Fill in status for several issues

author: Ben Hutchings <ben@decadent.org.uk> 2022-06-21 00:09:15 +0200
committer: Ben Hutchings <ben@decadent.org.uk> 2022-06-21 00:12:37 +0200
commit: fd8cdb05b848fa4628f42bce87a3719993030764 (patch)
tree: 509a1d364730ff44469255ce800f2bc4dd2b41fb /active/CVE-2022-1789
parent: 62e8c058e38f5ff4d5d5165af4d91f22b8f2dbbe (diff)
1 files changed, 8 insertions, 4 deletions
diff --git a/active/CVE-2022-1789 b/active/CVE-2022-1789
index 97bb5db0..7378b6e8 100644
--- a/active/CVE-2022-1789
+++ b/active/CVE-2022-1789
@@ -3,12 +3,16 @@ References:
  https://www.openwall.com/lists/oss-security/2022/05/25/2
 Notes:
  carnil> Fixed in 5.17.12 for 5.17.y.
+ bwh> This appears to have been introduced in 5.8 by commit 5efac0741ce2
+ bwh> "KVM: x86: introduce kvm_mmu_invalidate_gva", as before that
+ bwh> the invlpg function pointer would not be set to NULL when paging
+ bwh> was disabled.
 Bugs:
 upstream: released (5.18) [9f46c187e2e680ecd9de7983e4d081c3391acc76]
 5.10-upstream-stable: released (5.10.119) [9b4aa0d80b18b9d19e62dd47d22e274ce92cdc95]
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: N/A "Vulnerability introduced later"
+4.9-upstream-stable: N/A "Vulnerability introduced later"
 sid: released (5.17.11-1) [bugfix/x86/KVM-x86-mmu-fix-NULL-pointer-dereference-on-guest-IN.patch]
 5.10-bullseye-security: released (5.10.120-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: N/A "Vulnerability introduced later"
+4.9-stretch-security: N/A "Vulnerability introduced later"
author	Ben Hutchings <ben@decadent.org.uk>	2022-06-21 00:09:15 +0200
committer	Ben Hutchings <ben@decadent.org.uk>	2022-06-21 00:12:37 +0200
commit	fd8cdb05b848fa4628f42bce87a3719993030764 (patch)
tree	509a1d364730ff44469255ce800f2bc4dd2b41fb /active/CVE-2022-1789
parent	62e8c058e38f5ff4d5d5165af4d91f22b8f2dbbe (diff)