0200 Subject: Retire some CVEs --- active/CVE-2019-19462 | 20 -------------------- active/CVE-2020-0543 | 18 ------------------ active/CVE-2020-10757 | 16 ---------------- retired/CVE-2019-19462 | 20 ++++++++++++++++++++ retired/CVE-2020-0543 | 18 ++++++++++++++++++ retired/CVE-2020-10757 | 16 ++++++++++++++++ 6 files changed, 54 insertions(+), 54 deletions(-) delete mode 100644 active/CVE-2019-19462 delete mode 100644 active/CVE-2020-0543 delete mode 100644 active/CVE-2020-10757 create mode 100644 retired/CVE-2019-19462 create mode 100644 retired/CVE-2020-0543 create mode 100644 retired/CVE-2020-10757 diff --git a/active/CVE-2019-19462 b/active/CVE-2019-19462 deleted file mode 100644 index 14fd4745..00000000 --- a/active/CVE-2019-19462 +++ /dev/null @@ -1,20 +0,0 @@ -Description: relay: handle alloc_percpu returning NULL in relay_open -References: - https://lore.kernel.org/lkml/20191129013745.7168-1-dja@axtens.net/ - https://syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8 - https://syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531 - https://syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046 - https://syzkaller.appspot.com/bug?id=f4d1cb4330bd3ddf4a628332b4285407b2eedd7b - https://lore.kernel.org/lkml/20191219121256.26480-1-dja@axtens.net/ -Notes: - bwh> Introduced in 4.9 (not 4.10) by commit 017c59c042d0 "relay: Use per - bwh> CPU constructs for the relay channel buffer pointers". -Bugs: -upstream: released (5.8-rc1) [54e200ab40fc14c863bcc80a51e20b7906608fce] -4.19-upstream-stable: released (4.19.127) [8b5dfa53eeb6c8bba5a035d38f6f8b981aebb622] -4.9-upstream-stable: released (4.9.227) [d1774b0459875e2bf3e93b86294296e5494fd0b7] -3.16-upstream-stable: N/A "Vulnerability introduced later" -sid: released (5.6.14-2) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] -4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] -3.16-jessie-security: N/A "Vulnerability introduced later" diff --git a/active/CVE-2020-0543 b/active/CVE-2020-0543 deleted file mode 100644 index efe4ae1d..00000000 --- a/active/CVE-2020-0543 +++ /dev/null @@ -1,18 +0,0 @@ -Description: Special Register Buffer Data Sampling (SRBDS) -References: - https://www.vusec.net/projects/crosstalk/ - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html -Notes: - bwh> This issue will be mitigated by a microcode update. However, - bwh> kernel changes are needed to limit the performance impact and - bwh> to allow disabling the mitigation where it is unneeded. - bwh> Embargoed until 2020-06-09 17:00 UTC. -Bugs: -upstream: released (5.8-rc1) [e9d7144597b10ff13ff2264c059f7d4a7fbc89ac, 93920f61c2ad7edb01e63323832585796af75fc9, 7e5b3c267d256822407a22fdce6afdf9cd13f9fb, 7222a1b5b87417f22265c92deea76a6aecd0fb0f, 3798cc4d106e91382bfe016caa2edada27c2bb3f] -4.19-upstream-stable: released (4.19.128) [253b9e7ac000154fc41b217660cb4c99f51e2ed0, 6682fe2fca22e45153e69f5b7ce7282bcba3565f, b65105dc4242f949cea9264851ff5e5473434a91, 00c2119c632e04948677a941cbad2427b0666046, 79623df18eacf685c1ee4a1c4c185b3b92eb1167] -4.9-upstream-stable: released (4.9.227) [5f8f40583aad4aa3c0fc8a9adaa9f1c988fa8e9e, 15cf7ca9f59ff911cd5582969377bbf8c2ecab8a, 2f93f8d6891c2bd3963e1c68ad3eabf4dd6a55af, 2808035ba55eb8aaaf5eb37421dbfff37c1f25a8, 4798f72395eb523d251f18226527329debe353e9] -3.16-upstream-stable: released (3.16.85) [bed86e750bb02981a5efe110b7e9ae3d989a2e73, 98a637c406eefe95f2428739c1397f250bb7fadd, 8c95356f8493c164c8878134d25f30cbd6d7ae5c, 0d314e817a11e62ab223b27166de0c6b3859e0e7, 948cfe9d8a2e3f0465340d5dea9d61f282df00e7] -sid: released (5.6.14-2) [bugfix/x86/srbds/0001-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu_id.patch, bugfix/x86/srbds/0002-x86-cpu-Add-table-argument-to-cpu_matches.patch, bugfix/x86/srbds/0003-x86-speculation-Add-Special-Register-Buffer-Data-Sam.patch, bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch, bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch] -4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/x86/srbds/0001-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu_id.patch, bugfix/x86/srbds/0002-x86-cpu-Add-table-argument-to-cpu_matches.patch, bugfix/x86/srbds/0003-x86-speculation-Add-Special-Register-Buffer-Data-Sam.patch, bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch, bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch] -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/x86/srbds/0001-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu_id.patch, bugfix/x86/srbds/0002-x86-cpu-Add-table-argument-to-cpu_matches.patch, bugfix/x86/srbds/0003-x86-speculation-Add-Special-Register-Buffer-Data-Sam.patch, bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch, bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/x86/srbds/0001-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu_id.patch, bugfix/x86/srbds/0002-x86-cpu-Add-table-argument-to-cpu_matches.patch, bugfix/x86/srbds/0003-x86-speculation-Add-Special-Register-Buffer-Data-Sam.patch, bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch, bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch] diff --git a/active/CVE-2020-10757 b/active/CVE-2020-10757 deleted file mode 100644 index f4e68bb1..00000000 --- a/active/CVE-2020-10757 +++ /dev/null @@ -1,16 +0,0 @@ -Description: mm: Fix mremap not considering huge pmd devmap -References: - https://lore.kernel.org/lkml/A82D1BB5-D868-489A-BFED-9FCE71649A46@sjtu.edu.cn/ - https://www.openwall.com/lists/oss-security/2020/06/04/4 -Notes: - carnil> Introduced in 5c7fb56e5e3f ("mm, dax: dax-pmd vs thp-pmd vs - carnil> hugetlbfs-pmd") in 4.5-rc1 -Bugs: -upstream: released (5.8-rc1) [5bfea2d9b17f1034a68147a8b03b9789af5700f9] -4.19-upstream-stable: released (4.19.127) [78385480fd6572a83e7541e37658d9a7de6dc9b1] -4.9-upstream-stable: released (4.9.227) [c915cffda0a4329ee454646138fe2b11c5ba3cd6] -3.16-upstream-stable: N/A "Vulnerable code introduced later" -sid: released (5.6.14-2) [bugfix/all/mm-Fix-mremap-not-considering-huge-pmd-devmap.patch] -4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/mm-Fix-mremap-not-considering-huge-pmd-devmap.patch] -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/mm-Fix-mremap-not-considering-huge-pmd-devmap.patch] -3.16-jessie-security: N/A "Vulnerable code introduced later" diff --git a/retired/CVE-2019-19462 b/retired/CVE-2019-19462 new file mode 100644 index 00000000..14fd4745 --- /dev/null +++ b/retired/CVE-2019-19462 @@ -0,0 +1,20 @@ +Description: relay: handle alloc_percpu returning NULL in relay_open +References: + https://lore.kernel.org/lkml/20191129013745.7168-1-dja@axtens.net/ + https://syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8 + https://syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531 + https://syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046 + https://syzkaller.appspot.com/bug?id=f4d1cb4330bd3ddf4a628332b4285407b2eedd7b + https://lore.kernel.org/lkml/20191219121256.26480-1-dja@axtens.net/ +Notes: + bwh> Introduced in 4.9 (not 4.10) by commit 017c59c042d0 "relay: Use per + bwh> CPU constructs for the relay channel buffer pointers". +Bugs: +upstream: released (5.8-rc1) [54e200ab40fc14c863bcc80a51e20b7906608fce] +4.19-upstream-stable: released (4.19.127) [8b5dfa53eeb6c8bba5a035d38f6f8b981aebb622] +4.9-upstream-stable: released (4.9.227) [d1774b0459875e2bf3e93b86294296e5494fd0b7] +3.16-upstream-stable: N/A "Vulnerability introduced later" +sid: released (5.6.14-2) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] +4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] +4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/kernel-relay.c-handle-alloc_percpu-returning-NULL-in.patch] +3.16-jessie-security: N/A "Vulnerability introduced later" diff --git a/retired/CVE-2020-0543 b/retired/CVE-2020-0543 new file mode 100644 index 00000000..efe4ae1d --- /dev/null +++ b/retired/CVE-2020-0543 @@ -0,0 +1,18 @@ +Description: Special Register Buffer Data Sampling (SRBDS) +References: + https://www.vusec.net/projects/crosstalk/ + https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html +Notes: + bwh> This issue will be mitigated by a microcode update. However, + bwh> kernel changes are needed to limit the performance impact and + bwh> to allow disabling the mitigation where it is unneeded. + bwh> Embargoed until 2020-06-09 17:00 UTC. +Bugs: +upstream: released (5.8-rc1) [e9d7144597b10ff13ff2264c059f7d4a7fbc89ac, 93920f61c2ad7edb01e63323832585796af75fc9, 7e5b3c267d256822407a22fdce6afdf9cd13f9fb, 7222a1b5b87417f22265c92deea76a6aecd0fb0f, 3798cc4d106e91382bfe016caa2edada27c2bb3f] +4.19-upstream-stable: released (4.19.128) [253b9e7ac000154fc41b217660cb4c99f51e2ed0, 6682fe2fca22e45153e69f5b7ce7282bcba3565f, b65105dc4242f949cea9264851ff5e5473434a91, 00c2119c632e04948677a941cbad2427b0666046, 79623df18eacf685c1ee4a1c4c185b3b92eb1167] +4.9-upstream-stable: released (4.9.227) [5f8f40583aad4aa3c0fc8a9adaa9f1c988fa8e9e, 15cf7ca9f59ff911cd5582969377bbf8c2ecab8a, 2f93f8d6891c2bd3963e1c68ad3eabf4dd6a55af, 2808035ba55eb8aaaf5eb37421dbfff37c1f25a8, 4798f72395eb523d251f18226527329debe353e9] +3.16-upstream-stable: released (3.16.85) [bed86e750bb02981a5efe110b7e9ae3d989a2e73, 98a637c406eefe95f2428739c1397f250bb7fadd, 8c95356f8493c164c8878134d25f30cbd6d7ae5c, 0d314e817a11e62ab223b27166de0c6b3859e0e7, 948cfe9d8a2e3f0465340d5dea9d61f282df00e7] +sid: released (5.6.14-2) [bugfix/x86/srbds/0001-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu_id.patch, bugfix/x86/srbds/0002-x86-cpu-Add-table-argument-to-cpu_matches.patch, bugfix/x86/srbds/0003-x86-speculation-Add-Special-Register-Buffer-Data-Sam.patch, bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch, bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch] +4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/x86/srbds/0001-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu_id.patch, bugfix/x86/srbds/0002-x86-cpu-Add-table-argument-to-cpu_matches.patch, bugfix/x86/srbds/0003-x86-speculation-Add-Special-Register-Buffer-Data-Sam.patch, bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch, bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch] +4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/x86/srbds/0001-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu_id.patch, bugfix/x86/srbds/0002-x86-cpu-Add-table-argument-to-cpu_matches.patch, bugfix/x86/srbds/0003-x86-speculation-Add-Special-Register-Buffer-Data-Sam.patch, bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch, bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch] +3.16-jessie-security: released (3.16.84-1) [bugfix/x86/srbds/0001-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu_id.patch, bugfix/x86/srbds/0002-x86-cpu-Add-table-argument-to-cpu_matches.patch, bugfix/x86/srbds/0003-x86-speculation-Add-Special-Register-Buffer-Data-Sam.patch, bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch, bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch] diff --git a/retired/CVE-2020-10757 b/retired/CVE-2020-10757 new file mode 100644 index 00000000..f4e68bb1 --- /dev/null +++ b/retired/CVE-2020-10757 @@ -0,0 +1,16 @@ +Description: mm: Fix mremap not considering huge pmd devmap +References: + https://lore.kernel.org/lkml/A82D1BB5-D868-489A-BFED-9FCE71649A46@sjtu.edu.cn/ + https://www.openwall.com/lists/oss-security/2020/06/04/4 +Notes: + carnil> Introduced in 5c7fb56e5e3f ("mm, dax: dax-pmd vs thp-pmd vs + carnil> hugetlbfs-pmd") in 4.5-rc1 +Bugs: +upstream: released (5.8-rc1) [5bfea2d9b17f1034a68147a8b03b9789af5700f9] +4.19-upstream-stable: released (4.19.127) [78385480fd6572a83e7541e37658d9a7de6dc9b1] +4.9-upstream-stable: released (4.9.227) [c915cffda0a4329ee454646138fe2b11c5ba3cd6] +3.16-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (5.6.14-2) [bugfix/all/mm-Fix-mremap-not-considering-huge-pmd-devmap.patch] +4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/mm-Fix-mremap-not-considering-huge-pmd-devmap.patch] +4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/mm-Fix-mremap-not-considering-huge-pmd-devmap.patch] +3.16-jessie-security: N/A "Vulnerable code introduced later" -- cgit v1.2.3