summaryrefslogtreecommitdiffstats
path: root/active
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2024-04-13 21:16:26 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2024-04-13 21:16:26 +0200
commit774dc7e59bd9c7d8b94fa34897c4365824845ea6 (patch)
treea3aaad072a6dccb98740058628174f4b6bbc6d8b /active
parenta017799330d4e5d96e5c64ccfba008a85ef29f8c (diff)
Retire some CVEs
Diffstat (limited to 'active')
-rw-r--r--active/CVE-2023-217618
-rw-r--r--active/CVE-2023-5263116
-rw-r--r--active/CVE-2024-2658216
-rw-r--r--active/CVE-2024-2659017
-rw-r--r--active/CVE-2024-2660316
-rw-r--r--active/CVE-2024-2662616
-rw-r--r--active/CVE-2024-2666016
-rw-r--r--active/CVE-2024-2666716
-rw-r--r--active/CVE-2024-2667616
-rw-r--r--active/CVE-2024-2668116
-rw-r--r--active/CVE-2024-2671016
-rw-r--r--active/CVE-2024-2671416
-rw-r--r--active/CVE-2024-2671716
-rw-r--r--active/CVE-2024-2672316
-rw-r--r--active/CVE-2024-2673116
-rw-r--r--active/CVE-2024-2673716
-rw-r--r--active/CVE-2024-2674116
-rw-r--r--active/CVE-2024-2674216
-rw-r--r--active/CVE-2024-2674516
-rw-r--r--active/CVE-2024-2675016
-rw-r--r--active/CVE-2024-2676016
-rw-r--r--active/CVE-2024-2676116
-rw-r--r--active/CVE-2024-2678017
-rw-r--r--active/CVE-2024-2678916
-rw-r--r--active/CVE-2024-2679816
-rw-r--r--active/CVE-2024-2680016
-rw-r--r--active/CVE-2024-2680216
-rw-r--r--active/CVE-2024-2680316
28 files changed, 0 insertions, 452 deletions
diff --git a/active/CVE-2023-2176 b/active/CVE-2023-2176
deleted file mode 100644
index 8475aa33..00000000
--- a/active/CVE-2023-2176
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: cma: IP tree/list corruption triggered by rebinding
-References:
- https://lkml.org/lkml/2022/12/9/178
- https://www.spinics.net/lists/linux-rdma/msg114749.html
- https://patchwork.kernel.org/project/linux-rdma/patch/3d0e9a2fd62bc10ba02fed1c7c48a48638952320.1672819273.git.leonro@nvidia.com/
-Notes:
- bwh> Appears to have been introduced in 6.0 by commit fc008bdbf1cd
- bwh> "RDMA/core: Add an rb_tree that stores cm_ids sorted by ifindex
- bwh> and remote IP".
-Bugs:
-upstream: released (6.3-rc1) [8d037973d48c026224ab285e6a06985ccac6f7bf]
-6.1-upstream-stable: released (6.1.81) [88067197e97af3fcb104dd86030f788ec1b32fdb]
-5.10-upstream-stable: N/A "Vulnerability introduced later"
-4.19-upstream-stable: N/A "Vulnerability introduced later"
-sid: released (6.3.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerability introduced later"
-4.19-buster-security: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2023-52631 b/active/CVE-2023-52631
deleted file mode 100644
index e9622e88..00000000
--- a/active/CVE-2023-52631
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: fs/ntfs3: Fix an NULL dereference bug
-References:
-Notes:
- carnil> Introduced in be71b5cba2e6 ("fs/ntfs3: Add attrib operations"). Vulnerable
- carnil> versions: 5.15-rc1.
-Bugs:
-upstream: released (6.8-rc4) [b2dd7b953c25ffd5912dda17e980e7168bebcf6c]
-6.7-upstream-stable: released (6.7.5) [686820fe141ea0220fc6fdfc7e5694f915cf64b2]
-6.6-upstream-stable: released (6.6.17) [fb7bcd1722bc9bc55160378f5f99c01198fd14a7]
-6.1-upstream-stable: released (6.1.78) [ec1bedd797588fe38fc11cba26d77bb1d9b194c6]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26582 b/active/CVE-2024-26582
deleted file mode 100644
index 9ea50092..00000000
--- a/active/CVE-2024-26582
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: net: tls: fix use-after-free with partial reads and async decrypt
-References:
-Notes:
- carnil> Introduced in fd31f3996af2 ("tls: rx: decrypt into a fresh skb"). Vulnerable
- carnil> versions: 6.0-rc1.
-Bugs:
-upstream: released (6.8-rc5) [32b55c5ff9103b8508c1e04bfa5a08c64e7a925f]
-6.7-upstream-stable: released (6.7.6) [754c9bab77a1b895b97bd99d754403c505bc79df]
-6.6-upstream-stable: released (6.6.18) [d684763534b969cca1022e2a28645c7cc91f7fa5]
-6.1-upstream-stable: released (6.1.79) [20b4ed034872b4d024b26e2bc1092c3f80e5db96]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26590 b/active/CVE-2024-26590
deleted file mode 100644
index 8e42da90..00000000
--- a/active/CVE-2024-26590
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: erofs: fix inconsistent per-file compression format
-References:
-Notes:
- carnil> Introduced in 8f89926290c4 ("erofs: get compression algorithms directly on
- carnil> mapping")
- carnil> 622ceaddb764 ("erofs: lzma compression support"). Vulnerable versions: 5.16-rc1.
-Bugs:
-upstream: released (6.8-rc1) [118a8cf504d7dfa519562d000f423ee3ca75d2c4]
-6.7-upstream-stable: released (6.7.2) [eed24b816e50c6cd18cbee0ff0d7218c8fced199]
-6.6-upstream-stable: released (6.6.14) [823ba1d2106019ddf195287ba53057aee33cf724]
-6.1-upstream-stable: released (6.1.80) [47467e04816cb297905c0f09bc2d11ef865942d9]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.6.15-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26603 b/active/CVE-2024-26603
deleted file mode 100644
index c7dc84ae..00000000
--- a/active/CVE-2024-26603
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: x86/fpu: Stop relying on userspace for info to fault in xsave buffer
-References:
-Notes:
- carnil> Introduced in fcb3635f5018 ("x86/fpu/signal: Handle #PF in the direct restore
- carnil> path"). Vulnerable versions: 5.14-rc1.
-Bugs:
-upstream: released (6.8-rc4) [d877550eaf2dc9090d782864c96939397a3c6835]
-6.7-upstream-stable: released (6.7.6) [627e28cbb65564e55008315d9e02fbb90478beda]
-6.6-upstream-stable: released (6.6.18) [b2479ab426cef7ab79a13005650eff956223ced2]
-6.1-upstream-stable: released (6.1.79) [627339cccdc9166792ecf96bc3c9f711a60ce996]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26626 b/active/CVE-2024-26626
deleted file mode 100644
index 2ae200cd..00000000
--- a/active/CVE-2024-26626
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: ipmr: fix kernel panic when forwarding mcast packets
-References:
-Notes:
- carnil> Introduced in bb7403655b3c ("ipmr: support IP_PKTINFO on cache report IGMP
- carnil> msg"). Vulnerable versions: 6.1.75 6.6.14 6.7.2 6.8-rc1.
-Bugs:
-upstream: released (6.8-rc3) [e622502c310f1069fd9f41cd38210553115f610a]
-6.7-upstream-stable: released (6.7.4) [2e8c9ae40adda2be1ba41c05fd3cd1e61cce3207]
-6.6-upstream-stable: released (6.6.16) [dcaafdba6c6162bb49f1192850bc3bbc3707738c]
-6.1-upstream-stable: released (6.1.77) [d2f1b7fe74afd66298dbb3c7b39e7b62e4df1724]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26660 b/active/CVE-2024-26660
deleted file mode 100644
index 5333a270..00000000
--- a/active/CVE-2024-26660
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: drm/amd/display: Implement bounds check for stream encoder creation in DCN301
-References:
-Notes:
- carnil> Introduced in 3a83e4e64bb1 ("drm/amd/display: Add dcn3.01 support to DC (v2)").
- carnil> Vulnerable versions: 5.11-rc1.
-Bugs:
-upstream: released (6.8-rc4) [58fca355ad37dcb5f785d9095db5f748b79c5dc2]
-6.7-upstream-stable: released (6.7.5) [a938eab9586eea31cfd129a507f552efae14d738]
-6.6-upstream-stable: released (6.6.17) [cd9bd10c59e3c1446680514fd3097c5b00d3712d]
-6.1-upstream-stable: released (6.1.78) [efdd665ce1a1634b8c1dad5e7f6baaef3e131d0a]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26667 b/active/CVE-2024-26667
deleted file mode 100644
index 11a28e55..00000000
--- a/active/CVE-2024-26667
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup
-References:
-Notes:
- carnil> Introduced in ae4d721ce100 ("drm/msm/dpu: add an API to reset the encoder
- carnil> related hw blocks"). Vulnerable versions: 5.19-rc1.
-Bugs:
-upstream: released (6.8-rc4) [7f3d03c48b1eb6bc45ab20ca98b8b11be25f9f52]
-6.7-upstream-stable: released (6.7.5) [eb4f56f3ff5799ca754ae6d811803a63fe25a4a2]
-6.6-upstream-stable: released (6.6.17) [79592a6e7bdc1d05460c95f891f5e5263a107af8]
-6.1-upstream-stable: released (6.1.78) [fb8bfc6ea3cd8c5ac3d35711d064e2f6646aec17]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26676 b/active/CVE-2024-26676
deleted file mode 100644
index bcc8189f..00000000
--- a/active/CVE-2024-26676
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC.
-References:
-Notes:
- carnil> Introduced in 2aab4b969002 ("af_unix: fix struct pid leaks in OOB support").
- carnil> Vulnerable versions: 5.15.103 6.1.20 6.2.7 6.3-rc2.
-Bugs:
-upstream: released (6.8-rc4) [1279f9d9dec2d7462823a18c29ad61359e0a007d]
-6.7-upstream-stable: released (6.7.5) [82ae47c5c3a6b27fdc0f9e83c1499cb439c56140]
-6.6-upstream-stable: released (6.6.17) [b74aa9ce13d02b7fd37c5325b99854f91b9b4276]
-6.1-upstream-stable: released (6.1.78) [e0e09186d8821ad59806115d347ea32efa43ca4b]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26681 b/active/CVE-2024-26681
deleted file mode 100644
index bbf31fb1..00000000
--- a/active/CVE-2024-26681
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: netdevsim: avoid potential loop in nsim_dev_trap_report_work()
-References:
-Notes:
- carnil> Introduced in 012ec02ae441 ("netdevsim: convert driver to use unlocked devlink
- carnil> API during init/fini"). Vulnerable versions: 6.0-rc1.
-Bugs:
-upstream: released (6.8-rc4) [ba5e1272142d051dcc57ca1d3225ad8a089f9858]
-6.7-upstream-stable: released (6.7.5) [d91964cdada76740811b7c621239f9c407820dbc]
-6.6-upstream-stable: released (6.6.17) [6eecddd9c3c8d6e3a097531cdc6d500335b35e46]
-6.1-upstream-stable: released (6.1.78) [0193e0660cc6689c794794b471492923cfd7bfbc]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26710 b/active/CVE-2024-26710
deleted file mode 100644
index f02276f0..00000000
--- a/active/CVE-2024-26710
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: powerpc/kasan: Limit KASAN thread size increase to 32KB
-References:
-Notes:
- carnil> Introduced in 18f14afe2816 ("powerpc/64s: Increase default stack size to
- carnil> 32KB"). Vulnerable versions: 6.1.75 6.1.76 6.6.14 6.7.2 6.8-rc1.
-Bugs:
-upstream: released (6.8-rc5) [f1acb109505d983779bbb7e20a1ee6244d2b5736]
-6.7-upstream-stable: released (6.7.6) [b29b16bd836a838b7690f80e37f8376414c74cbe]
-6.6-upstream-stable: released (6.6.18) [4cc31fa07445879a13750cb061bb8c2654975fcb]
-6.1-upstream-stable: released (6.1.79) [4297217bcf1f0948a19c2bacc6b68d92e7778ad9]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26714 b/active/CVE-2024-26714
deleted file mode 100644
index 1eaa9043..00000000
--- a/active/CVE-2024-26714
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive
-References:
-Notes:
- carnil> Introduced in 9c8c6bac1ae8 ("interconnect: qcom: Add SC8180x providers").
- carnil> Vulnerable versions: 5.15-rc1.
-Bugs:
-upstream: released (6.8-rc5) [85e985a4f46e462a37f1875cb74ed380e7c0c2e0]
-6.7-upstream-stable: released (6.7.6) [7a3a70dd08e4b7dffc2f86f2c68fc3812804b9d0]
-6.6-upstream-stable: released (6.6.18) [d8e36ff40cf9dadb135f3a97341c02c9a7afcc43]
-6.1-upstream-stable: released (6.1.79) [6616d3c4f8284a7b3ef978c916566bd240cea1c7]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26717 b/active/CVE-2024-26717
deleted file mode 100644
index 71dc2454..00000000
--- a/active/CVE-2024-26717
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: HID: i2c-hid-of: fix NULL-deref on failed power up
-References:
-Notes:
- carnil> Introduced in b33752c30023 ("HID: i2c-hid: Reorganize so ACPI and OF are
- carnil> separate modules"). Vulnerable versions: 5.12-rc1.
-Bugs:
-upstream: released (6.8-rc3) [00aab7dcb2267f2aef59447602f34501efe1a07f]
-6.7-upstream-stable: released (6.7.6) [e28d6b63aeecbda450935fb58db0e682ea8212d3]
-6.6-upstream-stable: released (6.6.18) [4cad91344a62536a2949873bad6365fbb6232776]
-6.1-upstream-stable: released (6.1.79) [d7d7a0e3b6f5adc45f23667cbb919e99093a5b5c]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26723 b/active/CVE-2024-26723
deleted file mode 100644
index 79168fdb..00000000
--- a/active/CVE-2024-26723
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: lan966x: Fix crash when adding interface under a lag
-References:
-Notes:
- carnil> Introduced in cabc9d49333d ("net: lan966x: Add lag support for lan966x").
- carnil> Vulnerable versions: 6.1-rc1.
-Bugs:
-upstream: released (6.8-rc5) [15faa1f67ab405d47789d4702f587ec7df7ef03e]
-6.7-upstream-stable: released (6.7.6) [2a492f01228b7d091dfe38974ef40dccf8f9f2f1]
-6.6-upstream-stable: released (6.6.18) [48fae67d837488c87379f0c9f27df7391718477c]
-6.1-upstream-stable: released (6.1.79) [b9357489c46c7a43999964628db8b47d3a1f8672]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26731 b/active/CVE-2024-26731
deleted file mode 100644
index 76f8b4da..00000000
--- a/active/CVE-2024-26731
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
-References:
-Notes:
- carnil> Introduced in 6df7f764cd3c ("bpf, sockmap: Wake up polling after data copy").
- carnil> Vulnerable versions: 6.1.32 6.3.6 6.4-rc4.
-Bugs:
-upstream: released (6.8-rc6) [4cd12c6065dfcdeba10f49949bffcf383b3952d8]
-6.7-upstream-stable: released (6.7.7) [d61608a4e394f23e0dca099df9eb8e555453d949]
-6.6-upstream-stable: released (6.6.19) [9b099ed46dcaf1403c531ff02c3d7400fa37fa26]
-6.1-upstream-stable: released (6.1.80) [4588b13abcbd561ec67f5b3c1cb2eff690990a54]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26737 b/active/CVE-2024-26737
deleted file mode 100644
index 9f9eec30..00000000
--- a/active/CVE-2024-26737
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel
-References:
-Notes:
- carnil> Introduced in b00628b1c7d5 ("bpf: Introduce bpf timers."). Vulnerable versions:
- carnil> 5.15-rc1.
-Bugs:
-upstream: released (6.8-rc6) [0281b919e175bb9c3128bd3872ac2903e9436e3f]
-6.7-upstream-stable: released (6.7.7) [7d80a9e745fa5b47da3bca001f186c02485c7c33]
-6.6-upstream-stable: released (6.6.19) [8327ed12e8ebc5436bfaa1786c49988894f9c8a6]
-6.1-upstream-stable: released (6.1.80) [addf5e297e6cbf5341f9c07720693ca9ba0057b5]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26741 b/active/CVE-2024-26741
deleted file mode 100644
index a040989c..00000000
--- a/active/CVE-2024-26741
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().
-References:
-Notes:
- carnil> Introduced in 28044fc1d495 ("net: Add a bhash2 table hashed by port and
- carnil> address"). Vulnerable versions: 6.1-rc1.
-Bugs:
-upstream: released (6.8-rc6) [66b60b0c8c4a163b022a9f0ad6769b0fd3dc662f]
-6.7-upstream-stable: released (6.7.7) [f8c4a6b850882bc47aaa864b720c7a2ee3102f39]
-6.6-upstream-stable: released (6.6.19) [334a8348b2df26526f3298848ad6864285592caf]
-6.1-upstream-stable: released (6.1.80) [729bc77af438a6e67914c97f6f3d3af8f72c0131]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26742 b/active/CVE-2024-26742
deleted file mode 100644
index 31f5a00f..00000000
--- a/active/CVE-2024-26742
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: scsi: smartpqi: Fix disable_managed_interrupts
-References:
-Notes:
- carnil> Introduced in cf15c3e734e8 ("scsi: smartpqi: Add module param to disable
- carnil> managed ints"). Vulnerable versions: 6.0-rc1.
-Bugs:
-upstream: released (6.8-rc6) [5761eb9761d2d5fe8248a9b719efc4d8baf1f24a]
-6.7-upstream-stable: released (6.7.7) [b9433b25cb06c415c9cb24782599649a406c8d6d]
-6.6-upstream-stable: released (6.6.19) [4f5b15c15e6016efb3e14582d02cc4ddf57227df]
-6.1-upstream-stable: released (6.1.80) [3c31b18a8dd8b7bf36af1cd723d455853b8f94fe]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26745 b/active/CVE-2024-26745
deleted file mode 100644
index e5e5bf87..00000000
--- a/active/CVE-2024-26745
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV
-References:
-Notes:
- carnil> Introduced in b1fc44eaa9ba ("pseries/iommu/ddw: Fix kdump to work in absence of
- carnil> ibm,dma-window"). Vulnerable versions: 5.18.18 5.19.2 6.0-rc1.
-Bugs:
-upstream: released (6.8-rc7) [09a3c1e46142199adcee372a420b024b4fc61051]
-6.7-upstream-stable: released (6.7.9) [5da6d306f315344af1ca2eff4bd9b10b130f0c28]
-6.6-upstream-stable: released (6.6.21) [d4d1e4b1513d975961de7bb4f75e450a92d65ebf]
-6.1-upstream-stable: released (6.1.81) [7eb95e0af5c9c2e6fad50356eaf32d216d0e7bc3]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.9-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26750 b/active/CVE-2024-26750
deleted file mode 100644
index 50d0f51c..00000000
--- a/active/CVE-2024-26750
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: af_unix: Drop oob_skb ref before purging queue in GC.
-References:
-Notes:
- carnil> Introduced in 25236c91b5ab ("af_unix: Fix task hung while purging oob_skb in
- carnil> GC."). Vulnerable versions: 5.15.149 6.1.81 6.6.21 6.7.9 6.8-rc5.
-Bugs:
-upstream: released (6.8-rc6) [aa82ac51d63328714645c827775d64dbfd9941f3]
-6.7-upstream-stable: released (6.7.9) [43ba9e331559a30000c862eea313248707afa787]
-6.6-upstream-stable: released (6.6.21) [e9eac260369d0cf57ea53df95427125725507a0d]
-6.1-upstream-stable: released (6.1.81) [c4c795b21dd23d9514ae1c6646c3fb2c78b5be60]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.9-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26760 b/active/CVE-2024-26760
deleted file mode 100644
index 6c1daa4b..00000000
--- a/active/CVE-2024-26760
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: scsi: target: pscsi: Fix bio_put() for error case
-References:
-Notes:
- carnil> Introduced in 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc
- carnil> wrapper"). Vulnerable versions: 5.19-rc1.
-Bugs:
-upstream: released (6.8-rc6) [de959094eb2197636f7c803af0943cb9d3b35804]
-6.7-upstream-stable: released (6.7.7) [1cfe9489fb563e9a0c9cdc5ca68257a44428c2ec]
-6.6-upstream-stable: released (6.6.19) [4ebc079f0c7dcda1270843ab0f38ab4edb8f7921]
-6.1-upstream-stable: released (6.1.80) [f49b20fd0134da84a6bd8108f9e73c077b7d6231]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26761 b/active/CVE-2024-26761
deleted file mode 100644
index f0d3b910..00000000
--- a/active/CVE-2024-26761
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window
-References:
-Notes:
- carnil> Introduced in 34e37b4c432c ("cxl/port: Enable HDM Capability after validating
- carnil> DVSEC Ranges"). Vulnerable versions: 5.19-rc1.
-Bugs:
-upstream: released (6.8-rc6) [0cab687205986491302cd2e440ef1d253031c221]
-6.7-upstream-stable: released (6.7.7) [3a3181a71935774bda2398451256d7441426420b]
-6.6-upstream-stable: released (6.6.19) [2cc1a530ab31c65b52daf3cb5d0883c8b614ea69]
-6.1-upstream-stable: released (6.1.80) [031217128990d7f0ab8c46db1afb3cf1e075fd29]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.7-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26780 b/active/CVE-2024-26780
deleted file mode 100644
index 99d0e798..00000000
--- a/active/CVE-2024-26780
+++ /dev/null
@@ -1,17 +0,0 @@
-Description: af_unix: Fix task hung while purging oob_skb in GC.
-References:
-Notes:
- carnil> Introduced in 1279f9d9dec2 ("af_unix: Call kfree_skb() for dead
- carnil> unix_(sk)->oob_skb in GC."). Vulnerable versions: 5.15.149 6.1.78 6.6.17 6.7.5
- carnil> 6.8-rc4.
-Bugs:
-upstream: released (6.8-rc5) [25236c91b5ab4a26a56ba2e79b8060cf4e047839]
-6.7-upstream-stable: released (6.7.9) [cb8890318dde26fc89c6ea67d6e9070ab50b6e91]
-6.6-upstream-stable: released (6.6.21) [69e0f04460f4037e01e29f0d9675544f62aafca3]
-6.1-upstream-stable: released (6.1.81) [2a3d40b4025fcfe51b04924979f1653993b17669]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.9-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26789 b/active/CVE-2024-26789
deleted file mode 100644
index 12d858d2..00000000
--- a/active/CVE-2024-26789
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: crypto: arm64/neonbs - fix out-of-bounds access on short input
-References:
-Notes:
- carnil> Introduced in fc074e130051 ("crypto: arm64/aes-neonbs-ctr - fallback to plain
- carnil> NEON for final chunk"). Vulnerable versions: 5.18-rc1.
-Bugs:
-upstream: released (6.8-rc7) [1c0cf6d19690141002889d72622b90fc01562ce4]
-6.7-upstream-stable: released (6.7.9) [9e8ecd4908b53941ab6f0f51584ab80c6c6606c4]
-6.6-upstream-stable: released (6.6.21) [1291d278b5574819a7266568ce4c28bce9438705]
-6.1-upstream-stable: released (6.1.81) [034e2d70b5c7f578200ad09955aeb2aa65d1164a]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.9-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26798 b/active/CVE-2024-26798
deleted file mode 100644
index 2802ea73..00000000
--- a/active/CVE-2024-26798
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: fbcon: always restore the old font data in fbcon_do_set_font()
-References:
-Notes:
- carnil> Introduced in a5a923038d70 ("fbdev: fbcon: Properly revert changes when
- carnil> vc_resize() failed"). Vulnerable versions: 5.15.64 5.19.6 6.0-rc3.
-Bugs:
-upstream: released (6.8-rc7) [00d6a284fcf3fad1b7e1b5bc3cd87cbfb60ce03f]
-6.7-upstream-stable: released (6.7.9) [a2c881413dcc5d801bdc9535e51270cc88cb9cd8]
-6.6-upstream-stable: released (6.6.21) [73a6bd68a1342f3a44cac9dffad81ad6a003e520]
-6.1-upstream-stable: released (6.1.81) [2f91a96b892fab2f2543b4a55740c5bee36b1a6b]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.9-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26800 b/active/CVE-2024-26800
deleted file mode 100644
index 03dbd34f..00000000
--- a/active/CVE-2024-26800
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: tls: fix use-after-free on failed backlog decryption
-References:
-Notes:
- carnil> Introduced in 859054147318 ("net: tls: handle backlogging of crypto requests").
- carnil> Vulnerable versions: 6.1.84 6.6.18 6.7.6 6.8-rc5.
-Bugs:
-upstream: released (6.8-rc7) [13114dc5543069f7b97991e3b79937b6da05f5b0]
-6.7-upstream-stable: released (6.7.9) [1ac9fb84bc7ecd4bc6428118301d9d864d2a58d1]
-6.6-upstream-stable: released (6.6.21) [81be85353b0f5a7b660635634b655329b429eefe]
-6.1-upstream-stable: released (6.1.84) [f2b85a4cc763841843de693bbd7308fe9a2c4c89]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.9-1)
-6.1-bookworm-security: released (6.1.85-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26802 b/active/CVE-2024-26802
deleted file mode 100644
index a3b18332..00000000
--- a/active/CVE-2024-26802
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: stmmac: Clear variable when destroying workqueue
-References:
-Notes:
- carnil> Introduced in 5a5586112b929 ("net: stmmac: support FPE link partner
- carnil> hand-shaking procedure"). Vulnerable versions: 5.13-rc1.
-Bugs:
-upstream: released (6.8-rc7) [8af411bbba1f457c33734795f024d0ef26d0963f]
-6.7-upstream-stable: released (6.7.9) [f72cf22dccc94038cbbaa1029cb575bf52e5cbc8]
-6.6-upstream-stable: released (6.6.21) [699b103e48ce32d03fc86c35b37ee8ae4288c7e3]
-6.1-upstream-stable: released (6.1.81) [17ccd9798fe0beda3db212cfa3ebe373f605cbd6]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.9-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26803 b/active/CVE-2024-26803
deleted file mode 100644
index 15a22a54..00000000
--- a/active/CVE-2024-26803
+++ /dev/null
@@ -1,16 +0,0 @@
-Description: net: veth: clear GRO when clearing XDP even when down
-References:
-Notes:
- carnil> Introduced in d3256efd8e8b ("veth: allow enabling NAPI even without XDP").
- carnil> Vulnerable versions: 5.13-rc1.
-Bugs:
-upstream: released (6.8-rc7) [fe9f801355f0b47668419f30f1fac1cf4539e736]
-6.7-upstream-stable: released (6.7.9) [8f7a3894e58e6f5d5815533cfde60e3838947941]
-6.6-upstream-stable: released (6.6.21) [16edf51f33f52dff70ed455bc40a6cc443c04664]
-6.1-upstream-stable: released (6.1.81) [7985d73961bbb4e726c1be7b9cd26becc7be8325]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-sid: released (6.7.9-1)
-6.1-bookworm-security: released (6.1.82-1)
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"

© 2014-2024 Faster IT GmbH | imprint | privacy policy