Retire CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2024-03-01 22:46:46 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-03-01 22:46:46 +0100
commit: cfe5f650c4c0782672d2e5d39dfa399c9f46a610 (patch)
tree: cc92c8fbba4cf1ff1e99686999ff50dfec7e98be /retired/CVE-2021-46959
parent: 47b8f95b2c6a287f933ae7baac7b4c6be0d5951c (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2021-46959 b/retired/CVE-2021-46959
new file mode 100644
index 00000000..4f0dd358
--- /dev/null
+++ b/retired/CVE-2021-46959
@@ -0,0 +1,17 @@
+Description: spi: Fix use-after-free with devm_spi_alloc_*
+References:
+Notes:
+ carnil> Introduced in 5e844cc37a5c ("spi: Introduce device-managed SPI controller
+ carnil> allocation"). Vulnerable versions: 4.4.248 4.9.248 4.14.212 4.19.163 5.4.80
+ carnil> 5.9.11 5.10-rc5.
+Bugs:
+upstream: released (5.13-rc1) [794aaf01444d4e765e2b067cba01cc69c1c68ed9]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [c7fabe372a9031acd00498bc718ce27c253abfd1]
+4.19-upstream-stable: released (4.19.191) [28a5529068c51cdf0295ab1e11a99a3a909a03e4]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2024-03-01 22:46:46 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-03-01 22:46:46 +0100
commit	cfe5f650c4c0782672d2e5d39dfa399c9f46a610 (patch)
tree	cc92c8fbba4cf1ff1e99686999ff50dfec7e98be /retired/CVE-2021-46959
parent	47b8f95b2c6a287f933ae7baac7b4c6be0d5951c (diff)