From 27b3d6a80bd2f514d34d033cf2bd02f4e3145ad7 Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk>
Date: Thu, 28 Mar 2019 01:50:09 +0000
Subject: Retire inactive issues

---
 retired/CVE-2016-10741 | 12 ++++++++++++
 retired/CVE-2017-13168 | 12 ++++++++++++
 retired/CVE-2017-13305 | 14 ++++++++++++++
 retired/CVE-2017-9725  | 13 +++++++++++++
 retired/CVE-2018-1120  | 19 +++++++++++++++++++
 retired/CVE-2018-1128  | 17 +++++++++++++++++
 retired/CVE-2018-1129  | 12 ++++++++++++
 retired/CVE-2018-12896 | 14 ++++++++++++++
 retired/CVE-2018-13053 | 13 +++++++++++++
 retired/CVE-2018-14616 | 12 ++++++++++++
 retired/CVE-2018-16862 | 14 ++++++++++++++
 retired/CVE-2018-16880 | 12 ++++++++++++
 retired/CVE-2018-17972 | 12 ++++++++++++
 retired/CVE-2018-18021 | 12 ++++++++++++
 retired/CVE-2018-18281 | 13 +++++++++++++
 retired/CVE-2018-18690 | 13 +++++++++++++
 retired/CVE-2018-18710 | 11 +++++++++++
 retired/CVE-2018-19407 | 16 ++++++++++++++++
 retired/CVE-2018-20511 | 13 +++++++++++++
 retired/CVE-2018-5848  | 15 +++++++++++++++
 retired/CVE-2018-5953  | 16 ++++++++++++++++
 retired/CVE-2019-8912  | 22 ++++++++++++++++++++++
 retired/CVE-2019-8956  | 14 ++++++++++++++
 retired/CVE-2019-9162  | 13 +++++++++++++
 24 files changed, 334 insertions(+)
 create mode 100644 retired/CVE-2016-10741
 create mode 100644 retired/CVE-2017-13168
 create mode 100644 retired/CVE-2017-13305
 create mode 100644 retired/CVE-2017-9725
 create mode 100644 retired/CVE-2018-1120
 create mode 100644 retired/CVE-2018-1128
 create mode 100644 retired/CVE-2018-1129
 create mode 100644 retired/CVE-2018-12896
 create mode 100644 retired/CVE-2018-13053
 create mode 100644 retired/CVE-2018-14616
 create mode 100644 retired/CVE-2018-16862
 create mode 100644 retired/CVE-2018-16880
 create mode 100644 retired/CVE-2018-17972
 create mode 100644 retired/CVE-2018-18021
 create mode 100644 retired/CVE-2018-18281
 create mode 100644 retired/CVE-2018-18690
 create mode 100644 retired/CVE-2018-18710
 create mode 100644 retired/CVE-2018-19407
 create mode 100644 retired/CVE-2018-20511
 create mode 100644 retired/CVE-2018-5848
 create mode 100644 retired/CVE-2018-5953
 create mode 100644 retired/CVE-2019-8912
 create mode 100644 retired/CVE-2019-8956
 create mode 100644 retired/CVE-2019-9162

(limited to 'retired')

diff --git a/retired/CVE-2016-10741 b/retired/CVE-2016-10741
new file mode 100644
index 000000000..4c4915c26
--- /dev/null
+++ b/retired/CVE-2016-10741
@@ -0,0 +1,12 @@
+Description: xfs: BUG_ON in __xfs_get_blocks() with xfstests generic/446
+References:
+ https://bugzilla.novell.com/show_bug.cgi?id=1124010
+Notes:
+Bugs:
+upstream: released (4.10-rc1) [04197b341f23b908193308b8d63d17ff23232598]
+4.19-upstream-stable: N/A "Fixed before branching point"
+4.9-upstream-stable: released (4.9.3) [3978c5bb004312fd267aed7279fe64b119e126b0]
+3.16-upstream-stable: released (3.16.64) [96cbb7e99d66cef46c62dc691664d38d5ae2cd8d]
+sid: released (4.9.6-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2017-13168 b/retired/CVE-2017-13168
new file mode 100644
index 000000000..aff18e764
--- /dev/null
+++ b/retired/CVE-2017-13168
@@ -0,0 +1,12 @@
+Description: scsi kernel driver can improperly access userspace memory permitting kernel memory corruption
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1658985
+Notes:
+Bugs:
+upstream: released (4.18-rc4) [26b5b874aff5659a7e26e5b1997e3df2c41fa7fd]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.112) [b6db8af7e34edfa1bf1d7b0797da15c3811a2a98]
+3.16-upstream-stable: released (3.16.61) [3f084a4d285d695b2008533f1b28a5538748e174]
+sid: released (4.17.6-1)
+4.9-stretch-security: released (4.9.130-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2017-13305 b/retired/CVE-2017-13305
new file mode 100644
index 000000000..9a63efce7
--- /dev/null
+++ b/retired/CVE-2017-13305
@@ -0,0 +1,14 @@
+Description: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker
+References:
+ https://source.android.com/security/bulletin/pixel/2018-04-01
+ https://bugzilla.redhat.com/show_bug.cgi?id=1581637
+Notes:
+ carnil> Possibly only affecting 3.18+ but needs check.
+Bugs:
+upstream: released (4.12-rc5) [794b4bc292f5d31739d89c0202c54e7dc9bc3add]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.81) [9692602ab850eec484d8cc5a740803d34f00016c]
+3.16-upstream-stable: released (3.16.62) [bfe535bf4ab73e41922c7a58d6a858a2c435ff29]
+sid: released (4.12.6-1)
+4.9-stretch-security: released (4.9.82-1+deb9u1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2017-9725 b/retired/CVE-2017-9725
new file mode 100644
index 000000000..a24645fca
--- /dev/null
+++ b/retired/CVE-2017-9725
@@ -0,0 +1,13 @@
+Description: mm: cma: fix incorrect type conversion for size during dma allocation
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1489088
+ https://source.android.com/security/bulletin/2017-09-01
+Notes:
+Bugs:
+upstream: released (4.3-rc7) [67a2e213e7e937c41c52ab5bc46bf3f4de469f6e]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: N/A "Fixed before branching point"
+3.16-upstream-stable: released (3.16.64) [cc12c0099168b416f6c3eff1cd560a771f4b7c3f]
+sid: released (4.3.1-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: ignored "CMA is not enabled in any configuration"
diff --git a/retired/CVE-2018-1120 b/retired/CVE-2018-1120
new file mode 100644
index 000000000..dfcce6d7d
--- /dev/null
+++ b/retired/CVE-2018-1120
@@ -0,0 +1,19 @@
+Description: FUSE-backed /proc/PID/cmdline
+References:
+ http://www.openwall.com/lists/oss-security/2018/05/17/1
+Notes:
+ carnil> Backport to 3.16.x (and older) seem at the moment more 
+ carnil> substantial. E.g. in 272ddc8b37354c3fe111ab26d25e792629148eee
+ carnil> v4.9-rc3 and earlier commits needs some extra care.
+ carnil> Earlier, 6347e8d5bcce33fc36e651901efefbe2c93a43ef (in 4.9-rc2)
+ carnil> access_remote_vm() write parameter is replaced with gup_flags.
+Bugs:
+upstream: released (4.17-rc6) [7f7ccc2ccc2e70c6054685f5e3522efa81556830]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.101) [6f1abf8628b750905606996fd5ff5ea22d149238]
+3.16-upstream-stable: ignored "Too risky to backport"
+3.2-upstream-stable: ignored "EOL"
+sid: released (4.16.12-1)
+4.9-stretch-security: released (4.9.107-1)
+3.16-jessie-security: ignored "Too risky to backport"
+3.2-wheezy-security: ignored "EOL"
diff --git a/retired/CVE-2018-1128 b/retired/CVE-2018-1128
new file mode 100644
index 000000000..e6ccf295e
--- /dev/null
+++ b/retired/CVE-2018-1128
@@ -0,0 +1,17 @@
+Description: libceph: add authorizer challenge
+References:
+ http://tracker.ceph.com/issues/24836
+Notes:
+ bwh> If I understand this rightly, this is a vulnerability in the Ceph
+ bwh> server, not the in-kernel client.  But the fix is an incompatible
+ bwh> protocol change, and that's why the client needs to be updated too.
+ bwh> I don't think this is practical for 3.16 as the protocol change
+ bwh> seems to depend on message signatures which were added in 3.19.
+Bugs:
+upstream: released (4.19-rc1) [6daca13d2e72bedaaacfc08f873114c9307d5aea]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.144) [06e925920d4de3da2114876bc607447e929604af]
+3.16-upstream-stable: ignored "Protocol change is too difficult"
+sid: released (4.19.9-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: ignored "Protocol change is too difficult"
diff --git a/retired/CVE-2018-1129 b/retired/CVE-2018-1129
new file mode 100644
index 000000000..2efdf9b53
--- /dev/null
+++ b/retired/CVE-2018-1129
@@ -0,0 +1,12 @@
+Description: libceph: implement CEPHX_V2 calculation mode
+References:
+ http://tracker.ceph.com/issues/24837
+Notes:
+Bugs:
+upstream: released (4.19-rc1) [cc255c76c70f7a87d97939621eae04b600d9f4a1]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.144) [18a23fb2632030888fc56a7df73a80f57445718f]
+3.16-upstream-stable: N/A "Message signatures not implemented"
+sid: released (4.19.9-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: N/A "Message signatures not implemented"
diff --git a/retired/CVE-2018-12896 b/retired/CVE-2018-12896
new file mode 100644
index 000000000..52a088a38
--- /dev/null
+++ b/retired/CVE-2018-12896
@@ -0,0 +1,14 @@
+Description: UBSAN: Undefined behaviour in kernel/time/posix-timers.c:705
+References:
+ https://bugzilla.kernel.org/show_bug.cgi?id=200189
+ https://github.com/lcytxw/bug_repro/tree/master/bug_200189
+ https://github.com/torvalds/linux/commit/78c9c4dfbf8c04883941445a195276bb4bb92c76
+Notes:
+Bugs:
+upstream: released (4.19-rc1) [78c9c4dfbf8c04883941445a195276bb4bb92c76]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.136) [65cb24de03f1c8e00a4fedf416b80a4e8f8a6ef2]
+3.16-upstream-stable: released (3.16.62) [f795b11fdc99a3d4d7d6b9d48c5e44e17c287a27]
+sid: released (4.18.20-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-13053 b/retired/CVE-2018-13053
new file mode 100644
index 000000000..7ec26ba67
--- /dev/null
+++ b/retired/CVE-2018-13053
@@ -0,0 +1,13 @@
+Description: UBSAN: Undefined behaviour in kernel/time/alarmtimer.c:811
+References:
+ https://bugzilla.kernel.org/show_bug.cgi?id=200303
+ https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef
+Notes:
+Bugs:
+upstream: released (4.19-rc1) [5f936e19cc0ef97dbe3a56e9498922ad5ba1edef]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.131) [747128e772dc2c413763050c52c55edcacf7f60c]
+3.16-upstream-stable: released (3.16.62) [b396dc52e302a0610abfd6467e20fb58352cdb69]
+sid: released (4.18.20-1)
+4.9-stretch-security: released (4.9.135-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-14616 b/retired/CVE-2018-14616
new file mode 100644
index 000000000..1d2c9051c
--- /dev/null
+++ b/retired/CVE-2018-14616
@@ -0,0 +1,12 @@
+Description: null ptr dereference in fscrypt_do_page_crypto() when operating a file on a corrupted f2fs image
+References:
+ https://bugzilla.kernel.org/show_bug.cgi?id=200465
+Notes:
+Bugs:
+upstream: released (4.19-rc1) [91291e9998d208370eb8156c760691b873bd7522]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.144) [b10a6ac262f8c1c0c70a90e992137a5590325f0b]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.19.9-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2018-16862 b/retired/CVE-2018-16862
new file mode 100644
index 000000000..eb66956ad
--- /dev/null
+++ b/retired/CVE-2018-16862
@@ -0,0 +1,14 @@
+Description: cleancache: deleted files infoleak
+References:
+ https://www.openwall.com/lists/oss-security/2018/11/23/5
+ https://lore.kernel.org/patchwork/patch/1011367/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1649017
+Notes:
+Bugs:
+upstream: released (4.20-rc5) [6ff38bd40230af35e446239396e5fc8ebd6a5248]
+4.19-upstream-stable: released (4.19.7) [16a2d602244ff5327cecd210fdd50ad5ad443c9c]
+4.9-upstream-stable: released (4.9.144) [60b3d44f05c148f6f7f5e5b2a8165d328c3f22a0]
+3.16-upstream-stable: released (3.16.62) [56a7ebd4a3adc001b18a8feeb5cdf0b9fb2684fa]
+sid: released (4.19.9-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-16880 b/retired/CVE-2018-16880
new file mode 100644
index 000000000..d2ef45c73
--- /dev/null
+++ b/retired/CVE-2018-16880
@@ -0,0 +1,12 @@
+Description: oob-write in drivers/vhost/net.c:get_rx_bufs()
+References:
+ https://www.openwall.com/lists/oss-security/2019/01/25/1
+Notes:
+Bugs:
+upstream: released (5.0-rc5) [b46a0bf78ad7b150ef5910da83859f7f5a514ffd]
+4.19-upstream-stable: released (4.19.20) [aafe74b726891386cd139d3432ec619ed5189b29]
+4.9-upstream-stable: N/A "Vulnerable code introduced in 4.16-rc1"
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.16-rc1"
+sid: released (4.19.20-1)
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
diff --git a/retired/CVE-2018-17972 b/retired/CVE-2018-17972
new file mode 100644
index 000000000..a3b4c2234
--- /dev/null
+++ b/retired/CVE-2018-17972
@@ -0,0 +1,12 @@
+Description: Information leak via /proc/$pid/stack
+References:
+ https://marc.info/?l=linux-fsdevel&m=153806242024956&w=2
+Notes:
+Bugs:
+upstream: released (4.19-rc7) [f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.132) [3c5dc3f313cf1cb1645a0e832f51c1ba79aee934]
+3.16-upstream-stable: released (3.16.62) [6e8e3ad9d57f70fc58e2ecbafbfd1b3f37973cfc]
+sid: released (4.18.20-1)
+4.9-stretch-security: released (4.9.135-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-18021 b/retired/CVE-2018-18021
new file mode 100644
index 000000000..91d258dc4
--- /dev/null
+++ b/retired/CVE-2018-18021
@@ -0,0 +1,12 @@
+Description: arm64 Linux kernel: Privilege escalation by taking control of the KVM hypervisor
+References:
+ https://www.openwall.com/lists/oss-security/2018/10/02/2
+Notes:
+Bugs:
+upstream: released (4.19-rc7) [d26c25a9d19b5976b319af528886f89cf455692d, 2a3f93459d689d990b3ecfbe782fec89b97d3279]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.131) [bc769c0148cd9820c8db785a2a1298a6489125ae, 53819c17ecbee86089396e6e7ae1f3e6de958db9]
+3.16-upstream-stable: ignored "Too difficult to backport"
+sid: released (4.18.10-2) [bugfix/arm64/arm64-kvm-tighten-guest-core-register-access-from-us.patch, bugfix/arm64/arm64-kvm-sanitize-pstate.m-when-being-set-from-user.patch]
+4.9-stretch-security: released (4.9.110-3+deb9u6) [bugfix/arm64/arm64-kvm-tighten-guest-core-register-access-from-userspace.patch, bugfix/arm64/arm64-kvm-sanitize-pstate.m-when-being-set-from-userspace.patch]
+3.16-jessie-security: ignored "arm64 not supported in jessie LTS"
diff --git a/retired/CVE-2018-18281 b/retired/CVE-2018-18281
new file mode 100644
index 000000000..3426b8c27
--- /dev/null
+++ b/retired/CVE-2018-18281
@@ -0,0 +1,13 @@
+Description: mremap: properly flush TLB before releasing the page
+References:
+ https://www.openwall.com/lists/oss-security/2018/10/29/5
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1695
+Notes:
+Bugs:
+upstream: released (4.19) [eb66ae030829605d61fbef1909ce310e29f78821]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.135) [e34bd9a96704f7089ccad61b6e01ea985fa54dd6]
+3.16-upstream-stable: released (3.16.62) [2567a342d707b1245e837f16cb7555b360e2c580]
+sid: released (4.18.20-1)
+4.9-stretch-security: released (4.9.135-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-18690 b/retired/CVE-2018-18690
new file mode 100644
index 000000000..942f607a6
--- /dev/null
+++ b/retired/CVE-2018-18690
@@ -0,0 +1,13 @@
+Description: xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE
+References:
+ https://bugzilla.kernel.org/show_bug.cgi?id=199119
+ https://bugzilla.suse.com/show_bug.cgi?id=1105025
+Notes:
+Bugs:
+upstream: released (4.17-rc4) [7b38460dc8e4eafba06c78f8e37099d3b34d473c]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.144) [4ec44e98ab08c704d0ff1a35a21a0682a5562a27]
+3.16-upstream-stable: released (3.16.62) [789a4317666e599e487ec1983643de1b519c431e]
+sid: released (4.17.3-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-18710 b/retired/CVE-2018-18710
new file mode 100644
index 000000000..17dadf751
--- /dev/null
+++ b/retired/CVE-2018-18710
@@ -0,0 +1,11 @@
+Description: cdrom: fix improper type cast, which can leat to information leak
+References:
+Notes:
+Bugs:
+upstream: released (4.20-rc1) [e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276]
+4.19-upstream-stable: released (4.19.3) [c8099dbf492b565a4f75ae7b8c08b76ca18c4c3f]
+4.9-upstream-stable: released (4.9.138) [8dd745a8799ee01fc67b64fd33cdb44d04eb7e4c]
+3.16-upstream-stable: released (3.16.62) [4d0f2564603d1ef8cce8a083751442342e9c9474]
+sid: released (4.18.20-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-19407 b/retired/CVE-2018-19407
new file mode 100644
index 000000000..4d1d62dee
--- /dev/null
+++ b/retired/CVE-2018-19407
@@ -0,0 +1,16 @@
+Description: KVM: X86: Fix scan ioapic use-before-initialization
+References:
+ https://lkml.org/lkml/2018/11/20/580
+Notes:
+ carnil> Introduced by 3d81bc7e96d6bca0b8f8b7d1bf6ea72caa3aac57 (3.10-rc1)
+ bwh> I'm fairly sure this is impossible before commit 5c919412fe61
+ bwh> "kvm/x86: Hyper-V synthetic interrupt controller" (4.5-rc1).  The
+ bwh> reproducer didn't work for me on either 3.16 or 4.9.
+Bugs:
+upstream: released (4.20-rc5) [e97f852fd4561e77721bb9a4e0ea9d98305b1e93]
+4.19-upstream-stable: released (4.19.7) [61c42d657c859ccc95e53afdac64f73a0053b8ea]
+4.9-upstream-stable: released (4.9.143) [3a468e8e5a6124523e2e94c33866c609cc914876]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.19.9-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2018-20511 b/retired/CVE-2018-20511
new file mode 100644
index 000000000..4420f6a38
--- /dev/null
+++ b/retired/CVE-2018-20511
@@ -0,0 +1,13 @@
+Description: net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
+References:
+ http://blog.infosectcbr.com.au/2018/09/linux-kernel-infoleaks.html
+ https://lkml.org/lkml/2018/9/27/480
+Notes:
+Bugs:
+upstream: released (4.19-rc5) [9824dfae5741275473a23a7ed5756c7b6efacc9d]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.130) [11f734283a987ac26365aefafdd012a3f37e05a3]
+3.16-upstream-stable: released (3.16.64) [0c4d7b52773b227211d311858f3c3b56f7c44874]
+sid: released (4.18.20-1)
+4.9-stretch-security: released (4.9.130-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-5848 b/retired/CVE-2018-5848
new file mode 100644
index 000000000..68b9fb88c
--- /dev/null
+++ b/retired/CVE-2018-5848
@@ -0,0 +1,15 @@
+Description: wil6210: missing length check in wmi_set_ie
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1590799
+ https://bugzilla.suse.com/show_bug.cgi?id=1097356
+ https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2#_CVE-2018-5848
+ https://marc.info/?l=linux-wireless&m=151066597529493&w=2
+Notes:
+Bugs:
+upstream: released (4.16-rc1) [b5a8ffcae4103a9d823ea3aa3a761f65779fbe2a]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.144) [35db4d1ed8a344899a87887fa7bf11be5b057bec]
+3.16-upstream-stable: released (3.16.62) [921c1539170bf690cad59b3dbebf7d46843d28e2]
+sid: released (4.16.5-1)
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2018-5953 b/retired/CVE-2018-5953
new file mode 100644
index 000000000..f33a37455
--- /dev/null
+++ b/retired/CVE-2018-5953
@@ -0,0 +1,16 @@
+Description: information disclosure
+References:
+ https://github.com/johnsonwangqize/cve-linux/blob/master/%20CVE-2018-5953.md
+Notes:
+ bwh> The upstream fix was to obscure formatted pointer values by
+ bwh> default.  This carries a high risk of regression so I don't
+ bwh> think it should be backported.  A more targetted fix should
+ bwh> be possible.
+Bugs:
+upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.145) [adcc5726f1402e7ea39bebd08688efcc09ba4d26]
+3.16-upstream-stable: released (3.16.64) [9ebdc41f7115c2fb37da946dd50e531d00533ca1]
+sid: released (4.15.4-1)
+4.9-stretch-security: ignored "kernel log restricted to root by default"
+3.16-jessie-security: released (3.16.64-1)
diff --git a/retired/CVE-2019-8912 b/retired/CVE-2019-8912
new file mode 100644
index 000000000..de231b47f
--- /dev/null
+++ b/retired/CVE-2019-8912
@@ -0,0 +1,22 @@
+Description: net: crypto set sk to NULL when af_alg_release.
+References:
+ https://patchwork.ozlabs.org/patch/1042902/
+ https://bugzilla.novell.com/show_bug.cgi?id=1125907
+ https://bugzilla.novell.com/show_bug.cgi?id=1125907#c5
+Notes:
+ carnil> This is a followup fix for
+ carnil> 6d8c50dcb029872b298eea68cc6209c866fd3e14 (4.18-rc1) which was
+ carnil> CVE-2018-12232. CVE-2018-12232 was affecting only 4.10-rc1
+ carnil> onwards, quoting the note in CVE-2018-12232.
+ carnil> Issue introduced with 86741ec25462 ("net: core: Add a UID field
+ carnil> to struct sock.").
+ carnil> There might be a more generic follow-up as per
+ carnil> https://patchwork.ozlabs.org/patch/1046478/
+Bugs:
+upstream: released (5.0-rc8) [9060cb719e61b685ec0102574e10337fa5f445ea]
+4.19-upstream-stable: released (4.19.25) [eb5e6869125f69dd28513f92992d97ec62bb9773]
+4.9-upstream-stable: N/A "Vulnerable code introduced later"
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (4.19.28-1)
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
diff --git a/retired/CVE-2019-8956 b/retired/CVE-2019-8956
new file mode 100644
index 000000000..0f7415f43
--- /dev/null
+++ b/retired/CVE-2019-8956
@@ -0,0 +1,14 @@
+Description: sctp: walk the list of asoc safely
+References:
+ https://bugzilla.novell.com/show_bug.cgi?id=1124136
+ https://secuniaresearch.flexerasoftware.com/secunia_research/2019-5/
+Notes:
+ carnil> Introduced in 4910280503f3 ("sctp: add support for snd flag SCTP_SENDALL process in sendmsg") in 4.17-rc1.
+Bugs:
+upstream: released (5.0-rc6) [ba59fb0273076637f0add4311faa990a5eec27c0]
+4.19-upstream-stable: released (4.19.21) [7c2361308e1727c3135ebb3b5c6906fb781bb261]
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.19.28-1)
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2019-9162 b/retired/CVE-2019-9162
new file mode 100644
index 000000000..f1fe654e9
--- /dev/null
+++ b/retired/CVE-2019-9162
@@ -0,0 +1,13 @@
+Description: netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs
+References:
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1776
+Notes:
+ carnil> Introduced with cc2d58634e0f489d28b5564c05abc69930b4d920 (4.16-rc1)
+Bugs:
+upstream: released (5.0-rc7) [c4c07b4d6fa1f11880eab8e076d3d060ef3f55fc]
+4.19-upstream-stable: released (4.19.25) [6a3f7237871c4d5c090ab9a6fce3ba6a1baf1f82]
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.19.28-1)
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3