diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2024-02-28 08:32:28 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-02-28 08:32:28 +0100 |
| commit | 92a439ba71e3f2ef61ec5ab1e2beb0e421dd35de (patch) | |
| tree | 97b383d5f5e0dab19f80e2785f5cc0c679e0071f | |
| parent | b548dd7921f0546d3b690664603154a033db4619 (diff) | |
Add batch of CVEs
| -rw-r--r-- | active/CVE-2021-46956 | 16 | ||||
| -rw-r--r-- | active/CVE-2021-46957 | 16 | ||||
| -rw-r--r-- | active/CVE-2021-46958 | 16 | ||||
| -rw-r--r-- | active/CVE-2021-46969 | 16 | ||||
| -rw-r--r-- | active/CVE-2021-46972 | 16 | ||||
| -rw-r--r-- | active/CVE-2021-46973 | 16 |
6 files changed, 96 insertions, 0 deletions
diff --git a/active/CVE-2021-46956 b/active/CVE-2021-46956 new file mode 100644 index 00000000..02cd88f7 --- /dev/null +++ b/active/CVE-2021-46956 @@ -0,0 +1,16 @@ +Description: virtiofs: fix memory leak in virtio_fs_probe() +References: +Notes: + carnil> Introduced in a62a8ef9d97d ("virtio-fs: add virtiofs filesystem"). Vulnerable + carnil> versions: 5.4-rc1. +Bugs: +upstream: released (5.13-rc1) [c79c5e0178922a9e092ec8fed026750f39dcaef4] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.36) [d19555ff225d0896a33246a49279e6d578095f15] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-46957 b/active/CVE-2021-46957 new file mode 100644 index 00000000..468ff7b4 --- /dev/null +++ b/active/CVE-2021-46957 @@ -0,0 +1,16 @@ +Description: riscv/kprobe: fix kernel panic when invoking sys_read traced by kprobe +References: +Notes: + carnil> Introduced in c22b0bcb1dd02 ("riscv: Add kprobes supported"). Vulnerable + carnil> versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [b1ebaa0e1318494a7637099a26add50509e37964] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-46958 b/active/CVE-2021-46958 new file mode 100644 index 00000000..4cec7d4c --- /dev/null +++ b/active/CVE-2021-46958 @@ -0,0 +1,16 @@ +Description: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free +References: +Notes: + carnil> Introduced in ef67963dac255b ("btrfs: drop logs when we've aborted a + carnil> transaction"). Vulnerable versions: 5.7-rc4. +Bugs: +upstream: released (5.13-rc1) [061dde8245356d8864d29e25207aa4daa0be4d3c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.36) [a4794be7b00b7eda4b45fffd283ab7d76df7e5d6] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-46969 b/active/CVE-2021-46969 new file mode 100644 index 00000000..ee580941 --- /dev/null +++ b/active/CVE-2021-46969 @@ -0,0 +1,16 @@ +Description: bus: mhi: core: Fix invalid error returning in mhi_queue +References: +Notes: + carnil> Introduced in a8f75cb348fd ("mhi: core: Factorize mhi queuing"). Vulnerable + carnil> versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [0ecc1c70dcd32c0f081b173a1a5d89952686f271] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-46972 b/active/CVE-2021-46972 new file mode 100644 index 00000000..47288dbe --- /dev/null +++ b/active/CVE-2021-46972 @@ -0,0 +1,16 @@ +Description: ovl: fix leaked dentry +References: +Notes: + carnil> Introduced in 6815f479ca90 ("ovl: use only uppermetacopy state in + carnil> ovl_lookup()"). Vulnerable versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc1) [eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.35) [71d58457a8afc650da5d3292a7f7029317654d95] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-46973 b/active/CVE-2021-46973 new file mode 100644 index 00000000..fadde52a --- /dev/null +++ b/active/CVE-2021-46973 @@ -0,0 +1,16 @@ +Description: net: qrtr: Avoid potential use after free in MHI send +References: +Notes: + carnil> Introduced in 6e728f321393 ("net: qrtr: Add MHI transport layer"). Vulnerable + carnil> versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc1) [47a017f33943278570c072bc71681809b2567b3a] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.35) [48ec949ac979b4b42d740f67b6177797af834f80] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" |