diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-03-01 00:03:08 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-03-01 00:03:08 +0100 |
commit | 5e57bc76df7c8e611b3ccf59a6bfd75efcc59194 (patch) | |
tree | c63137b0aa63c0219edd2858fab77f271b70d288 | |
parent | aa24ddf69ffa705f108631622f09ace0d7495fa5 (diff) |
Add more CVEs as assigned
-rw-r--r-- | active/CVE-2021-47054 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47055 | 17 | ||||
-rw-r--r-- | active/CVE-2021-47056 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47057 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47058 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47059 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47060 | 17 | ||||
-rw-r--r-- | active/CVE-2021-47061 | 17 | ||||
-rw-r--r-- | active/CVE-2021-47062 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47063 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47064 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47065 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47066 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47067 | 16 | ||||
-rw-r--r-- | active/CVE-2021-47068 | 17 |
15 files changed, 244 insertions, 0 deletions
diff --git a/active/CVE-2021-47054 b/active/CVE-2021-47054 new file mode 100644 index 00000000..1cd055ab --- /dev/null +++ b/active/CVE-2021-47054 @@ -0,0 +1,16 @@ +Description: bus: qcom: Put child node before return +References: +Notes: + carnil> Introduced in 335a12754808 ("bus: qcom: add EBI2 driver"). Vulnerable versions: + carnil> 4.9-rc1. +Bugs: +upstream: released (5.13-rc1) [ac6ad7c2a862d682bb584a4bc904d89fa7721af8] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [00f6abd3509b1d70d0ab0fbe65ce5685cebed8be] +4.19-upstream-stable: released (4.19.191) [a399dd80e697a02cfb23e2fc09b87849994043d9] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/active/CVE-2021-47055 b/active/CVE-2021-47055 new file mode 100644 index 00000000..0a618193 --- /dev/null +++ b/active/CVE-2021-47055 @@ -0,0 +1,17 @@ +Description: mtd: require write permissions for locking and badblock ioctls +References: +Notes: + carnil> Introduced in f7e6b19bc764 ("mtd: properly check all write ioctls for + carnil> permissions"). Vulnerable versions: 4.4.233 4.9.233 4.14.194 4.19.139 5.4.58 + carnil> 5.7.15 5.8.1 5.9-rc1. +Bugs: +upstream: released (5.13-rc1) [1e97743fd180981bef5f01402342bb54bf1c6366] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [7b6552719c0ccbbea29dde4be141da54fdb5877e] +4.19-upstream-stable: released (4.19.191) [75ed985bd6c8ac1d4e673e93ea9d96c9908c1d37] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/active/CVE-2021-47056 b/active/CVE-2021-47056 new file mode 100644 index 00000000..4997c4e8 --- /dev/null +++ b/active/CVE-2021-47056 @@ -0,0 +1,16 @@ +Description: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init +References: +Notes: + carnil> Introduced in 25c6ffb249f6 ("crypto: qat - check if PF is running"). Vulnerable + carnil> versions: 4.7-rc1. +Bugs: +upstream: released (5.13-rc1) [8609f5cfdc872fc3a462efa6a3eca5cb1e2f6446] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [1f50392650ae794a1aea41c213c6a3e1c824413c] +4.19-upstream-stable: released (4.19.191) [09d16cee6285d37cc76311c29add6d97a7e4acda] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/active/CVE-2021-47057 b/active/CVE-2021-47057 new file mode 100644 index 00000000..38e12f22 --- /dev/null +++ b/active/CVE-2021-47057 @@ -0,0 +1,16 @@ +Description: crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map +References: +Notes: + carnil> Introduced in ac2614d721de ("crypto: sun8i-ss - Add support for the PRNG"). + carnil> Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [98b5ef3e97b16eaeeedb936f8bda3594ff84a70e] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [617ec35ed51f731a593ae7274228ef2cfc9cb781] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47058 b/active/CVE-2021-47058 new file mode 100644 index 00000000..6d41a6f3 --- /dev/null +++ b/active/CVE-2021-47058 @@ -0,0 +1,16 @@ +Description: regmap: set debugfs_name to NULL after it is freed +References: +Notes: + carnil> Introduced in cffa4b2122f5 ("regmap: debugfs: Fix a memory leak when calling + carnil> regmap_attach_dev"). Vulnerable versions: 4.19.168 5.4.90 5.10.8 5.11-rc3. +Bugs: +upstream: released (5.13-rc1) [e41a962f82e7afb5b1ee644f48ad0b3aee656268] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [eb949f891226c012138ffd9df90d1e509f428ae6] +4.19-upstream-stable: released (4.19.191) [2dc1554d5f0fdaf47cc5bea442b84b9226fea867] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/active/CVE-2021-47059 b/active/CVE-2021-47059 new file mode 100644 index 00000000..ddb3ebd2 --- /dev/null +++ b/active/CVE-2021-47059 @@ -0,0 +1,16 @@ +Description: crypto: sun8i-ss - fix result memory leak on error path +References: +Notes: + carnil> Introduced in d9b45418a917 ("crypto: sun8i-ss - support hash algorithms"). + carnil> Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [1dbc6a1e25be8575d6c4114d1d2b841a796507f7] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [1f12aaf07f61122cf5074d29714ee26f8d44b0e7] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47060 b/active/CVE-2021-47060 new file mode 100644 index 00000000..0b96471d --- /dev/null +++ b/active/CVE-2021-47060 @@ -0,0 +1,17 @@ +Description: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed +References: +Notes: + carnil> Introduced in f65886606c2d ("KVM: fix memory leak in + carnil> kvm_io_bus_unregister_dev()"). Vulnerable versions: 4.4.238 4.9.238 4.14.200 + carnil> 4.19.148 5.4.66 5.8.10 5.9-rc5. +Bugs: +upstream: released (5.13-rc1) [5d3c4c79384af06e3c8e25b7770b6247496b4417] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [2a20592baff59c5351c5200ec667e1a2aa22af85] +4.19-upstream-stable: needed +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: needed diff --git a/active/CVE-2021-47061 b/active/CVE-2021-47061 new file mode 100644 index 00000000..4a466282 --- /dev/null +++ b/active/CVE-2021-47061 @@ -0,0 +1,17 @@ +Description: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU +References: +Notes: + carnil> Introduced in f65886606c2d ("KVM: fix memory leak in + carnil> kvm_io_bus_unregister_dev()"). Vulnerable versions: 4.4.238 4.9.238 4.14.200 + carnil> 4.19.148 5.4.66 5.8.10 5.9-rc5. +Bugs: +upstream: released (5.13-rc1) [2ee3757424be7c1cd1d0bbfa6db29a7edd82a250] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [03c6cccedd3913006744faa252a4da5145299343] +4.19-upstream-stable: needed +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: needed diff --git a/active/CVE-2021-47062 b/active/CVE-2021-47062 new file mode 100644 index 00000000..981662cf --- /dev/null +++ b/active/CVE-2021-47062 @@ -0,0 +1,16 @@ +Description: KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs +References: +Notes: + carnil> Introduced in ad73109ae7ec ("KVM: SVM: Provide support to launch and run an + carnil> SEV-ES guest"). Vulnerable versions: 5.11-rc1. +Bugs: +upstream: released (5.13-rc1) [c36b16d29f3af5f32fc1b2a3401bf48f71cabee1] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47063 b/active/CVE-2021-47063 new file mode 100644 index 00000000..278033b5 --- /dev/null +++ b/active/CVE-2021-47063 @@ -0,0 +1,16 @@ +Description: drm: bridge/panel: Cleanup connector on bridge detach +References: +Notes: + carnil> Introduced in 13dfc0540a57 ("drm/bridge: Refactor out the panel wrapper from + carnil> the lvds-encoder bridge."). Vulnerable versions: 4.13-rc1. +Bugs: +upstream: released (5.13-rc1) [4d906839d321c2efbf3fed4bc31ffd9ff55b75c0] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [ce450934a00cf896e648fde08d0bd1426653d7a2] +4.19-upstream-stable: needed +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: needed diff --git a/active/CVE-2021-47064 b/active/CVE-2021-47064 new file mode 100644 index 00000000..81c601af --- /dev/null +++ b/active/CVE-2021-47064 @@ -0,0 +1,16 @@ +Description: mt76: fix potential DMA mapping leak +References: +Notes: + carnil> Introduced in 27d5c528a7ca ("mt76: fix double DMA unmap of the first buffer on + carnil> 7615/7915"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [b4403cee6400c5f679e9c4a82b91d61aa961eccf] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [9fa26701cd1fc4d932d431971efc5746325bdfce] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47065 b/active/CVE-2021-47065 new file mode 100644 index 00000000..561d95c0 --- /dev/null +++ b/active/CVE-2021-47065 @@ -0,0 +1,16 @@ +Description: rtw88: Fix array overrun in rtw_get_tx_power_params() +References: +Notes: + carnil> Introduced in fa6dfe6bff24 ("rtw88: resolve order of tx power setting + carnil> routines"). Vulnerable versions: 5.3-rc1. +Bugs: +upstream: released (5.13-rc1) [2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [95fb153c6027924cda3422120169d1890737f3a0] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47066 b/active/CVE-2021-47066 new file mode 100644 index 00000000..f9518492 --- /dev/null +++ b/active/CVE-2021-47066 @@ -0,0 +1,16 @@ +Description: async_xor: increase src_offs when dropping destination page +References: +Notes: + carnil> Introduced in 29bcff787a25 ("md/raid5: add new xor function to support + carnil> different page offset"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [ceaf2966ab082bbc4d26516f97b3ca8a676e2af8] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [cab2e8e5997b592fdb7d02cf2387b4b8e3057174] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47067 b/active/CVE-2021-47067 new file mode 100644 index 00000000..724bceae --- /dev/null +++ b/active/CVE-2021-47067 @@ -0,0 +1,16 @@ +Description: soc/tegra: regulators: Fix locking up when voltage-spread is out of range +References: +Notes: + carnil> Introduced in 783807436f36 ("soc/tegra: regulators: Add regulators coupler for + carnil> Tegra30"). Vulnerable versions: 5.5-rc1. +Bugs: +upstream: released (5.13-rc1) [ef85bb582c41524e9e68dfdbde48e519dac4ab3d] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [a1ad124c836816fac8bd5e461d36eaf33cee4e24] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-47068 b/active/CVE-2021-47068 new file mode 100644 index 00000000..efc01dc2 --- /dev/null +++ b/active/CVE-2021-47068 @@ -0,0 +1,17 @@ +Description: net/nfc: fix use-after-free llcp_sock_bind/connect +References: +Notes: + carnil> Introduced in c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()"). + carnil> Vulnerable versions: 4.4.267 4.9.267 4.14.231 4.19.187 5.4.112 5.10.30 5.11.14 + carnil> 5.12-rc7. +Bugs: +upstream: released (5.13-rc1) [c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [6b7021ed36dabf29e56842e3408781cd3b82ef6e] +4.19-upstream-stable: released (4.19.191) [48fba458fe54cc2a980a05c13e6c19b8b2cfb610] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) |