Add more CVEs as assigned

15 files changed, 244 insertions, 0 deletions

diff --git a/active/CVE-2021-47054 b/active/CVE-2021-47054
new file mode 100644
index 00000000..1cd055ab
--- /dev/null
+++ b/active/CVE-2021-47054
@@ -0,0 +1,16 @@
+Description: bus: qcom: Put child node before return
+References:
+Notes:
+ carnil> Introduced in 335a12754808 ("bus: qcom: add EBI2 driver"). Vulnerable versions:
+ carnil> 4.9-rc1.
+Bugs:
+upstream: released (5.13-rc1) [ac6ad7c2a862d682bb584a4bc904d89fa7721af8]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [00f6abd3509b1d70d0ab0fbe65ce5685cebed8be]
+4.19-upstream-stable: released (4.19.191) [a399dd80e697a02cfb23e2fc09b87849994043d9]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/active/CVE-2021-47055 b/active/CVE-2021-47055
new file mode 100644
index 00000000..0a618193
--- /dev/null
+++ b/active/CVE-2021-47055
@@ -0,0 +1,17 @@
+Description: mtd: require write permissions for locking and badblock ioctls
+References:
+Notes:
+ carnil> Introduced in f7e6b19bc764 ("mtd: properly check all write ioctls for
+ carnil> permissions"). Vulnerable versions: 4.4.233 4.9.233 4.14.194 4.19.139 5.4.58
+ carnil> 5.7.15 5.8.1 5.9-rc1.
+Bugs:
+upstream: released (5.13-rc1) [1e97743fd180981bef5f01402342bb54bf1c6366]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [7b6552719c0ccbbea29dde4be141da54fdb5877e]
+4.19-upstream-stable: released (4.19.191) [75ed985bd6c8ac1d4e673e93ea9d96c9908c1d37]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/active/CVE-2021-47056 b/active/CVE-2021-47056
new file mode 100644
index 00000000..4997c4e8
--- /dev/null
+++ b/active/CVE-2021-47056
@@ -0,0 +1,16 @@
+Description: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
+References:
+Notes:
+ carnil> Introduced in 25c6ffb249f6 ("crypto: qat - check if PF is running"). Vulnerable
+ carnil> versions: 4.7-rc1.
+Bugs:
+upstream: released (5.13-rc1) [8609f5cfdc872fc3a462efa6a3eca5cb1e2f6446]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [1f50392650ae794a1aea41c213c6a3e1c824413c]
+4.19-upstream-stable: released (4.19.191) [09d16cee6285d37cc76311c29add6d97a7e4acda]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/active/CVE-2021-47057 b/active/CVE-2021-47057
new file mode 100644
index 00000000..38e12f22
--- /dev/null
+++ b/active/CVE-2021-47057
@@ -0,0 +1,16 @@
+Description: crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map
+References:
+Notes:
+ carnil> Introduced in ac2614d721de ("crypto: sun8i-ss - Add support for the PRNG").
+ carnil> Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [98b5ef3e97b16eaeeedb936f8bda3594ff84a70e]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [617ec35ed51f731a593ae7274228ef2cfc9cb781]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47058 b/active/CVE-2021-47058
new file mode 100644
index 00000000..6d41a6f3
--- /dev/null
+++ b/active/CVE-2021-47058
@@ -0,0 +1,16 @@
+Description: regmap: set debugfs_name to NULL after it is freed
+References:
+Notes:
+ carnil> Introduced in cffa4b2122f5 ("regmap: debugfs: Fix a memory leak when calling
+ carnil> regmap_attach_dev"). Vulnerable versions: 4.19.168 5.4.90 5.10.8 5.11-rc3.
+Bugs:
+upstream: released (5.13-rc1) [e41a962f82e7afb5b1ee644f48ad0b3aee656268]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [eb949f891226c012138ffd9df90d1e509f428ae6]
+4.19-upstream-stable: released (4.19.191) [2dc1554d5f0fdaf47cc5bea442b84b9226fea867]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/active/CVE-2021-47059 b/active/CVE-2021-47059
new file mode 100644
index 00000000..ddb3ebd2
--- /dev/null
+++ b/active/CVE-2021-47059
@@ -0,0 +1,16 @@
+Description: crypto: sun8i-ss - fix result memory leak on error path
+References:
+Notes:
+ carnil> Introduced in d9b45418a917 ("crypto: sun8i-ss - support hash algorithms").
+ carnil> Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [1dbc6a1e25be8575d6c4114d1d2b841a796507f7]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [1f12aaf07f61122cf5074d29714ee26f8d44b0e7]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47060 b/active/CVE-2021-47060
new file mode 100644
index 00000000..0b96471d
--- /dev/null
+++ b/active/CVE-2021-47060
@@ -0,0 +1,17 @@
+Description: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed
+References:
+Notes:
+ carnil> Introduced in f65886606c2d ("KVM: fix memory leak in
+ carnil> kvm_io_bus_unregister_dev()"). Vulnerable versions: 4.4.238 4.9.238 4.14.200
+ carnil> 4.19.148 5.4.66 5.8.10 5.9-rc5.
+Bugs:
+upstream: released (5.13-rc1) [5d3c4c79384af06e3c8e25b7770b6247496b4417]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [2a20592baff59c5351c5200ec667e1a2aa22af85]
+4.19-upstream-stable: needed
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: needed
diff --git a/active/CVE-2021-47061 b/active/CVE-2021-47061
new file mode 100644
index 00000000..4a466282
--- /dev/null
+++ b/active/CVE-2021-47061
@@ -0,0 +1,17 @@
+Description: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU
+References:
+Notes:
+ carnil> Introduced in f65886606c2d ("KVM: fix memory leak in
+ carnil> kvm_io_bus_unregister_dev()"). Vulnerable versions: 4.4.238 4.9.238 4.14.200
+ carnil> 4.19.148 5.4.66 5.8.10 5.9-rc5.
+Bugs:
+upstream: released (5.13-rc1) [2ee3757424be7c1cd1d0bbfa6db29a7edd82a250]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [03c6cccedd3913006744faa252a4da5145299343]
+4.19-upstream-stable: needed
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: needed
diff --git a/active/CVE-2021-47062 b/active/CVE-2021-47062
new file mode 100644
index 00000000..981662cf
--- /dev/null
+++ b/active/CVE-2021-47062
@@ -0,0 +1,16 @@
+Description: KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs
+References:
+Notes:
+ carnil> Introduced in ad73109ae7ec ("KVM: SVM: Provide support to launch and run an
+ carnil> SEV-ES guest"). Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.13-rc1) [c36b16d29f3af5f32fc1b2a3401bf48f71cabee1]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47063 b/active/CVE-2021-47063
new file mode 100644
index 00000000..278033b5
--- /dev/null
+++ b/active/CVE-2021-47063
@@ -0,0 +1,16 @@
+Description: drm: bridge/panel: Cleanup connector on bridge detach
+References:
+Notes:
+ carnil> Introduced in 13dfc0540a57 ("drm/bridge: Refactor out the panel wrapper from
+ carnil> the lvds-encoder bridge."). Vulnerable versions: 4.13-rc1.
+Bugs:
+upstream: released (5.13-rc1) [4d906839d321c2efbf3fed4bc31ffd9ff55b75c0]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [ce450934a00cf896e648fde08d0bd1426653d7a2]
+4.19-upstream-stable: needed
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: needed
diff --git a/active/CVE-2021-47064 b/active/CVE-2021-47064
new file mode 100644
index 00000000..81c601af
--- /dev/null
+++ b/active/CVE-2021-47064
@@ -0,0 +1,16 @@
+Description: mt76: fix potential DMA mapping leak
+References:
+Notes:
+ carnil> Introduced in 27d5c528a7ca ("mt76: fix double DMA unmap of the first buffer on
+ carnil> 7615/7915"). Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [b4403cee6400c5f679e9c4a82b91d61aa961eccf]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [9fa26701cd1fc4d932d431971efc5746325bdfce]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47065 b/active/CVE-2021-47065
new file mode 100644
index 00000000..561d95c0
--- /dev/null
+++ b/active/CVE-2021-47065
@@ -0,0 +1,16 @@
+Description: rtw88: Fix array overrun in rtw_get_tx_power_params()
+References:
+Notes:
+ carnil> Introduced in fa6dfe6bff24 ("rtw88: resolve order of tx power setting
+ carnil> routines"). Vulnerable versions: 5.3-rc1.
+Bugs:
+upstream: released (5.13-rc1) [2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [95fb153c6027924cda3422120169d1890737f3a0]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47066 b/active/CVE-2021-47066
new file mode 100644
index 00000000..f9518492
--- /dev/null
+++ b/active/CVE-2021-47066
@@ -0,0 +1,16 @@
+Description: async_xor: increase src_offs when dropping destination page
+References:
+Notes:
+ carnil> Introduced in 29bcff787a25 ("md/raid5: add new xor function to support
+ carnil> different page offset"). Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [ceaf2966ab082bbc4d26516f97b3ca8a676e2af8]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [cab2e8e5997b592fdb7d02cf2387b4b8e3057174]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47067 b/active/CVE-2021-47067
new file mode 100644
index 00000000..724bceae
--- /dev/null
+++ b/active/CVE-2021-47067
@@ -0,0 +1,16 @@
+Description: soc/tegra: regulators: Fix locking up when voltage-spread is out of range
+References:
+Notes:
+ carnil> Introduced in 783807436f36 ("soc/tegra: regulators: Add regulators coupler for
+ carnil> Tegra30"). Vulnerable versions: 5.5-rc1.
+Bugs:
+upstream: released (5.13-rc1) [ef85bb582c41524e9e68dfdbde48e519dac4ab3d]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [a1ad124c836816fac8bd5e461d36eaf33cee4e24]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-47068 b/active/CVE-2021-47068
new file mode 100644
index 00000000..efc01dc2
--- /dev/null
+++ b/active/CVE-2021-47068
@@ -0,0 +1,17 @@
+Description: net/nfc: fix use-after-free llcp_sock_bind/connect
+References:
+Notes:
+ carnil> Introduced in c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()").
+ carnil> Vulnerable versions: 4.4.267 4.9.267 4.14.231 4.19.187 5.4.112 5.10.30 5.11.14
+ carnil> 5.12-rc7.
+Bugs:
+upstream: released (5.13-rc1) [c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.37) [6b7021ed36dabf29e56842e3408781cd3b82ef6e]
+4.19-upstream-stable: released (4.19.191) [48fba458fe54cc2a980a05c13e6c19b8b2cfb610]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)