From 78cc05244bc386c86c90d1d228b6aae7f8fd7063 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 6 Dec 2021 08:16:04 +0100
Subject: Retire several CVEs

---
 active/CVE-2021-3736 | 19 -------------------
 1 file changed, 19 deletions(-)
 delete mode 100644 active/CVE-2021-3736

(limited to 'active/CVE-2021-3736')

diff --git a/active/CVE-2021-3736 b/active/CVE-2021-3736
deleted file mode 100644
index de49c62b..00000000
--- a/active/CVE-2021-3736
+++ /dev/null
@@ -1,19 +0,0 @@
-Description: uninitialized kernel stack may lead to information disclosure
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1995570
-Notes:
- carnil> As of 2021-11-04 no further information yet provided in
- carnil> RHBZ#1995570. The description reads as "A memory leak problem
- carnil> was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in
- carnil> Virtual Function I/O (VFIO) Mediated devices. This flaw could
- carnil> allow a local attacker to leak internal kernel information."
- carnil> and so relates to changes in samples/vfio-mdev/mbochs.c .
-Bugs:
-upstream: released (5.15-rc1) [de5494af4815a4c9328536c72741229b7de88e7f]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-4.9-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.14.6-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
-4.9-stretch-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3