Retire some CVEsHEAD master

author: Salvatore Bonaccorso <carnil@debian.org> 2024-05-01 21:27:29 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-05-01 21:27:29 +0200
commit: bcce47f6eaa1770d877fcd92df311b9a5efee54f (patch)
tree: 2123e885bc8fdd2405211e6fce0aec1125338bf5 /active
parent: 52a3eb5c9653ed9b0fa35e48959cc87ff36c3e29 (diff)
29 files changed, 0 insertions, 465 deletions
diff --git a/active/CVE-2022-48669 b/active/CVE-2022-48669
deleted file mode 100644
index 42133200..00000000
--- a/active/CVE-2022-48669
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: powerpc/pseries: Fix potential memleak in papr_get_attr()
-References:
-Notes:
- carnil> Introduced in 3c14b73454cf ("powerpc/pseries: Interface to represent PAPR
- carnil> firmware attributes"). Vulnerable versions: 5.18-rc1.
-Bugs:
-upstream: released (6.9-rc1) [cda9c0d556283e2d4adaa9960b2dc19b16156bae]
-6.8-upstream-stable: released (6.8.2) [d0647c3e81eff62b66d46fd4e475318cb8cb3610]
-6.6-upstream-stable: released (6.6.23) [1699fb915b9f61794d559b55114c09a390aaf234]
-6.1-upstream-stable: released (6.1.83) [a3f22feb2220a945d1c3282e34199e8bcdc5afc4]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: released (6.1.85-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52649 b/active/CVE-2023-52649
deleted file mode 100644
index 3e2b3d8e..00000000
--- a/active/CVE-2023-52649
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: drm/vkms: Avoid reading beyond LUT array
-References:
-Notes:
- carnil> Introduced in db1f254f2cfa ("drm/vkms: Add support to 1D gamma LUT").
- carnil> Vulnerable versions: 6.6-rc1.
-Bugs:
-upstream: released (6.9-rc1) [2fee84030d12d9fddfa874e4562d71761a129277]
-6.8-upstream-stable: released (6.8.2) [92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d]
-6.6-upstream-stable: released (6.6.23) [9556c167673057d48ce4a0da675026fe046654c1]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27023 b/active/CVE-2024-27023
deleted file mode 100644
index 41d680eb..00000000
--- a/active/CVE-2024-27023
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: md: Fix missing release of 'active_io' for flush
-References:
-Notes:
- carnil> Introduced in fa2bbff7b0b4 ("md: synchronize flush io with array
- carnil> reconfiguration"). Vulnerable versions: 6.1.75 6.6.14 6.7.2 6.8-rc1.
-Bugs:
-upstream: released (6.8-rc6) [855678ed8534518e2b428bcbcec695de9ba248e8]
-6.8-upstream-stable: N/A "Fixed before branching point"
-6.6-upstream-stable: released (6.6.19) [02dad157ba11064d073f5499dc33552b227d5d3a]
-6.1-upstream-stable: released (6.1.80) [6b2ff10390b19a2364af622b6666b690443f9f3f]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27026 b/active/CVE-2024-27026
deleted file mode 100644
index 840095be..00000000
--- a/active/CVE-2024-27026
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: vmxnet3: Fix missing reserved tailroom
-References:
-Notes:
- carnil> Introduced in 54f00cce1178 ("vmxnet3: Add XDP support."). Vulnerable versions:
- carnil> 6.6-rc1.
-Bugs:
-upstream: released (6.9-rc1) [e127ce7699c1e05279ee5ee61f00893e7bfa9671]
-6.8-upstream-stable: released (6.8.2) [91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262]
-6.6-upstream-stable: released (6.6.23) [aba8659caf88017507419feea06069f529329ea6]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27027 b/active/CVE-2024-27027
deleted file mode 100644
index c9676d62..00000000
--- a/active/CVE-2024-27027
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: dpll: fix dpll_xa_ref_*_del() for multiple registrations
-References:
-Notes:
- carnil> Introduced in 9431063ad323 ("dpll: core: Add DPLL framework base functions").
- carnil> Vulnerable versions: 6.7-rc1.
-Bugs:
-upstream: released (6.9-rc1) [b446631f355ece73b13c311dd712c47381a23172]
-6.8-upstream-stable: released (6.8.2) [b27e32e9367dac024cd6f61f22655714f483fd67]
-6.6-upstream-stable: N/A "Vulnerable code not present"
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27029 b/active/CVE-2024-27029
deleted file mode 100644
index e92756b9..00000000
--- a/active/CVE-2024-27029
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: drm/amdgpu: fix mmhub client id out-of-bounds access
-References:
-Notes:
- carnil> Introduced in aba2be41470a ("drm/amdgpu: add mmhub 3.3.0 support"). Vulnerable
- carnil> versions: 6.7-rc1.
-Bugs:
-upstream: released (6.9-rc1) [6540ff6482c1a5a6890ae44b23d0852ba1986d9e]
-6.8-upstream-stable: released (6.8.2) [1f24b3040f2b6ffcb97151fabb3070328254d923]
-6.6-upstream-stable: N/A "Vulnerable code not present"
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27031 b/active/CVE-2024-27031
deleted file mode 100644
index 30bd48f5..00000000
--- a/active/CVE-2024-27031
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt
-References:
-Notes:
- carnil> Introduced in 000dbe0bec05 ("NFS: Convert buffered read paths to use netfs when
- carnil> fscache is enabled"). Vulnerable versions: 6.4-rc1.
-Bugs:
-upstream: released (6.9-rc1) [fd5860ab6341506004219b080aea40213b299d2e]
-6.8-upstream-stable: released (6.8.2) [8a2e5977cecd3cde6a0e3e86b7b914d00240e5dc]
-6.6-upstream-stable: released (6.6.23) [ad27382f8495f8ef6d2c66c413d756bfd13c0598]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27033 b/active/CVE-2024-27033
deleted file mode 100644
index d8af9f85..00000000
--- a/active/CVE-2024-27033
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: f2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic
-References:
-Notes:
- carnil> Introduced in 18792e64c86d ("f2fs: support fault injection for
- carnil> f2fs_is_valid_blkaddr()"). Vulnerable versions: 6.2-rc1.
-Bugs:
-upstream: released (6.9-rc1) [b896e302f79678451a94769ddd9e52e954c64fbb]
-6.8-upstream-stable: released (6.8.2) [abe98a05e7162f64759bf9111108ebcb11322dec]
-6.6-upstream-stable: released (6.6.23) [0386408036bfc8b50296d9e544ff91c4d52af2db]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27036 b/active/CVE-2024-27036
deleted file mode 100644
index caa4e371..00000000
--- a/active/CVE-2024-27036
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: cifs: Fix writeback data corruption
-References:
-Notes:
- carnil> Introduced in d08089f649a0 ("cifs: Change the I/O paths to use an iterator
- carnil> rather than a page list"). Vulnerable versions: 6.3-rc1.
-Bugs:
-upstream: released (6.9-rc1) [f3dc1bdb6b0b0693562c7c54a6c28bafa608ba3c]
-6.8-upstream-stable: released (6.8.2) [844b4e132f57f1333dc79feaa035075a096762e4]
-6.6-upstream-stable: released (6.6.23) [e45deec35bf7f1f4f992a707b2d04a8c162f2240]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27039 b/active/CVE-2024-27039
deleted file mode 100644
index 47053f0e..00000000
--- a/active/CVE-2024-27039
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: clk: hisilicon: hi3559a: Fix an erroneous devm_kfree()
-References:
-Notes:
- carnil> Introduced in 6c81966107dc ("clk: hisilicon: Add clock driver for hi3559A
- carnil> SoC"). Vulnerable versions: 5.14-rc1.
-Bugs:
-upstream: released (6.9-rc1) [64c6a38136b74a2f18c42199830975edd9fbc379]
-6.8-upstream-stable: released (6.8.2) [d575765b1b62e8bdb00af11caa1aabeb01763d9f]
-6.6-upstream-stable: released (6.6.23) [95d1f1228c1bb54803ae57525b76db60e99b37e4]
-6.1-upstream-stable: released (6.1.83) [e0b0d1c46a2ce1e46b79d004a7270fdef872e097]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: released (6.1.85-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27040 b/active/CVE-2024-27040
deleted file mode 100644
index df6f4b43..00000000
--- a/active/CVE-2024-27040
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: drm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()'
-References:
-Notes:
- carnil> Introduced in c7ddc0a800bc ("drm/amd/display: Add Functions to enable Freesync
- carnil> Panel Replay"). Vulnerable versions: 6.6-rc1.
-Bugs:
-upstream: released (6.9-rc1) [f6aed043ee5d75b3d1bfc452b1a9584b63c8f76b]
-6.8-upstream-stable: released (6.8.2) [d0e94f4807ff0df66cf447d6b4bbb8ac830e99c3]
-6.6-upstream-stable: released (6.6.23) [f610c46771ef1047e46d61807aa7c69cd29e63d8]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27048 b/active/CVE-2024-27048
deleted file mode 100644
index e50f6d98..00000000
--- a/active/CVE-2024-27048
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: wifi: brcm80211: handle pmk_op allocation failure
-References:
-Notes:
- carnil> Introduced in a96202acaea4 ("wifi: brcmfmac: cfg80211: Add support for PMKID_V3
- carnil> operations"). Vulnerable versions: 6.4-rc1.
-Bugs:
-upstream: released (6.9-rc1) [b4152222e04cb8afeeca239c90e3fcaf4c553b42]
-6.8-upstream-stable: released (6.8.2) [6138a82f3bccfc67ed7ac059493579fc326c02e5]
-6.6-upstream-stable: released (6.6.23) [df62e22c2e27420e8990a4f09e30d7bf56c2036f]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27049 b/active/CVE-2024-27049
deleted file mode 100644
index 34edc9f8..00000000
--- a/active/CVE-2024-27049
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: wifi: mt76: mt7925e: fix use-after-free in free_irq()
-References:
-Notes:
- carnil> Introduced in c948b5da6bbe ("wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for
- carnil> mt7925 chips"). Vulnerable versions: 6.7-rc1.
-Bugs:
-upstream: released (6.9-rc1) [a5a5f4413d91f395cb2d89829d376d7393ad48b9]
-6.8-upstream-stable: released (6.8.2) [6d9930096e1f13cf6d9aabfbf95d0e05fb04144f]
-6.6-upstream-stable: N/A "Vulnerable code not present"
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27050 b/active/CVE-2024-27050
deleted file mode 100644
index 42ccec02..00000000
--- a/active/CVE-2024-27050
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: libbpf: Use OPTS_SET() macro in bpf_xdp_query()
-References:
-Notes:
- carnil> Introduced in 13ce2daa259a ("xsk: add new netlink attribute dedicated for ZC
- carnil> max frags"). Vulnerable versions: 6.6-rc1.
-Bugs:
-upstream: released (6.9-rc1) [92a871ab9fa59a74d013bc04f321026a057618e7]
-6.8-upstream-stable: released (6.8.2) [cd3be9843247edb8fc6fcd8d8237cbce2bc19f5e]
-6.6-upstream-stable: released (6.6.23) [fa5bef5e80c6a3321b2b1a7070436f3bc5daf07c]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27055 b/active/CVE-2024-27055
deleted file mode 100644
index 2b0d5a5a..00000000
--- a/active/CVE-2024-27055
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: workqueue: Don't call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()
-References:
-Notes:
- carnil> Introduced in 5797b1c18919 ("workqueue: Implement system-wide nr_active
- carnil> enforcement for unbound workqueues"). Vulnerable versions: 6.6.25 6.7.11 6.8.4
- carnil> 6.9-rc1.
-Bugs:
-upstream: released (6.9-rc1) [15930da42f8981dc42c19038042947b475b19f47]
-6.8-upstream-stable: released (6.8.4) [adc646d2126988a64234502f579e4bc2b080d7cf]
-6.6-upstream-stable: released (6.6.25) [a75ac2693d734d20724f0e10e039ca85f1fcfc4e]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27058 b/active/CVE-2024-27058
deleted file mode 100644
index d7f30129..00000000
--- a/active/CVE-2024-27058
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: tmpfs: fix race on handling dquot rbtree
-References:
-Notes:
- carnil> Introduced in eafc474e2029 ("shmem: prepare shmem quota infrastructure").
- carnil> Vulnerable versions: 6.6-rc1.
-Bugs:
-upstream: released (6.9-rc2) [0a69b6b3a026543bc215ccc866d0aea5579e6ce2]
-6.8-upstream-stable: released (6.8.3) [f82f184874d2761ebaa60dccf577921a0dbb3810]
-6.6-upstream-stable: released (6.6.24) [c7077f43f30d817d10a9f8245e51576ac114b2f0]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27060 b/active/CVE-2024-27060
deleted file mode 100644
index cc9e53c6..00000000
--- a/active/CVE-2024-27060
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: thunderbolt: Fix NULL pointer dereference in tb_port_update_credits()
-References:
-Notes:
- carnil> Introduced in 81af2952e606 ("thunderbolt: Add support for asymmetric link").
- carnil> Vulnerable versions: 6.7-rc1.
-Bugs:
-upstream: released (6.8) [d3d17e23d1a0d1f959b4fa55b35f1802d9c584fa]
-6.8-upstream-stable: released (6.8) [d3d17e23d1a0d1f959b4fa55b35f1802d9c584fa]
-6.6-upstream-stable: N/A "Vulnerable code not present"
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27061 b/active/CVE-2024-27061
deleted file mode 100644
index cf18512f..00000000
--- a/active/CVE-2024-27061
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: crypto: sun8i-ce - Fix use after free in unprepare
-References:
-Notes:
- carnil> Introduced in 4136212ab18e ("crypto: sun8i-ce - Remove prepare/unprepare
- carnil> request"). Vulnerable versions: 6.6-rc1.
-Bugs:
-upstream: released (6.8) [183420038444547c149a0fc5f58e792c2752860c]
-6.8-upstream-stable: released (6.8) [183420038444547c149a0fc5f58e792c2752860c]
-6.6-upstream-stable: released (6.6.24) [dc60b25540c82fc4baa95d1458ae96ead21859e0]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27063 b/active/CVE-2024-27063
deleted file mode 100644
index 2b8afb63..00000000
--- a/active/CVE-2024-27063
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: leds: trigger: netdev: Fix kernel panic on interface rename trig notify
-References:
-Notes:
- carnil> Introduced in d5e01266e7f5 ("leds: trigger: netdev: add additional specific
- carnil> link speed mode"). Vulnerable versions: 6.5-rc1.
-Bugs:
-upstream: released (6.9-rc1) [415798bc07dd1c1ae3a656aa026580816e0b9fe8]
-6.8-upstream-stable: released (6.8.3) [3f360227cb46edb2cd2494128e1e06ed5768a62e]
-6.6-upstream-stable: released (6.6.24) [10f2af1af8ab8a7064f193446abd5579d3def7e3]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27064 b/active/CVE-2024-27064
deleted file mode 100644
index c9c7b2d7..00000000
--- a/active/CVE-2024-27064
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain
-References:
-Notes:
- carnil> Introduced in b9703ed44ffb ("netfilter: nf_tables: support for adding new
- carnil> devices to an existing netdev chain"). Vulnerable versions: 6.3.3 6.4-rc1.
-Bugs:
-upstream: released (6.9-rc1) [7eaf837a4eb5f74561e2486972e7f5184b613f6e]
-6.8-upstream-stable: released (6.8.2) [e77a6b53a3a547b6dedfc40c37cee4f310701090]
-6.6-upstream-stable: released (6.6.23) [79846fdcc548d617b0b321addc6a3821d3b75b20]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27066 b/active/CVE-2024-27066
deleted file mode 100644
index 23a9f5f0..00000000
--- a/active/CVE-2024-27066
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: virtio: packed: fix unmap leak for indirect desc table
-References:
-Notes:
- carnil> Introduced in b319940f83c2 ("virtio_ring: skip unmap for premapped").
- carnil> Vulnerable versions: 6.6-rc1.
-Bugs:
-upstream: released (6.9-rc1) [d5c0ed17fea60cca9bc3bf1278b49ba79242bbcd]
-6.8-upstream-stable: released (6.8.2) [51bacd9d29bf98c3ebc65e4a0477bb86306b4140]
-6.6-upstream-stable: released (6.6.23) [e142169aca5546ae6619c39a575cda8105362100]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27067 b/active/CVE-2024-27067
deleted file mode 100644
index e9112c2b..00000000
--- a/active/CVE-2024-27067
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: xen/evtchn: avoid WARN() when unbinding an event channel
-References:
-Notes:
- carnil> Introduced in 9e90e58c11b7 ("xen: evtchn: Allow shared registration of IRQ
- carnil> handers"). Vulnerable versions: 6.6.19 6.7-rc1.
-Bugs:
-upstream: released (6.9-rc1) [51c23bd691c0f1fb95b29731c356c6fd69925d17]
-6.8-upstream-stable: released (6.8.2) [9e2d4b58c1da48a32905802aaeadba7084b46895]
-6.6-upstream-stable: released (6.6.23) [99e425032c6ec13584d3cd33846e0c7307501b47]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27068 b/active/CVE-2024-27068
deleted file mode 100644
index 90c0f06e..00000000
--- a/active/CVE-2024-27068
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path
-References:
-Notes:
- carnil> Introduced in f5f633b18234 ("thermal/drivers/mediatek: Add the Low Voltage
- carnil> Thermal Sensor driver"). Vulnerable versions: 6.3-rc1.
-Bugs:
-upstream: released (6.9-rc1) [ca93bf607a44c1f009283dac4af7df0d9ae5e357]
-6.8-upstream-stable: released (6.8.2) [9b02197596671800dd934609384b1aca7c6ad218]
-6.6-upstream-stable: released (6.6.23) [2db869da91afd48e5b9ec76814709be49662b07d]
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27069 b/active/CVE-2024-27069
deleted file mode 100644
index 317fcf80..00000000
--- a/active/CVE-2024-27069
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: ovl: relax WARN_ON in ovl_verify_area()
-References:
-Notes:
- carnil> Introduced in ca7ab482401c ("ovl: add permission hooks outside of
- carnil> do_splice_direct()"). Vulnerable versions: 6.8-rc1.
-Bugs:
-upstream: released (6.9-rc1) [77a28aa476873048024ad56daf8f4f17d58ee48e]
-6.8-upstream-stable: released (6.8.2) [c3c85aefc0da1e5074a06c682542a54ccc99bdca]
-6.6-upstream-stable: N/A "Vulnerable code not present"
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: N/A "Vulnerable code not present"
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27070 b/active/CVE-2024-27070
deleted file mode 100644
index f490576c..00000000
--- a/active/CVE-2024-27070
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault
-References:
-Notes:
- carnil> Introduced in 87f3afd366f7 ("f2fs: add tracepoint for f2fs_vm_page_mkwrite()").
- carnil> Vulnerable versions: 6.8-rc1.
-Bugs:
-upstream: released (6.9-rc1) [eb70d5a6c932d9d23f4bb3e7b83782c21ac4b064]
-6.8-upstream-stable: released (6.8.2) [8186e16a766d709a08f188d2f4e84098f364bea1]
-6.6-upstream-stable: N/A "Vulnerable code not present"
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: N/A "Vulnerable code not present"
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27071 b/active/CVE-2024-27071
deleted file mode 100644
index 88f100d9..00000000
--- a/active/CVE-2024-27071
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: backlight: hx8357: Fix potential NULL pointer dereference
-References:
-Notes:
- carnil> Introduced in 7d84a63a39b7 ("backlight: hx8357: Convert to agnostic GPIO API").
- carnil> Vulnerable versions: 6.8-rc1.
-Bugs:
-upstream: released (6.9-rc1) [b1ba8bcb2d1ffce11b308ce166c9cc28d989e3b9]
-6.8-upstream-stable: released (6.8.2) [67e578c8ff2d7df03bf8ca9a7f5436b1796f6ad1]
-6.6-upstream-stable: N/A "Vulnerable code not present"
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: N/A "Vulnerable code not present"
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27390 b/active/CVE-2024-27390
deleted file mode 100644
index d7515f2f..00000000
--- a/active/CVE-2024-27390
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down()
-References:
-Notes:
- carnil> Introduced in f185de28d9ae ("mld: add new workqueues for process mld events").
- carnil> Vulnerable versions: 5.13-rc1.
-Bugs:
-upstream: released (6.9-rc1) [17ef8efc00b34918b966388b2af0993811895a8c]
-6.8-upstream-stable: released (6.8.2) [5da9a218340a2bc804dc4327e5804392e24a0b88]
-6.6-upstream-stable: released (6.6.23) [26d4bac55750d535f1f0b8790dc26daf6089e373]
-6.1-upstream-stable: released (6.1.83) [a03ede2282ebbd181bd6f5c38cbfcb5765afcd04]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: released (6.1.85-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27391 b/active/CVE-2024-27391
deleted file mode 100644
index 020ab76d..00000000
--- a/active/CVE-2024-27391
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: wifi: wilc1000: do not realloc workqueue everytime an interface is added
-References:
-Notes:
- carnil> Introduced in 09ed8bfc5215 ("wilc1000: Rename workqueue from "WILC_wq" to
- carnil> "NETDEV-wq""). Vulnerable versions: 5.17-rc1.
-Bugs:
-upstream: released (6.9-rc1) [328efda22af81130c2ad981c110518cb29ff2f1d]
-6.8-upstream-stable: released (6.8.2) [9ab0c303ccabfd6bdce14432792d41090070008c]
-6.6-upstream-stable: released (6.6.23) [4041c60a9d543b3ad50225385b072ba68e96166e]
-6.1-upstream-stable: released (6.1.83) [515cc676dfbce40d93c92b1ff3c1070e917f4e52]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.12-1)
-6.1-bookworm-security: released (6.1.85-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-27392 b/active/CVE-2024-27392
deleted file mode 100644
index 4cf34fd6..00000000
--- a/active/CVE-2024-27392
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: nvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse()
-References:
-Notes:
- carnil> Introduced in a1a825ab6a60 ("nvme: add csi, ms and nuse to sysfs"). Vulnerable
- carnil> versions: 6.8-rc1.
-Bugs:
-upstream: released (6.9-rc1) [8d0d2447394b13fb22a069f0330f9c49b7fff9d3]
-6.8-upstream-stable: released (6.8.2) [534f9dc7fe495b3f9cc84363898ac50c5a25fccb]
-6.6-upstream-stable: N/A "Vulnerable code not present"
-6.1-upstream-stable: N/A "Vulnerable code not present"
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: N/A "Vulnerable code not present"
-6.1-bookworm-security: N/A "Vulnerable code not present"
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-05-01 21:27:29 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-05-01 21:27:29 +0200
commit	bcce47f6eaa1770d877fcd92df311b9a5efee54f (patch)
tree	2123e885bc8fdd2405211e6fce0aec1125338bf5 /active
parent	52a3eb5c9653ed9b0fa35e48959cc87ff36c3e29 (diff)