From daf764c39c3b9a4d4950c9027c92edb341669b9e Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Sat, 2 Oct 2021 00:59:32 +0200 Subject: Retire 2 inactive issues --- active/CVE-2021-38203 | 17 ----------------- active/CVE-2021-38206 | 14 -------------- retired/CVE-2021-38203 | 17 +++++++++++++++++ retired/CVE-2021-38206 | 14 ++++++++++++++ 4 files changed, 31 insertions(+), 31 deletions(-) delete mode 100644 active/CVE-2021-38203 delete mode 100644 active/CVE-2021-38206 create mode 100644 retired/CVE-2021-38203 create mode 100644 retired/CVE-2021-38206 diff --git a/active/CVE-2021-38203 b/active/CVE-2021-38203 deleted file mode 100644 index bb0fcdae..00000000 --- a/active/CVE-2021-38203 +++ /dev/null @@ -1,17 +0,0 @@ -Description: btrfs: fix deadlock with concurrent chunk allocations involving system chunks -References: -Notes: - carnil> Commit fixes eafa4fd0ad0607 ("btrfs: fix exhaustion of the - carnil> system chunk array due to concurrent allocations") but the - carnil> underlying issue might be present earlier. - bwh> The fix is precisely a revert of commit eafa4fd0ad0607, so I - bwh> don't believe there is an older issue. -Bugs: -upstream: released (5.14-rc2) [1cb3db1cf383a3c7dbda1aa0ce748b0958759947] -5.10-upstream-stable: N/A "Vulnerability introduced later" -4.19-upstream-stable: N/A "Vulnerability introduced later" -4.9-upstream-stable: N/A "Vulnerability introduced later" -sid: released (5.14.6-1) -5.10-bullseye-security: N/A "Vulnerability introduced later" -4.19-buster-security: N/A "Vulnerability introduced later" -4.9-stretch-security: N/A "Vulnerability introduced later" diff --git a/active/CVE-2021-38206 b/active/CVE-2021-38206 deleted file mode 100644 index f0736742..00000000 --- a/active/CVE-2021-38206 +++ /dev/null @@ -1,14 +0,0 @@ -Description: mac80211: Fix NULL ptr deref for injected rate info -References: -Notes: - bwh> Introduced in 5.9 by commit cb17ed29a7a5 "mac80211: parse radiotap - bwh> header when selecting Tx queue" -Bugs: -upstream: released (5.13-rc7) [bddc0c411a45d3718ac535a070f349be8eca8d48] -5.10-upstream-stable: released (5.10.46) [f74df6e086083dc435f7500bdbc86b05277d17af] -4.19-upstream-stable: N/A "Vulnerability introduced later" -4.9-upstream-stable: N/A "Vulnerability introduced later" -sid: released (5.10.46-1) -5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: N/A "Vulnerability introduced later" -4.9-stretch-security: N/A "Vulnerability introduced later" diff --git a/retired/CVE-2021-38203 b/retired/CVE-2021-38203 new file mode 100644 index 00000000..bb0fcdae --- /dev/null +++ b/retired/CVE-2021-38203 @@ -0,0 +1,17 @@ +Description: btrfs: fix deadlock with concurrent chunk allocations involving system chunks +References: +Notes: + carnil> Commit fixes eafa4fd0ad0607 ("btrfs: fix exhaustion of the + carnil> system chunk array due to concurrent allocations") but the + carnil> underlying issue might be present earlier. + bwh> The fix is precisely a revert of commit eafa4fd0ad0607, so I + bwh> don't believe there is an older issue. +Bugs: +upstream: released (5.14-rc2) [1cb3db1cf383a3c7dbda1aa0ce748b0958759947] +5.10-upstream-stable: N/A "Vulnerability introduced later" +4.19-upstream-stable: N/A "Vulnerability introduced later" +4.9-upstream-stable: N/A "Vulnerability introduced later" +sid: released (5.14.6-1) +5.10-bullseye-security: N/A "Vulnerability introduced later" +4.19-buster-security: N/A "Vulnerability introduced later" +4.9-stretch-security: N/A "Vulnerability introduced later" diff --git a/retired/CVE-2021-38206 b/retired/CVE-2021-38206 new file mode 100644 index 00000000..f0736742 --- /dev/null +++ b/retired/CVE-2021-38206 @@ -0,0 +1,14 @@ +Description: mac80211: Fix NULL ptr deref for injected rate info +References: +Notes: + bwh> Introduced in 5.9 by commit cb17ed29a7a5 "mac80211: parse radiotap + bwh> header when selecting Tx queue" +Bugs: +upstream: released (5.13-rc7) [bddc0c411a45d3718ac535a070f349be8eca8d48] +5.10-upstream-stable: released (5.10.46) [f74df6e086083dc435f7500bdbc86b05277d17af] +4.19-upstream-stable: N/A "Vulnerability introduced later" +4.9-upstream-stable: N/A "Vulnerability introduced later" +sid: released (5.10.46-1) +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerability introduced later" +4.9-stretch-security: N/A "Vulnerability introduced later" -- cgit v1.2.3