diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2022-02-25 03:01:20 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2022-02-25 03:01:20 +0100 |
commit | 48a9a9513a23b164588f78f42c492b1d05b462d2 (patch) | |
tree | 5a8d9581beb8035904ea135a82faa0e245cae9ea /retired | |
parent | 322eaf84fa0d24cdfa4acc99ff4a8d5635ab0654 (diff) |
Retire inactive issues
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2020-26556 | 17 | ||||
-rw-r--r-- | retired/CVE-2020-26557 | 16 | ||||
-rw-r--r-- | retired/CVE-2020-26559 | 16 | ||||
-rw-r--r-- | retired/CVE-2020-26560 | 16 | ||||
-rw-r--r-- | retired/CVE-2021-4148 | 19 | ||||
-rw-r--r-- | retired/CVE-2021-4150 | 17 | ||||
-rw-r--r-- | retired/CVE-2021-4218 | 17 | ||||
-rw-r--r-- | retired/CVE-2022-0382 | 15 | ||||
-rw-r--r-- | retired/CVE-2022-0480 | 15 | ||||
-rw-r--r-- | retired/CVE-2022-0646 | 15 | ||||
-rw-r--r-- | retired/CVE-2022-25265 | 16 |
11 files changed, 179 insertions, 0 deletions
diff --git a/retired/CVE-2020-26556 b/retired/CVE-2020-26556 new file mode 100644 index 000000000..60be7fc6f --- /dev/null +++ b/retired/CVE-2020-26556 @@ -0,0 +1,17 @@ +Description: malleable commitment Bluetooth Mesh Provisioning +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/malleable/ + https://bugzilla.redhat.com/show_bug.cgi?id=1960012 +Notes: + bwh> Mesh provisioning seems to be handled in user-space. + bwh> This was addressed in bluez 5.50-1.1. +Bugs: +upstream: N/A "Not implemented in kernel" +5.10-upstream-stable: N/A "Not implemented in kernel" +4.19-upstream-stable: N/A "Not implemented in kernel" +4.9-upstream-stable: N/A "Not implemented in kernel" +sid: N/A "Not implemented in kernel" +5.10-bullseye-security: N/A "Not implemented in kernel" +4.19-buster-security: N/A "Not implemented in kernel" +4.9-stretch-security: N/A "Not implemented in kernel" diff --git a/retired/CVE-2020-26557 b/retired/CVE-2020-26557 new file mode 100644 index 000000000..4a86b8c4f --- /dev/null +++ b/retired/CVE-2020-26557 @@ -0,0 +1,16 @@ +Description: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/predicatable-authvalue/ + https://bugzilla.redhat.com/show_bug.cgi?id=1960009 +Notes: + bwh> Mesh provisioning seems to be handled in user-space. +Bugs: +upstream: N/A "Not implemented in kernel" +5.10-upstream-stable: N/A "Not implemented in kernel" +4.19-upstream-stable: N/A "Not implemented in kernel" +4.9-upstream-stable: N/A "Not implemented in kernel" +sid: N/A "Not implemented in kernel" +5.10-bullseye-security: N/A "Not implemented in kernel" +4.19-buster-security: N/A "Not implemented in kernel" +4.9-stretch-security: N/A "Not implemented in kernel" diff --git a/retired/CVE-2020-26559 b/retired/CVE-2020-26559 new file mode 100644 index 000000000..3112e2b1a --- /dev/null +++ b/retired/CVE-2020-26559 @@ -0,0 +1,16 @@ +Description: Authvalue leak in Bluetooth Mesh Provisioning +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/ + https://bugzilla.redhat.com/show_bug.cgi?id=1960011 +Notes: + bwh> Mesh provisioning seems to be handled in user-space. +Bugs: +upstream: N/A "Not implemented in kernel" +5.10-upstream-stable: N/A "Not implemented in kernel" +4.19-upstream-stable: N/A "Not implemented in kernel" +4.9-upstream-stable: N/A "Not implemented in kernel" +sid: N/A "Not implemented in kernel" +5.10-bullseye-security: N/A "Not implemented in kernel" +4.19-buster-security: N/A "Not implemented in kernel" +4.9-stretch-security: N/A "Not implemented in kernel" diff --git a/retired/CVE-2020-26560 b/retired/CVE-2020-26560 new file mode 100644 index 000000000..be0abd403 --- /dev/null +++ b/retired/CVE-2020-26560 @@ -0,0 +1,16 @@ +Description: impersonation attack in Bluetooth Mesh Provisioning +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/impersonation-mesh/ + https://bugzilla.redhat.com/show_bug.cgi?id=1959994 +Notes: + bwh> Mesh provisioning seems to be handled in user-space. +Bugs: +upstream: N/A "Not implemented in kernel" +5.10-upstream-stable: N/A "Not implemented in kernel" +4.19-upstream-stable: N/A "Not implemented in kernel" +4.9-upstream-stable: N/A "Not implemented in kernel" +sid: N/A "Not implemented in kernel" +5.10-bullseye-security: N/A "Not implemented in kernel" +4.19-buster-security: N/A "Not implemented in kernel" +4.9-stretch-security: N/A "Not implemented in kernel" diff --git a/retired/CVE-2021-4148 b/retired/CVE-2021-4148 new file mode 100644 index 000000000..90eddbb5e --- /dev/null +++ b/retired/CVE-2021-4148 @@ -0,0 +1,19 @@ +Description: mm: Opening THP-backed special file for write causes crash in block_invalidatepage() +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2026487 + https://lkml.org/lkml/2021/9/17/1037 + https://lkml.org/lkml/2021/9/12/323 + https://lore.kernel.org/linux-mm/a07564a3-b2fc-9ffe-3ace-3f276075ea5c@google.com/ + https://lore.kernel.org/lkml/CACkBjsYwLYLRmX8GpsDpMthagWOjWWrNxqY6ZLNQVr6yx+f5vA@mail.gmail.com/ +Notes: + bwh> Introduced in 5.4 by commit 99cb0dbd47a1 "mm,thp: add read-only THP + bwh> support for (non-shmem) FS". +Bugs: +upstream: released (5.15) [a4aeaa06d45e90f9b279f0b09de84bd00006e733] +5.10-upstream-stable: released (5.10.78) [6d67b2a73b8e3a079c355bab3c1aef7d85a044b8] +4.19-upstream-stable: N/A "Vulnerable code not present" +4.9-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.14.16-1) +5.10-bullseye-security: released (5.10.84-1) +4.19-buster-security: N/A "Vulnerable code not present" +4.9-stretch-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-4150 b/retired/CVE-2021-4150 new file mode 100644 index 000000000..588d6073c --- /dev/null +++ b/retired/CVE-2021-4150 @@ -0,0 +1,17 @@ +Description: Block subsystem mishandles reference counts +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2025938 + https://lkml.org/lkml/2021/9/6/781 + https://lkml.org/lkml/2021/10/18/485 +Notes: + bwh> Introduced in 5.15-rc1 by commit 9d3b8813895d "block: change the + bwh> refcounting for partitions", so never appeared in a stable release. +Bugs: +upstream: released (5.15-rc7) [9fbfabfda25d8774c5a08634fdd2da000a924890] +5.10-upstream-stable: N/A "Vulnerability introduced later" +4.19-upstream-stable: N/A "Vulnerability introduced later" +4.9-upstream-stable: N/A "Vulnerability introduced later" +sid: N/A "Vulnerability introduced and fixed in experimental" +5.10-bullseye-security: N/A "Vulnerability introduced later" +4.19-buster-security: N/A "Vulnerability introduced later" +4.9-stretch-security: N/A "Vulnerability introduced later" diff --git a/retired/CVE-2021-4218 b/retired/CVE-2021-4218 new file mode 100644 index 000000000..12445f6a7 --- /dev/null +++ b/retired/CVE-2021-4218 @@ -0,0 +1,17 @@ +Description: xprtrdma: Wrong copy function used in sysctl handler +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2048359 + https://bugs.centos.org/view.php?id=18395 +Notes: + bwh> This issue is specific to CentOS/RHEL. In mainline, + bwh> xprtrdma always used copy_to_user() until the general + bwh> conversion of sysctls to use a kernel buffer. +Bugs: +upstream: N/A "Vulnerability never present" +5.10-upstream-stable: N/A "Vulnerability never present" +4.19-upstream-stable: N/A "Vulnerability never present" +4.9-upstream-stable: N/A "Vulnerability never present" +sid: N/A "Vulnerability never present" +5.10-bullseye-security: N/A "Vulnerability never present" +4.19-buster-security: N/A "Vulnerability never present" +4.9-stretch-security: N/A "Vulnerability never present" diff --git a/retired/CVE-2022-0382 b/retired/CVE-2022-0382 new file mode 100644 index 000000000..102b3dc4e --- /dev/null +++ b/retired/CVE-2022-0382 @@ -0,0 +1,15 @@ +Description: net ticp:fix a kernel-infoleak in __tipc_sendmsg() +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2046440 +Notes: + bwh> Introduced in 5.13-rc1 by commit 908148bc5046 + bwh> "tipc: refactor tipc_sendmsg() and tipc_lookup_anycast()". +Bugs: +upstream: released (5.16) [d6d86830705f173fca6087a3e67ceaf68db80523] +5.10-upstream-stable: N/A "Vulnerability introduced later" +4.19-upstream-stable: N/A "Vulnerability introduced later" +4.9-upstream-stable: N/A "Vulnerability introduced later" +sid: released (5.15.15-1) +5.10-bullseye-security: N/A "Vulnerability introduced later" +4.19-buster-security: N/A "Vulnerability introduced later" +4.9-stretch-security: N/A "Vulnerability introduced later" diff --git a/retired/CVE-2022-0480 b/retired/CVE-2022-0480 new file mode 100644 index 000000000..1a5cebfb9 --- /dev/null +++ b/retired/CVE-2022-0480 @@ -0,0 +1,15 @@ +Description: memcg: enable accounting for file lock caches +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2049700 + https://github.com/kata-containers/kata-containers/issues/3373 + https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm@linux-foundation.org/ +Notes: +Bugs: +upstream: released (5.15-rc1) [0f12156dff2862ac54235fc72703f18770769042] +5.10-upstream-stable: ignored "Minor issue" +4.19-upstream-stable: ignored "Minor issue" +4.9-upstream-stable: ignored "Minor issue" +sid: released (5.15.3-1) +5.10-bullseye-security: ignored "Minor issue" +4.19-buster-security: ignored "Minor issue" +4.9-stretch-security: ignored "Minor issue" diff --git a/retired/CVE-2022-0646 b/retired/CVE-2022-0646 new file mode 100644 index 000000000..fa793b068 --- /dev/null +++ b/retired/CVE-2022-0646 @@ -0,0 +1,15 @@ +Description: mctp: serial: Cancel pending work from ndo_uninit handler +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2055206 + https://lore.kernel.org/all/20220211011552.1861886-1-jk@codeconstruct.com.au/T/ +Notes: + bwh> This driver was only added in 5.17-rc1! +Bugs: +upstream: released (5.17-rc5) [6c342ce2239c182c2428ce5a44cb32330434ae6e] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +4.9-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" +4.9-stretch-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2022-25265 b/retired/CVE-2022-25265 new file mode 100644 index 000000000..8e6b64d27 --- /dev/null +++ b/retired/CVE-2022-25265 @@ -0,0 +1,16 @@ +Description: x86: Old ELF binaries run with executable stack and data segment +References: + https://github.com/x0reaxeax/exec-prot-bypass + https://github.com/torvalds/linux/blob/1c33bb0507508af24fd754dd7123bd8e997fab2f/arch/x86/include/asm/elf.h#L281-L294 +Notes: + bwh> This is necessary backward compatibility and can be disabled + bwh> through an LSM if wanted. +Bugs: +upstream: ignored "Not a security flaw" +5.10-upstream-stable: ignored "Not a security flaw" +4.19-upstream-stable: ignored "Not a security flaw" +4.9-upstream-stable: ignored "Not a security flaw" +sid: ignored "Not a security flaw" +5.10-bullseye-security: ignored "Not a security flaw" +4.19-buster-security: ignored "Not a security flaw" +4.9-stretch-security: ignored "Not a security flaw" |