Add batch of Linux CVEs

There are still manual fixups for the unstable versions and to mark
upper versions as N/A "Fixed before branching point" but at this point
for stable series detection of fixed version in a -security branch
should mostly work (famous last words ...)

23 files changed, 366 insertions, 0 deletions

diff --git a/active/CVE-2021-46914 b/active/CVE-2021-46914
new file mode 100644
index 00000000..1ee17320
--- /dev/null
+++ b/active/CVE-2021-46914
@@ -0,0 +1,16 @@
+Description: ixgbe: fix unbalanced device enable/disable in suspend/resume
+References:
+Notes:
+ carnil> Introduced in 6f82b2558735 ("ixgbe: use generic power management"). Vulnerable
+ carnil> versions: 5.9-rc1.
+Bugs:
+upstream: released (5.12-rc8) [debb9df311582c83fe369baa35fa4b92e8a9c58a]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.32) [be07581aacae7cd0a073afae8e8862032f794309]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46916 b/active/CVE-2021-46916
new file mode 100644
index 00000000..9dc0858a
--- /dev/null
+++ b/active/CVE-2021-46916
@@ -0,0 +1,16 @@
+Description: ixgbe: Fix NULL pointer dereference in ethtool loopback test
+References:
+Notes:
+ carnil> Introduced in b02e5a0ebb17 ("xsk: Propagate napi_id to XDP socket Rx path").
+ carnil> Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.12-rc8) [31166efb1cee348eb6314e9c0095d84cbeb66b9d]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.14.6-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46917 b/active/CVE-2021-46917
new file mode 100644
index 00000000..55b12605
--- /dev/null
+++ b/active/CVE-2021-46917
@@ -0,0 +1,16 @@
+Description: dmaengine: idxd: fix wq cleanup of WQCFG registers
+References:
+Notes:
+ carnil> Introduced in da32b28c95a7 ("dmaengine: idxd: cleanup workqueue config after
+ carnil> disabling"). Vulnerable versions: 5.7.10 5.8-rc6.
+Bugs:
+upstream: released (5.12-rc8) [ea9aadc06a9f10ad20a90edc0a484f1147d88a7a]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.32) [e5eb9757fe4c2392e069246ae78badc573af1833]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46918 b/active/CVE-2021-46918
new file mode 100644
index 00000000..9538121a
--- /dev/null
+++ b/active/CVE-2021-46918
@@ -0,0 +1,16 @@
+Description: dmaengine: idxd: clear MSIX permission entry on shutdown
+References:
+Notes:
+ carnil> Introduced in 8e50d392652f ("dmaengine: idxd: Add shared workqueue support").
+ carnil> Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.12-rc8) [6df0e6c57dfc064af330071f372f11aa8c584997]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.14.6-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46919 b/active/CVE-2021-46919
new file mode 100644
index 00000000..806596d8
--- /dev/null
+++ b/active/CVE-2021-46919
@@ -0,0 +1,16 @@
+Description: dmaengine: idxd: fix wq size store permission state
+References:
+Notes:
+ carnil> Introduced in c52ca478233c ("dmaengine: idxd: add configuration component of
+ carnil> driver"). Vulnerable versions: 5.6-rc1.
+Bugs:
+upstream: released (5.12-rc8) [0fff71c5a311e1264988179f7dcc217fda15fadd]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.32) [4ecf25595273203010bc8318c4aee60ad64037ae]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46920 b/active/CVE-2021-46920
new file mode 100644
index 00000000..dff494e2
--- /dev/null
+++ b/active/CVE-2021-46920
@@ -0,0 +1,16 @@
+Description: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
+References:
+Notes:
+ carnil> Introduced in bfe1d56091c1 ("dmaengine: idxd: Init and probe for Intel data
+ carnil> accelerators"). Vulnerable versions: 5.6-rc1.
+Bugs:
+upstream: released (5.12-rc8) [ea941ac294d75d0ace50797aebf0056f6f8f7a7f]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.32) [a5ad12d5d69c63af289a37f05187a0c6fe93553d]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46921 b/active/CVE-2021-46921
new file mode 100644
index 00000000..39c58e99
--- /dev/null
+++ b/active/CVE-2021-46921
@@ -0,0 +1,16 @@
+Description: locking/qrwlock: Fix ordering in queued_write_lock_slowpath()
+References:
+Notes:
+ carnil> Introduced in b519b56e378ee ("locking/qrwlock: Use atomic_cond_read_acquire()
+ carnil> when spinning in qrwlock"). Vulnerable versions: 4.15-rc1.
+Bugs:
+upstream: released (5.12) [84a24bf8c52e66b7ac89ada5e3cfbe72d65c1896]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.33) [82fa9ced35d88581cffa4a1c856fc41fca96d80a]
+4.19-upstream-stable: released (4.19.189) [5902f9453a313be8fe78cbd7e7ca9dba9319fc6e]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/active/CVE-2021-46922 b/active/CVE-2021-46922
new file mode 100644
index 00000000..37adeff0
--- /dev/null
+++ b/active/CVE-2021-46922
@@ -0,0 +1,16 @@
+Description: KEYS: trusted: Fix TPM reservation for seal/unseal
+References:
+Notes:
+ carnil> Introduced in 8c657a0590de ("KEYS: trusted: Reserve TPM for seal and unseal
+ carnil> operations"). Vulnerable versions: 5.10.20 5.11.3 5.12-rc1.
+Bugs:
+upstream: released (5.12) [9d5171eab462a63e2fbebfccf6026e92be018f20]
+6.7-upstream-stable: N/A "Fixed before brnaching point"
+6.6-upstream-stable: N/A "Fixed before brnaching point"
+6.1-upstream-stable: N/A "Fixed before brnaching point"
+5.10-upstream-stable: released (5.10.33) [bf84ef2dd2ccdcd8f2658476d34b51455f970ce4]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before brnaching point"
+5.10-bullseye-security: N/A "Fixed before brnaching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46923 b/active/CVE-2021-46923
new file mode 100644
index 00000000..7d80cd80
--- /dev/null
+++ b/active/CVE-2021-46923
@@ -0,0 +1,16 @@
+Description: fs/mount_setattr: always cleanup mount_kattr
+References:
+Notes:
+ carnil> Introduced in 9caccd41541a ("fs: introduce MOUNT_ATTR_IDMAP"). Vulnerable
+ carnil> versions: 5.12-rc1.
+Bugs:
+upstream: released (5.16-rc8) [012e332286e2bb9f6ac77d195f17e74b2963d663]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46924 b/active/CVE-2021-46924
new file mode 100644
index 00000000..43fcf15b
--- /dev/null
+++ b/active/CVE-2021-46924
@@ -0,0 +1,16 @@
+Description: NFC: st21nfca: Fix memory leak in device probe and remove
+References:
+Notes:
+ carnil> Introduced in 68957303f44a ("NFC: ST21NFCA: Add driver for STMicroelectronics
+ carnil> ST21NFCA NFC Chip"). Vulnerable versions: 3.16-rc1.
+Bugs:
+upstream: released (5.16-rc8) [1b9dadba502234eea7244879b8d5d126bfaf9f0c]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [e553265ea56482da5700f56319fda9ff53e7dcb4]
+4.19-upstream-stable: released (4.19.224) [a1e0080a35a16ce3808f7040fe0c3a8fdb052349]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-46925 b/active/CVE-2021-46925
new file mode 100644
index 00000000..3a564841
--- /dev/null
+++ b/active/CVE-2021-46925
@@ -0,0 +1,16 @@
+Description: net/smc: fix kernel panic caused by race of smc_sock
+References:
+Notes:
+ carnil> Introduced in 5f08318f617b ("smc: connection data control (CDC)"). Vulnerable
+ carnil> versions: 4.11-rc1.
+Bugs:
+upstream: released (5.16-rc8) [349d43127dac00c15231e8ffbcaabd70f7b0e544]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [e8a5988a85c719ce7205cb00dcf0716dcf611332]
+4.19-upstream-stable: needed
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: needed
diff --git a/active/CVE-2021-46926 b/active/CVE-2021-46926
new file mode 100644
index 00000000..faf9d98e
--- /dev/null
+++ b/active/CVE-2021-46926
@@ -0,0 +1,15 @@
+Description: ALSA: hda: intel-sdw-acpi: harden detection of controller
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (5.16-rc7) [385f287f9853da402d94278e59f594501c1d1dad]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2021-46927 b/active/CVE-2021-46927
new file mode 100644
index 00000000..978bf177
--- /dev/null
+++ b/active/CVE-2021-46927
@@ -0,0 +1,16 @@
+Description: nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assert
+References:
+Notes:
+ carnil> Introduced in 5b78ed24e8ec ("mm/pagemap: add mmap_assert_locked() annotations
+ carnil> to find_vma*()"). Vulnerable versions: 5.15-rc1.
+Bugs:
+upstream: released (5.16-rc8) [3a0152b219523227c2a62a0a122cf99608287176]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46928 b/active/CVE-2021-46928
new file mode 100644
index 00000000..bcac7223
--- /dev/null
+++ b/active/CVE-2021-46928
@@ -0,0 +1,15 @@
+Description: parisc: Clear stale IIR value on instruction access rights trap
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (5.16-rc7) [484730e5862f6b872dca13840bed40fd7c60fa26]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [d01e9ce1af6116f812491d3d3873d204f10ae0b8]
+4.19-upstream-stable: needed
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: needed
diff --git a/active/CVE-2021-46929 b/active/CVE-2021-46929
new file mode 100644
index 00000000..a7ca45de
--- /dev/null
+++ b/active/CVE-2021-46929
@@ -0,0 +1,16 @@
+Description: sctp: use call_rcu to free endpoint
+References:
+Notes:
+ carnil> Introduced in d25adbeb0cdb ("sctp: fix an use-after-free issue in
+ carnil> sctp_sock_dump"). Vulnerable versions: 4.14-rc1.
+Bugs:
+upstream: released (5.16-rc8) [5ec7d18d1813a5bead0b495045606c93873aecbb]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [769d14abd35e0e153b5149c3e1e989a9d719e3ff]
+4.19-upstream-stable: released (4.19.224) [af6e6e58f7ebf86b4e7201694b1e4f3a62cbc3ec]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-46930 b/active/CVE-2021-46930
new file mode 100644
index 00000000..dd7540f9
--- /dev/null
+++ b/active/CVE-2021-46930
@@ -0,0 +1,16 @@
+Description: usb: mtu3: fix list_head check warning
+References:
+Notes:
+ carnil> Introduced in 83374e035b62 ("usb: mtu3: add tracepoints to help debug").
+ carnil> Vulnerable versions: 5.2-rc1.
+Bugs:
+upstream: released (5.16-rc8) [8c313e3bfd9adae8d5c4ba1cc696dcbc86fbf9bf]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [3b6efe0b7ba03cc2acf0694b46d6ff33c5b4c295]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46931 b/active/CVE-2021-46931
new file mode 100644
index 00000000..3aed1e9a
--- /dev/null
+++ b/active/CVE-2021-46931
@@ -0,0 +1,16 @@
+Description: net/mlx5e: Wrap the tx reporter dump callback to extract the sq
+References:
+Notes:
+ carnil> Introduced in 5f29458b77d5 ("net/mlx5e: Support dump callback in TX reporter").
+ carnil> Vulnerable versions: 5.7-rc1.
+Bugs:
+upstream: released (5.16-rc8) [918fc3855a6507a200e9cf22c20be852c0982687]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [73665165b64a8f3c5b3534009a69be55bb744f05]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2021-46932 b/active/CVE-2021-46932
new file mode 100644
index 00000000..102701cf
--- /dev/null
+++ b/active/CVE-2021-46932
@@ -0,0 +1,16 @@
+Description: Input: appletouch - initialize work before device registration
+References:
+Notes:
+ carnil> Introduced in 5a6eb676d3bc ("Input: appletouch - improve powersaving for
+ carnil> Geyser3 devices"). Vulnerable versions: 2.6.23-rc1.
+Bugs:
+upstream: released (5.16-rc8) [9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [9f329d0d6c91142cf0ad08d23c72dd195db2633c]
+4.19-upstream-stable: released (4.19.224) [a02e1404e27855089d2b0a0acc4652c2ce65fe46]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-46933 b/active/CVE-2021-46933
new file mode 100644
index 00000000..c76401b0
--- /dev/null
+++ b/active/CVE-2021-46933
@@ -0,0 +1,16 @@
+Description: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
+References:
+Notes:
+ carnil> Introduced in 5e33f6fdf735 ("usb: gadget: ffs: add eventfd notification about
+ carnil> ffs events"). Vulnerable versions: 4.0-rc1.
+Bugs:
+upstream: released (5.16-rc8) [b1e0887379422975f237d43d8839b751a6bcf154]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [1c4ace3e6b8575745c50dca9e76e0021e697d645]
+4.19-upstream-stable: released (4.19.224) [33f6a0cbb7772146e1c11f38028fffbfed14728b]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-46934 b/active/CVE-2021-46934
new file mode 100644
index 00000000..1a736ef4
--- /dev/null
+++ b/active/CVE-2021-46934
@@ -0,0 +1,16 @@
+Description: i2c: validate user data in compat ioctl
+References:
+Notes:
+ carnil> Introduced in 7d5cb45655f2 ("i2c compat ioctls: move to ->compat_ioctl()").
+ carnil> Vulnerable versions: 4.15-rc1.
+Bugs:
+upstream: released (5.16-rc8) [bb436283e25aaf1533ce061605d23a9564447bdf]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [8d31cbab4c295d7010ebb729e9d02d0e9cece18f]
+4.19-upstream-stable: released (4.19.224) [407c8708fb1bf2d4afc5337ef50635cf540c364b]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-46935 b/active/CVE-2021-46935
new file mode 100644
index 00000000..c60a4fb1
--- /dev/null
+++ b/active/CVE-2021-46935
@@ -0,0 +1,16 @@
+Description: binder: fix async_free_space accounting for empty parcels
+References:
+Notes:
+ carnil> Introduced in 74310e06be4d ("android: binder: Move buffer out of area shared
+ carnil> with user space"). Vulnerable versions: 4.14-rc1.
+Bugs:
+upstream: released (5.16-rc8) [cfd0d84ba28c18b531648c9d4a35ecca89ad9901]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [1cb8444f3114f0bb2f6e3bcadcf09aa4a28425d4]
+4.19-upstream-stable: released (4.19.224) [7c7064402609aeb6fb11be1b4ec10673ff17b593]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-46936 b/active/CVE-2021-46936
new file mode 100644
index 00000000..072ee178
--- /dev/null
+++ b/active/CVE-2021-46936
@@ -0,0 +1,16 @@
+Description: net: fix use-after-free in tw_timer_handler
+References:
+Notes:
+ carnil> Introduced in 61a7e26028b9 ("mib: put net statistics on struct net").
+ carnil> Vulnerable versions: 2.6.27-rc1.
+Bugs:
+upstream: released (5.16-rc8) [e22e45fc9e41bf9fcc1e92cfb78eb92786728ef0]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.90) [2386e81a1d277f540e1285565c9d41d531bb69d4]
+4.19-upstream-stable: released (4.19.224) [a8e1944b44f94f5c5f530e434c5eaee787254566]
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: released (5.10.92-1)
+4.19-buster-security: released (4.19.232-1)
diff --git a/active/CVE-2021-46937 b/active/CVE-2021-46937
new file mode 100644
index 00000000..627e0921
--- /dev/null
+++ b/active/CVE-2021-46937
@@ -0,0 +1,16 @@
+Description: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()'
+References:
+Notes:
+ carnil> Introduced in 4bc05954d007 ("mm/damon: implement a debugfs-based user space
+ carnil> interface"). Vulnerable versions: 5.15-rc1.
+Bugs:
+upstream: released (5.16-rc8) [ebb3f994dd92f8fb4d70c7541091216c1e10cb71]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"