diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-06-11 20:51:09 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-06-11 20:51:09 +0200 |
commit | f2984dd978f8a09be2e2c8f70fee545e71ac88a1 (patch) | |
tree | d3364a13290989cb701ef5803ea1b90e23026708 /active | |
parent | a7f17f55757c2ad023ed89cb2663eab2996bd9de (diff) |
Retire some CVEs
Diffstat (limited to 'active')
-rw-r--r-- | active/CVE-2019-19319 | 25 | ||||
-rw-r--r-- | active/CVE-2020-10732 | 26 | ||||
-rw-r--r-- | active/CVE-2020-10751 | 14 | ||||
-rw-r--r-- | active/CVE-2020-12464 | 14 | ||||
-rw-r--r-- | active/CVE-2020-12652 | 12 | ||||
-rw-r--r-- | active/CVE-2020-12653 | 12 | ||||
-rw-r--r-- | active/CVE-2020-12654 | 12 | ||||
-rw-r--r-- | active/CVE-2020-12770 | 13 | ||||
-rw-r--r-- | active/CVE-2020-13143 | 13 |
9 files changed, 0 insertions, 141 deletions
diff --git a/active/CVE-2019-19319 b/active/CVE-2019-19319 deleted file mode 100644 index beb274a0e..000000000 --- a/active/CVE-2019-19319 +++ /dev/null @@ -1,25 +0,0 @@ -Description: ext4: crafted image causes heap OOB write in ext4_xattr_set_entry -References: - https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19319 -Notes: - carnil> Introduced in dec214d00e0d ("ext4: xattr inode deduplication") - carnil> in 4.13-rc1? Cf. - carnil> https://bugzilla.suse.com/show_bug.cgi?id=1158021#c2 - bwh> SUSE has backported the fix as far as 3.12. It turns out that - bwh> they backported *part* of commit dec214d00e0d to fix CVE-2018-1094 - bwh> which I thought didn't affect older branches. See - bwh> <https://github.com/openSUSE/kernel-source/blob/SLE12-SP4/patches.suse/ext4-make-metadata-csum-checks-safer.patch> - bwh> and - bwh> <https://github.com/openSUSE/kernel-source/blob/SLE12-SP4/patches.suse/ext4-protect-journal-inode-s-blocks-using-block_vali.patch>. - bwh> So we should probably apply both of these to 3.16 and 4.9. - bwh> Note the follow-up fixes: commits fbbbbd2f28aec, 170417c8c7bb, - bwh> 0a944e8a6c66, af133ade9a40. -Bugs: -upstream: released (5.2-rc1) [345c0dbf3a30872d9b204db96b5857cd00808cae] -4.19-upstream-stable: released (4.19.73) [2fd4629de51974002f4e9cf1a35a1926dd6c9d99] -4.9-upstream-stable: released (4.9.221) [a9855260fe8d8680bf8c4f0d8303b696c861e99b] -3.16-upstream-stable: released (3.16.85) [51890201da4d654f6ca131bc45a0e892bb10de1d] -sid: released (5.2.6-1) -4.19-buster-security: released (4.19.87-1) -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/ext4-protect-journal-inode-s-blocks-using-block_vali.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/all/ext4-protect-journal-inode-s-blocks-using-block_vali.patch] diff --git a/active/CVE-2020-10732 b/active/CVE-2020-10732 deleted file mode 100644 index 0d197b09a..000000000 --- a/active/CVE-2020-10732 +++ /dev/null @@ -1,26 +0,0 @@ -Description: uninitialized kernel data leak in userspace coredumps -References: - https://www.openwall.com/lists/oss-security/2020/05/06/1 - https://github.com/ruscur/linux/commit/a95cdec9fa0c08e6eeb410d461c03af8fd1fef0a - https://lore.kernel.org/lkml/20200419100848.63472-1-glider@google.com/ - https://github.com/google/kmsan/issues/76 - https://twitter.com/grsecurity/status/1252558055629299712 - https://bugzilla.redhat.com/show_bug.cgi?id=1831399 -Notes: - carnil> Proposed fix has been accepted in linux-next tree, as per - carnil> https://bugzilla.redhat.com/show_bug.cgi?id=1831399#c15 - bwh> The leak appears to have been introduced for x86 in 4.8 by - bwh> commit 91c3dba7dbc1 "x86/fpu/xstate: Fix PTRACE frames for - bwh> XSAVES". A comparison of register sections in core dump - bwh> under different Debian kernels agrees with that, as does - bwh> @grsecurity (further down the thread). Some other - bwh> architectures are affected though. -Bugs: -upstream: released (5.7) [1d605416fb7175e1adf094251466caa52093b413] -4.19-upstream-stable: released (4.19.126) [61ce1733b30fdcf45e31308bc7795b6dc7f2ffba] -4.9-upstream-stable: released (4.9.226) [d228bc4b19e0b1c35f3eb404acbf1d607c01e64c] -3.16-upstream-stable: released (3.16.85) [d03daec2e50aa2a0b6de2c3572af5e1d61f9d132] -sid: released (5.6.14-2) [bugfix/all/fs-binfmt_elf.c-allocate-initialized-memory-in-fill_.patch] -4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/fs-binfmt_elf.c-allocate-initialized-memory-in-fill_.patch] -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/fs-binfmt_elf.c-allocate-initialized-memory-in-fill_.patch] -3.16-jessie-security: ignored "Does not affect supported architectures" diff --git a/active/CVE-2020-10751 b/active/CVE-2020-10751 deleted file mode 100644 index 1d70536e8..000000000 --- a/active/CVE-2020-10751 +++ /dev/null @@ -1,14 +0,0 @@ -Description: selinux: properly handle multiple messages in selinux_netlink_send() -References: - https://bugzilla.redhat.com/show_bug.cgi?id=1839634 - https://www.openwall.com/lists/oss-security/2020/04/30/5 -Notes: -Bugs: -upstream: released (5.7-rc4) [fb73974172ffaaf57a7c42f35424d9aece1a5af6] -4.19-upstream-stable: released (4.19.121) [23075857ad192731fd9edcce3b5cd5db93602c26] -4.9-upstream-stable: released (4.9.222) [6affa87d168d91af6c8f303dc1fc7a7f59869818] -3.16-upstream-stable: released (3.16.85) [9592b90cdc99f58e0674e64037c422ea7e9aa367] -sid: released (5.6.14-1) -4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/selinux-properly-handle-multiple-messages-in-selinux.patch] -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/selinux-properly-handle-multiple-messages-in-selinux.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/all/selinux-properly-handle-multiple-messages-in-selinux.patch] diff --git a/active/CVE-2020-12464 b/active/CVE-2020-12464 deleted file mode 100644 index 9895d20a6..000000000 --- a/active/CVE-2020-12464 +++ /dev/null @@ -1,14 +0,0 @@ -Description: USB: core: Fix free-while-in-use bug in the USB S-Glibrary -References: - https://lkml.org/lkml/2020/3/23/52 - https://patchwork.kernel.org/patch/11463781/ -Notes: -Bugs: -upstream: released (5.7-rc3) [056ad39ee9253873522f6469c3364964a322912b] -4.19-upstream-stable: released (4.19.119) [45ea77b75a604da875186519fea94997175c38e3] -4.9-upstream-stable: released (4.9.221) [ab20e851e49e75a9e653463853995076899a4e48] -3.16-upstream-stable: released (3.16.85) [575f200adca1fe48df15063b1a5673a9b5f713bd] -sid: released (5.6.14-1) -4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/usb-core-fix-free-while-in-use-bug-in-the-usb-s-glib.patch] -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/usb-core-fix-free-while-in-use-bug-in-the-usb-s-glib.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/all/usb-core-fix-free-while-in-use-bug-in-the-usb-s-glib.patch] diff --git a/active/CVE-2020-12652 b/active/CVE-2020-12652 deleted file mode 100644 index bad8f9f05..000000000 --- a/active/CVE-2020-12652 +++ /dev/null @@ -1,12 +0,0 @@ -Description: scsi: mptfusion: Fix double fetch bug in ioctl -References: -Notes: -Bugs: -upstream: released (5.5-rc7) [28d76df18f0ad5bcf5fa48510b225f0ed262a99b] -4.19-upstream-stable: released (4.19.98) [3dae5041c65545ac65d610375b4ac30b00f174a3] -4.9-upstream-stable: released (4.9.211) [ddfa91a194d054fb765b919e593183794d6637d6] -3.16-upstream-stable: released (3.16.85) [a226f907bd999713e9349bc35aa133cf519a864e] -sid: released (5.4.19-1) -4.19-buster-security: released (4.19.98-1) -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/scsi-mptfusion-fix-double-fetch-bug-in-ioctl.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/all/scsi-mptfusion-fix-double-fetch-bug-in-ioctl.patch] diff --git a/active/CVE-2020-12653 b/active/CVE-2020-12653 deleted file mode 100644 index c2eab77a7..000000000 --- a/active/CVE-2020-12653 +++ /dev/null @@ -1,12 +0,0 @@ -Description: mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() -References: -Notes: -Bugs: -upstream: released (5.6-rc1) [b70261a288ea4d2f4ac7cd04be08a9f0f2de4f4d] -4.19-upstream-stable: released (4.19.104) [48247f7e14911a4d18e9c774ba3a1d368f5d8a6f] -4.9-upstream-stable: released (4.9.214) [7a4d6a45f2fad3ddc07f98cf85790344ea72cd69] -3.16-upstream-stable: released (3.16.85) [f0c210c885dbc5000d3c3e27723beedda5988cee] -sid: released (5.5.13-1) -4.19-buster-security: released (4.19.118-1) -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/mwifiex-fix-possible-buffer-overflows-in-mwifiex_cmd.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/all/mwifiex-fix-possible-buffer-overflows-in-mwifiex_cmd.patch] diff --git a/active/CVE-2020-12654 b/active/CVE-2020-12654 deleted file mode 100644 index cfc88e3a6..000000000 --- a/active/CVE-2020-12654 +++ /dev/null @@ -1,12 +0,0 @@ -Description: mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() -References: -Notes: -Bugs: -upstream: released (5.6-rc1) [3a9b153c5591548612c3955c9600a98150c81875] -4.19-upstream-stable: released (4.19.104) [fab5ca79960b7fbda4e9a79a4754c749fdea2bd0] -4.9-upstream-stable: released (4.9.214) [0a996849d8042833860fd7c9ff3dcd24e61fd416] -3.16-upstream-stable: released (3.16.85) [60a613dc22ee9932c3ba67eadb08de357e36f01f] -sid: released (5.5.13-1) -4.19-buster-security: released (4.19.118-1) -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/mwifiex-fix-possible-buffer-overflows-in-mwifiex_ret.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/all/mwifiex-fix-possible-buffer-overflows-in-mwifiex_ret.patch] diff --git a/active/CVE-2020-12770 b/active/CVE-2020-12770 deleted file mode 100644 index 3a1801fe1..000000000 --- a/active/CVE-2020-12770 +++ /dev/null @@ -1,13 +0,0 @@ -Description: scsi: sg: add sg_remove_request in sg_write -References: - https://lkml.org/lkml/2020/4/13/870 -Notes: -Bugs: -upstream: released (5.7-rc3) [83c6f2390040f188cc25b270b4befeb5628c1aee] -4.19-upstream-stable: released (4.19.124) [34fcb4291e234468f9bf9d4b851c9f522f3bbb13] -4.9-upstream-stable: released (4.9.224) [6950c2775e02e4be51b06901306ee641e8e5b3df] -3.16-upstream-stable: released (3.16.85) [f5eb337df20a24a9f9c7f96181ace9d61b590def] -sid: released (5.6.14-1) -4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/scsi-sg-add-sg_remove_request-in-sg_write.patch] -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/scsi-sg-add-sg_remove_request-in-sg_write.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/all/sg/0027-scsi-sg-add-sg_remove_request-in-sg_write.patch] diff --git a/active/CVE-2020-13143 b/active/CVE-2020-13143 deleted file mode 100644 index 64110f509..000000000 --- a/active/CVE-2020-13143 +++ /dev/null @@ -1,13 +0,0 @@ -Description: USB: gadget: fix illegal array access in binding with UDC -References: - https://www.spinics.net/lists/linux-usb/msg194331.html -Notes: -Bugs: -upstream: released (5.7-rc6) [15753588bcd4bbffae1cca33c8ced5722477fe1f] -4.19-upstream-stable: released (4.19.124) [a105bb549252e3e8bd9db0bdd81cdd6a853e4238] -4.9-upstream-stable: released (4.9.224) [2056c78ee8abacaf71c89c999483183203e8441d] -3.16-upstream-stable: released (3.16.85) [d126cf46f829d146dde3e6a8963e095ac6cfcd1c] -sid: released (5.6.14-1) -4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/usb-gadget-fix-illegal-array-access-in-binding-with-.patch] -4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/usb-gadget-fix-illegal-array-access-in-binding-with-.patch] -3.16-jessie-security: released (3.16.84-1) [bugfix/all/usb-gadget-fix-illegal-array-access-in-binding-with-.patch] |