Retire CVE-2023-28410

1 files changed, 23 insertions, 0 deletions

diff --git a/retired/CVE-2023-28410 b/retired/CVE-2023-28410
new file mode 100644
index 00000000..2d90a2fc
--- /dev/null
+++ b/retired/CVE-2023-28410
@@ -0,0 +1,23 @@
+Description: INTEL-SA-00886
+References:
+ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00886.html
+ https://bugzilla.suse.com/show_bug.cgi?id=1211263#c1
+ http://blog.pi3.com.pl/?p=931
+ http://site.pi3.com.pl/adv/CVE-2023-28410_i915.txt
+Notes:
+ carnil> While it is said to be fixed with 6.2.10 upstream, there are no
+ carnil> i915 changes between 6.2.9 and 6.2.10 which seem to match
+ carnil> either the issue or the reporter.
+ carnil> Claimed that the actual fix is 661412e301e2 ("drm/i915/gem: add
+ carnil> missing boundary check in vm_access") which would imply that
+ carnil> the fix is already present in 5.19-rc1 and backported to
+ carnil> 5.17.2, 5.16.19, 5.15.33 and 5.10.110. This does not match the
+ carnil> 6.2.10 information.
+Bugs:
+upstream: released (5.19-rc1) [661412e301e2ca86799aa4f400d1cf0bd38c57c6]
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.110) [89ddcc81914ab58cc203acc844f27d55ada8ec0e]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.17.3-1)
+5.10-bullseye-security: released (5.10.113-1)
+4.19-buster-security: N/A "Vulnerable code not present"