From baec0c4ea8178ef304664640dbba1ba6a448e2ac Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Mon, 11 Mar 2024 01:04:23 +0100 Subject: Note some issues that don't seem to have security impact for us --- active/CVE-2023-52488 | 1 + active/CVE-2024-26597 | 1 + active/CVE-2024-26624 | 2 ++ 3 files changed, 4 insertions(+) diff --git a/active/CVE-2023-52488 b/active/CVE-2023-52488 index 29ae98e6..2dbfb149 100644 --- a/active/CVE-2023-52488 +++ b/active/CVE-2023-52488 @@ -2,6 +2,7 @@ Description: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions f References: Notes: carnil> Introduced in dfeae619d781 ("serial: sc16is7xx"). Vulnerable versions: 3.16-rc1. + bwh> Driver is not enabled in any suite. Bugs: upstream: released (6.8-rc1) [dbf4ab821804df071c8b566d9813083125e6d97b] 6.7-upstream-stable: released (6.7.3) [aa7cb4787698add9367b19f7afc667662c9bdb23] diff --git a/active/CVE-2024-26597 b/active/CVE-2024-26597 index 5b50f251..388ab1e3 100644 --- a/active/CVE-2024-26597 +++ b/active/CVE-2024-26597 @@ -1,6 +1,7 @@ Description: net: qualcomm: rmnet: fix global oob in rmnet_policy References: Notes: + bwh> Driver is not enabled in any suite. Bugs: upstream: released (6.8-rc1) [b33fb5b801c6db408b774a68e7c8722796b59ecc] 6.7-upstream-stable: released (6.7.2) [17d06a5c44d8fd2e8e61bac295b09153496f87e1] diff --git a/active/CVE-2024-26624 b/active/CVE-2024-26624 index 4bc6a37d..a9b19d48 100644 --- a/active/CVE-2024-26624 +++ b/active/CVE-2024-26624 @@ -3,6 +3,8 @@ References: Notes: carnil> Introduced in 2aac7a2cb0d9 ("unix_diag: Pending connections IDs NLA"). carnil> Vulnerable versions: 3.3-rc1. + bwh> Doesn't seem to be a real security issue - this is only about + bwh> improving lockdep hints to avoid a false positive. Bugs: upstream: released (6.8-rc3) [4d322dce82a1d44f8c83f0f54f95dd1b8dcf46c9] 6.7-upstream-stable: released (6.7.4) [c2d272a9a1e8f22ba584589219f6fe1886a3595f] -- cgit v1.2.3