From 688f5248fc745b1897b7d556a57760a334f7ad42 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 10 Apr 2024 21:52:07 +0200 Subject: Add new batch of CVEs from Linux kernel CNA --- active/CVE-2021-47181 | 16 ++++++++++++++++ active/CVE-2021-47182 | 16 ++++++++++++++++ active/CVE-2021-47183 | 16 ++++++++++++++++ active/CVE-2021-47184 | 17 +++++++++++++++++ active/CVE-2021-47185 | 16 ++++++++++++++++ active/CVE-2021-47186 | 16 ++++++++++++++++ active/CVE-2021-47187 | 16 ++++++++++++++++ active/CVE-2021-47188 | 17 +++++++++++++++++ active/CVE-2021-47189 | 17 +++++++++++++++++ active/CVE-2021-47190 | 17 +++++++++++++++++ active/CVE-2021-47191 | 16 ++++++++++++++++ active/CVE-2021-47192 | 17 +++++++++++++++++ active/CVE-2021-47193 | 16 ++++++++++++++++ active/CVE-2021-47194 | 17 +++++++++++++++++ active/CVE-2021-47195 | 17 +++++++++++++++++ active/CVE-2021-47196 | 17 +++++++++++++++++ active/CVE-2021-47197 | 18 ++++++++++++++++++ active/CVE-2021-47198 | 16 ++++++++++++++++ active/CVE-2021-47199 | 17 +++++++++++++++++ active/CVE-2021-47200 | 17 +++++++++++++++++ active/CVE-2021-47201 | 17 +++++++++++++++++ active/CVE-2021-47202 | 16 ++++++++++++++++ active/CVE-2021-47203 | 16 ++++++++++++++++ active/CVE-2021-47204 | 17 +++++++++++++++++ active/CVE-2021-47205 | 16 ++++++++++++++++ active/CVE-2021-47206 | 16 ++++++++++++++++ active/CVE-2021-47207 | 16 ++++++++++++++++ active/CVE-2021-47209 | 17 +++++++++++++++++ active/CVE-2021-47210 | 16 ++++++++++++++++ active/CVE-2021-47211 | 16 ++++++++++++++++ active/CVE-2021-47212 | 17 +++++++++++++++++ active/CVE-2021-47213 | 17 +++++++++++++++++ active/CVE-2021-47214 | 17 +++++++++++++++++ active/CVE-2021-47215 | 17 +++++++++++++++++ active/CVE-2021-47216 | 16 ++++++++++++++++ active/CVE-2021-47217 | 17 +++++++++++++++++ active/CVE-2021-47218 | 17 +++++++++++++++++ active/CVE-2021-47219 | 16 ++++++++++++++++ 38 files changed, 629 insertions(+) create mode 100644 active/CVE-2021-47181 create mode 100644 active/CVE-2021-47182 create mode 100644 active/CVE-2021-47183 create mode 100644 active/CVE-2021-47184 create mode 100644 active/CVE-2021-47185 create mode 100644 active/CVE-2021-47186 create mode 100644 active/CVE-2021-47187 create mode 100644 active/CVE-2021-47188 create mode 100644 active/CVE-2021-47189 create mode 100644 active/CVE-2021-47190 create mode 100644 active/CVE-2021-47191 create mode 100644 active/CVE-2021-47192 create mode 100644 active/CVE-2021-47193 create mode 100644 active/CVE-2021-47194 create mode 100644 active/CVE-2021-47195 create mode 100644 active/CVE-2021-47196 create mode 100644 active/CVE-2021-47197 create mode 100644 active/CVE-2021-47198 create mode 100644 active/CVE-2021-47199 create mode 100644 active/CVE-2021-47200 create mode 100644 active/CVE-2021-47201 create mode 100644 active/CVE-2021-47202 create mode 100644 active/CVE-2021-47203 create mode 100644 active/CVE-2021-47204 create mode 100644 active/CVE-2021-47205 create mode 100644 active/CVE-2021-47206 create mode 100644 active/CVE-2021-47207 create mode 100644 active/CVE-2021-47209 create mode 100644 active/CVE-2021-47210 create mode 100644 active/CVE-2021-47211 create mode 100644 active/CVE-2021-47212 create mode 100644 active/CVE-2021-47213 create mode 100644 active/CVE-2021-47214 create mode 100644 active/CVE-2021-47215 create mode 100644 active/CVE-2021-47216 create mode 100644 active/CVE-2021-47217 create mode 100644 active/CVE-2021-47218 create mode 100644 active/CVE-2021-47219 diff --git a/active/CVE-2021-47181 b/active/CVE-2021-47181 new file mode 100644 index 00000000..2df2af3c --- /dev/null +++ b/active/CVE-2021-47181 @@ -0,0 +1,16 @@ +Description: usb: musb: tusb6010: check return value after calling platform_get_resource() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [14651496a3de6807a17c310f63c894ea0c5d858e] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [679eee466d0f9ffa60a2b0c6ec19be5128927f04] +4.19-upstream-stable: released (4.19.218) [f87a79c04a33ab4e5be598c7b0867e6ef193d702] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47182 b/active/CVE-2021-47182 new file mode 100644 index 00000000..26f2183a --- /dev/null +++ b/active/CVE-2021-47182 @@ -0,0 +1,16 @@ +Description: scsi: core: Fix scsi_mode_sense() buffer length handling +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [17b49bcbf8351d3dbe57204468ac34f033ed60bc] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2021-47183 b/active/CVE-2021-47183 new file mode 100644 index 00000000..0e43f52e --- /dev/null +++ b/active/CVE-2021-47183 @@ -0,0 +1,16 @@ +Description: scsi: lpfc: Fix link down processing to address NULL pointer dereference +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [1854f53ccd88ad4e7568ddfafafffe71f1ceb0a6] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2021-47184 b/active/CVE-2021-47184 new file mode 100644 index 00000000..20645aad --- /dev/null +++ b/active/CVE-2021-47184 @@ -0,0 +1,17 @@ +Description: i40e: Fix NULL ptr dereference on VSI filter sync +References: +Notes: + carnil> Introduced in 41c445ff0f48 ("i40e: main driver core"). Vulnerable versions: + carnil> 3.12-rc1. +Bugs: +upstream: released (5.16-rc2) [37d9e304acd903a445df8208b8a13d707902dea6] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [f866513ead4370402428ef724b03c3312295c178] +4.19-upstream-stable: released (4.19.218) [87c421ab4a43433cb009fea44bbbc77f46913e1d] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47185 b/active/CVE-2021-47185 new file mode 100644 index 00000000..4fc16d9f --- /dev/null +++ b/active/CVE-2021-47185 @@ -0,0 +1,16 @@ +Description: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [3968ddcf05fb4b9409cd1859feb06a5b0550a1c1] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41] +4.19-upstream-stable: released (4.19.218) [4f300f47dbcf9c3d4b2ea76c8554c8f360400725] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47186 b/active/CVE-2021-47186 new file mode 100644 index 00000000..8240d515 --- /dev/null +++ b/active/CVE-2021-47186 @@ -0,0 +1,16 @@ +Description: tipc: check for null after calling kmemdup +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc2) [3e6db079751afd527bf3db32314ae938dc571916] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [a7d91625863d4ffed63b993b5e6dc1298b6430c9] +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: needed diff --git a/active/CVE-2021-47187 b/active/CVE-2021-47187 new file mode 100644 index 00000000..12bff168 --- /dev/null +++ b/active/CVE-2021-47187 @@ -0,0 +1,16 @@ +Description: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [3f1dcaff642e75c1d2ad03f783fa8a3b1f56dd50] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [e52fecdd0c142b95c720683885b06ee3f0e065c8] +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: needed diff --git a/active/CVE-2021-47188 b/active/CVE-2021-47188 new file mode 100644 index 00000000..e31ad9c1 --- /dev/null +++ b/active/CVE-2021-47188 @@ -0,0 +1,17 @@ +Description: scsi: ufs: core: Improve SCSI abort handling +References: +Notes: + carnil> Introduced in 7a3e97b0dc4b ("[SCSI] ufshcd: UFS Host controller driver"). + carnil> Vulnerable versions: 3.4-rc1. +Bugs: +upstream: released (5.16-rc2) [3ff1f6b6ba6f97f50862aa50e79959cc8ddc2566] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2021-47189 b/active/CVE-2021-47189 new file mode 100644 index 00000000..3318156e --- /dev/null +++ b/active/CVE-2021-47189 @@ -0,0 +1,17 @@ +Description: btrfs: fix memory ordering between normal and ordered work functions +References: +Notes: + carnil> Introduced in 08a9ff326418 ("btrfs: Added btrfs_workqueue_struct implemented + carnil> ordered execution based on kernel workqueue"). Vulnerable versions: 3.15-rc1. +Bugs: +upstream: released (5.16-rc2) [45da9c1767ac31857df572f0a909fbe88fd5a7e9] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [6adbc07ebcaf8bead08b21687d49e0fc94400987] +4.19-upstream-stable: released (4.19.218) [ed058d735a70f4b063323f1a7bb33cda0f987513] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47190 b/active/CVE-2021-47190 new file mode 100644 index 00000000..94d0f85e --- /dev/null +++ b/active/CVE-2021-47190 @@ -0,0 +1,17 @@ +Description: perf bpf: Avoid memory leak from perf_env__insert_btf() +References: +Notes: + carnil> Introduced in 3792cb2ff43b1b19 ("perf bpf: Save BTF in a rbtree in perf_env"). + carnil> Vulnerable versions: 5.1-rc2. +Bugs: +upstream: released (5.16-rc1) [4924b1f7c46711762fd0e65c135ccfbcfd6ded1f] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [11589d3144bc4e272e0aae46ce8156162e99babc] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47191 b/active/CVE-2021-47191 new file mode 100644 index 00000000..e152e514 --- /dev/null +++ b/active/CVE-2021-47191 @@ -0,0 +1,16 @@ +Description: scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [4e3ace0051e7e504b55d239daab8789dd89b863c] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [3e20cb072679bdb47747ccc8bee3233a4cf0765a] +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: needed diff --git a/active/CVE-2021-47192 b/active/CVE-2021-47192 new file mode 100644 index 00000000..2687b952 --- /dev/null +++ b/active/CVE-2021-47192 @@ -0,0 +1,17 @@ +Description: scsi: core: sysfs: Fix hang when device state is set via sysfs +References: +Notes: + carnil> Introduced in f0f82e2476f6 ("scsi: core: Fix capacity set to zero after + carnil> offlinining device"). Vulnerable versions: 5.4.143 5.10.61 5.13.13 5.14-rc5. +Bugs: +upstream: released (5.16-rc2) [4edd8cd4e86dd3047e5294bbefcc0a08f66a430f] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [a792e0128d232251edb5fdf42fb0f9fbb0b44a73] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47193 b/active/CVE-2021-47193 new file mode 100644 index 00000000..f0473774 --- /dev/null +++ b/active/CVE-2021-47193 @@ -0,0 +1,16 @@ +Description: scsi: pm80xx: Fix memory leak during rmmod +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [51e6ed83bb4ade7c360551fa4ae55c4eacea354b] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2021-47194 b/active/CVE-2021-47194 new file mode 100644 index 00000000..671ea959 --- /dev/null +++ b/active/CVE-2021-47194 @@ -0,0 +1,17 @@ +Description: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type +References: +Notes: + carnil> Introduced in ac800140c20e ("cfg80211: .stop_ap when interface is going down"). + carnil> Vulnerable versions: 3.6-rc1. +Bugs: +upstream: released (5.16-rc2) [563fbefed46ae4c1f70cffb8eb54c02df480b2c2] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [7b97b5776daa0b39dbdadfea176f9cc0646d4a66] +4.19-upstream-stable: released (4.19.218) [b8a045e2a9b234cfbc06cf36923886164358ddec] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47195 b/active/CVE-2021-47195 new file mode 100644 index 00000000..7c14bc83 --- /dev/null +++ b/active/CVE-2021-47195 @@ -0,0 +1,17 @@ +Description: spi: fix use-after-free of the add_lock mutex +References: +Notes: + carnil> Introduced in 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on + carnil> SPI buses"). Vulnerable versions: 5.14.15 5.15-rc6. +Bugs: +upstream: released (5.16-rc2) [6c53b45c71b4920b5e62f0ea8079a1da382b9434] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47196 b/active/CVE-2021-47196 new file mode 100644 index 00000000..a99a1a99 --- /dev/null +++ b/active/CVE-2021-47196 @@ -0,0 +1,17 @@ +Description: RDMA/core: Set send and receive CQ before forwarding to the driver +References: +Notes: + carnil> Introduced in 514aee660df4 ("RDMA: Globally allocate and release QP memory"). + carnil> Vulnerable versions: 5.15-rc1. +Bugs: +upstream: released (5.16-rc2) [6cd7397d01c4a3e09757840299e4f114f0aa5fa0] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47197 b/active/CVE-2021-47197 new file mode 100644 index 00000000..08d5f4aa --- /dev/null +++ b/active/CVE-2021-47197 @@ -0,0 +1,18 @@ +Description: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() +References: +Notes: + carnil> Introduced in 94b960b9deff ("net/mlx5e: Fix memory leak in + carnil> mlx5_core_destroy_cq() error path"). Vulnerable versions: 5.10.75 5.14.14 + carnil> 5.15-rc6. +Bugs: +upstream: released (5.16-rc2) [76ded29d3fcda4928da8849ffc446ea46871c1c2] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [471c492890557bd58f73314bb4ad85d5a8fd5026] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47198 b/active/CVE-2021-47198 new file mode 100644 index 00000000..683f3459 --- /dev/null +++ b/active/CVE-2021-47198 @@ -0,0 +1,16 @@ +Description: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [79b20beccea3a3938a8500acef4e6b9d7c66142f] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2021-47199 b/active/CVE-2021-47199 new file mode 100644 index 00000000..81a4521a --- /dev/null +++ b/active/CVE-2021-47199 @@ -0,0 +1,17 @@ +Description: net/mlx5e: CT, Fix multiple allocations and memleak of mod acts +References: +Notes: + carnil> Introduced in 1ef3018f5af3 ("net/mlx5e: CT: Support clear action"). Vulnerable + carnil> versions: 5.7-rc1. +Bugs: +upstream: released (5.16-rc2) [806401c20a0f9c51b6c8fd7035671e6ca841f6c2] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47200 b/active/CVE-2021-47200 new file mode 100644 index 00000000..81939c7d --- /dev/null +++ b/active/CVE-2021-47200 @@ -0,0 +1,17 @@ +Description: drm/prime: Fix use after free in mmap with drm_gem_ttm_mmap +References: +Notes: + carnil> Introduced in 9786b65bc61a ("drm/ttm: fix mmap refcounting"). Vulnerable + carnil> versions: 5.5-rc1. +Bugs: +upstream: released (5.16-rc1) [8244a3bc27b3efd057da154b8d7e414670d5044f] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47201 b/active/CVE-2021-47201 new file mode 100644 index 00000000..bacb9b53 --- /dev/null +++ b/active/CVE-2021-47201 @@ -0,0 +1,17 @@ +Description: iavf: free q_vectors before queues in iavf_disable_vf +References: +Notes: + carnil> Introduced in 65c7006f234c ("i40evf: assign num_active_queues inside + carnil> i40evf_alloc_queues"). Vulnerable versions: 4.13-rc1. +Bugs: +upstream: released (5.16-rc2) [89f22f129696ab53cfbc608e0a2184d0fea46ac1] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [78638b47132244e3934dc5dc79f6372d5ce8e98c] +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: needed diff --git a/active/CVE-2021-47202 b/active/CVE-2021-47202 new file mode 100644 index 00000000..e0753887 --- /dev/null +++ b/active/CVE-2021-47202 @@ -0,0 +1,16 @@ +Description: thermal: Fix NULL pointer dereferences in of_thermal_ functions +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [96cfe05051fd8543cdedd6807ec59a0e6c409195] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.81) [6a315471cb6a07f651e1d3adc8962730f4fcccac] +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: needed diff --git a/active/CVE-2021-47203 b/active/CVE-2021-47203 new file mode 100644 index 00000000..6c4e03d6 --- /dev/null +++ b/active/CVE-2021-47203 @@ -0,0 +1,16 @@ +Description: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [99154581b05c8fb22607afb7c3d66c1bace6aa5d] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [c097bd5a59162156d9c2077a2f58732ffbaa9fca] +4.19-upstream-stable: released (4.19.218) [b291d147d0268e93ad866f8bc820ea14497abc9b] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47204 b/active/CVE-2021-47204 new file mode 100644 index 00000000..25e2c4c2 --- /dev/null +++ b/active/CVE-2021-47204 @@ -0,0 +1,17 @@ +Description: net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove +References: +Notes: + carnil> Introduced in 7472dd9f6499 ("staging: fsl-dpaa2/eth: Move print message"). + carnil> Vulnerable versions: 4.17-rc1. +Bugs: +upstream: released (5.16-rc2) [9b5a333272a48c2f8b30add7a874e46e8b26129c] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [1c4099dc0d6a01e76e4f7dd98e4b3e0d55d80ad9] +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: needed diff --git a/active/CVE-2021-47205 b/active/CVE-2021-47205 new file mode 100644 index 00000000..1bf26a93 --- /dev/null +++ b/active/CVE-2021-47205 @@ -0,0 +1,16 @@ +Description: clk: sunxi-ng: Unregister clocks/resets when unbinding +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [9bec2b9c6134052994115d2d3374e96f2ccb9b9d] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2021-47206 b/active/CVE-2021-47206 new file mode 100644 index 00000000..4e6412c2 --- /dev/null +++ b/active/CVE-2021-47206 @@ -0,0 +1,16 @@ +Description: usb: host: ohci-tmio: check return value after calling platform_get_resource() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [9eff2b2e59fda25051ab36cd1cb5014661df657b] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [2474eb7fc3bfbce10f7b8ea431fcffe5dd5f5100] +4.19-upstream-stable: released (4.19.218) [951b8239fd24678b56c995c5c0456ab12e059d19] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47207 b/active/CVE-2021-47207 new file mode 100644 index 00000000..d14bf7fc --- /dev/null +++ b/active/CVE-2021-47207 @@ -0,0 +1,16 @@ +Description: ALSA: gus: fix null pointer dereference on pointer block +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [a0d21bb3279476c777434c40d969ea88ca64f9aa] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [1ac6cd87d8ddd36c43620f82c4d65b058f725f0f] +4.19-upstream-stable: released (4.19.218) [ab4c1ebc40f699f48346f634d7b72b9c5193f315] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47209 b/active/CVE-2021-47209 new file mode 100644 index 00000000..c78e1f34 --- /dev/null +++ b/active/CVE-2021-47209 @@ -0,0 +1,17 @@ +Description: sched/fair: Prevent dead task groups from regaining cfs_rq's +References: +Notes: + carnil> Introduced in a7b359fc6a37 ("sched/fair: Correctly insert cfs_rq's to list on + carnil> unthrottle"). Vulnerable versions: 5.13-rc7. +Bugs: +upstream: released (5.16-rc1) [b027789e5e50494c2325cc70c8642e7fd6059479] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47210 b/active/CVE-2021-47210 new file mode 100644 index 00000000..0ec158c1 --- /dev/null +++ b/active/CVE-2021-47210 @@ -0,0 +1,16 @@ +Description: usb: typec: tipd: Remove WARN_ON in tps6598x_block_read +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [b7a0a63f3fed57d413bb857de164ea9c3984bc4e] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [eff8b7628410cb2eb562ca0d5d1f12e27063733e] +4.19-upstream-stable: released (4.19.218) [2a897d384513ba7f7ef05611338b9a6ec6aeac00] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47211 b/active/CVE-2021-47211 new file mode 100644 index 00000000..e2d1e5d1 --- /dev/null +++ b/active/CVE-2021-47211 @@ -0,0 +1,16 @@ +Description: ALSA: usb-audio: fix null pointer dereference on pointer cs_desc +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [b97053df0f04747c3c1e021ecbe99db675342954] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2021-47212 b/active/CVE-2021-47212 new file mode 100644 index 00000000..8e2c6518 --- /dev/null +++ b/active/CVE-2021-47212 @@ -0,0 +1,17 @@ +Description: net/mlx5: Update error handler for UCTX and UMEM +References: +Notes: + carnil> Introduced in 6a6fabbfa3e8 ("net/mlx5: Update pci error handler entries and + carnil> command translation"). Vulnerable versions: 5.2-rc6. +Bugs: +upstream: released (5.16-rc2) [ba50cd9451f6c49cf0841c0a4a146ff6a2822699] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47213 b/active/CVE-2021-47213 new file mode 100644 index 00000000..5a8a8ff9 --- /dev/null +++ b/active/CVE-2021-47213 @@ -0,0 +1,17 @@ +Description: NFSD: Fix exposure in nfsd4_decode_bitmap() +References: +Notes: + carnil> Introduced in d1c263a031e8 ("NFSD: Replace READ* macros in + carnil> nfsd4_decode_fattr()"). Vulnerable versions: 5.11-rc1. +Bugs: +upstream: released (5.16-rc2) [c0019b7db1d7ac62c711cda6b357a659d46428fe] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47214 b/active/CVE-2021-47214 new file mode 100644 index 00000000..9ab08fd4 --- /dev/null +++ b/active/CVE-2021-47214 @@ -0,0 +1,17 @@ +Description: hugetlb, userfaultfd: fix reservation restore on userfaultfd error +References: +Notes: + carnil> Introduced in c7b1850dfb41 ("hugetlb: don't pass page cache pages to + carnil> restore_reserve_on_error"). Vulnerable versions: 5.13.13 5.14-rc7. +Bugs: +upstream: released (5.16-rc2) [cc30042df6fcc82ea18acf0dace831503e60a0b7] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47215 b/active/CVE-2021-47215 new file mode 100644 index 00000000..41588e26 --- /dev/null +++ b/active/CVE-2021-47215 @@ -0,0 +1,17 @@ +Description: net/mlx5e: kTLS, Fix crash in RX resync flow +References: +Notes: + carnil> Introduced in e9ce991bce5b ("net/mlx5e: kTLS, Add resiliency to RX resync + carnil> failures"). Vulnerable versions: 5.13-rc1. +Bugs: +upstream: released (5.16-rc2) [cc4a9cc03faa6d8db1a6954bb536f2c1e63bdff6] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47216 b/active/CVE-2021-47216 new file mode 100644 index 00000000..28b20595 --- /dev/null +++ b/active/CVE-2021-47216 @@ -0,0 +1,16 @@ +Description: scsi: advansys: Fix kernel pointer leak +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [d4996c6eac4c81b8872043e9391563f67f13e406] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [055eced3edf5b675d12189081303f6285ef26511] +4.19-upstream-stable: released (4.19.218) [f5a0ba4a9b5e70e7b2f767636d26523f9d1ac59d] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47217 b/active/CVE-2021-47217 new file mode 100644 index 00000000..c6daf117 --- /dev/null +++ b/active/CVE-2021-47217 @@ -0,0 +1,17 @@ +Description: x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails +References: +Notes: + carnil> Introduced in 93286261de1b ("x86/hyperv: Reenlightenment notifications + carnil> support"). Vulnerable versions: 4.16-rc1. +Bugs: +upstream: released (5.16-rc2) [daf972118c517b91f74ff1731417feb4270625a4] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [9c177eee116cf888276d3748cb176e72562cfd5c] +4.19-upstream-stable: released (4.19.218) [b20ec58f8a6f4fef32cc71480ddf824584e24743] +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: released (4.19.232-1) diff --git a/active/CVE-2021-47218 b/active/CVE-2021-47218 new file mode 100644 index 00000000..985bb306 --- /dev/null +++ b/active/CVE-2021-47218 @@ -0,0 +1,17 @@ +Description: selinux: fix NULL-pointer dereference when hashtab allocation fails +References: +Notes: + carnil> Introduced in 03414a49ad5f ("selinux: do not allocate hashtabs dynamically"). + carnil> Vulnerable versions: 5.8-rc1. +Bugs: +upstream: released (5.16-rc3) [dc27f3c5d10c58069672215787a96b4fae01818b] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [b17dd53cac769dd13031b0ca34f90cc65e523fab] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47219 b/active/CVE-2021-47219 new file mode 100644 index 00000000..74dd2877 --- /dev/null +++ b/active/CVE-2021-47219 @@ -0,0 +1,16 @@ +Description: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (5.16-rc1) [f347c26836c270199de1599c3cd466bb7747caa9] +6.8-upstream-stable: N/A "Fixed before branching point" +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.82) [8440377e1a5644779b4c8d013aa2a917f5fc83c3] +4.19-upstream-stable: needed +sid: released (5.15.5-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: needed -- cgit v1.2.3