Retire inactive issues

11 files changed, 179 insertions, 0 deletions

diff --git a/retired/CVE-2020-26556 b/retired/CVE-2020-26556
new file mode 100644
index 000000000..60be7fc6f
--- /dev/null
+++ b/retired/CVE-2020-26556
@@ -0,0 +1,17 @@
+Description: malleable commitment Bluetooth Mesh Provisioning
+References:
+ https://kb.cert.org/vuls/id/799380
+ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/malleable/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1960012
+Notes:
+ bwh> Mesh provisioning seems to be handled in user-space.
+ bwh> This was addressed in bluez 5.50-1.1.
+Bugs:
+upstream: N/A "Not implemented in kernel"
+5.10-upstream-stable: N/A "Not implemented in kernel"
+4.19-upstream-stable: N/A "Not implemented in kernel"
+4.9-upstream-stable: N/A "Not implemented in kernel"
+sid: N/A "Not implemented in kernel"
+5.10-bullseye-security: N/A "Not implemented in kernel"
+4.19-buster-security: N/A "Not implemented in kernel"
+4.9-stretch-security: N/A "Not implemented in kernel"
diff --git a/retired/CVE-2020-26557 b/retired/CVE-2020-26557
new file mode 100644
index 000000000..4a86b8c4f
--- /dev/null
+++ b/retired/CVE-2020-26557
@@ -0,0 +1,16 @@
+Description: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM
+References:
+ https://kb.cert.org/vuls/id/799380
+ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/predicatable-authvalue/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1960009
+Notes:
+ bwh> Mesh provisioning seems to be handled in user-space.
+Bugs:
+upstream: N/A "Not implemented in kernel"
+5.10-upstream-stable: N/A "Not implemented in kernel"
+4.19-upstream-stable: N/A "Not implemented in kernel"
+4.9-upstream-stable: N/A "Not implemented in kernel"
+sid: N/A "Not implemented in kernel"
+5.10-bullseye-security: N/A "Not implemented in kernel"
+4.19-buster-security: N/A "Not implemented in kernel"
+4.9-stretch-security: N/A "Not implemented in kernel"
diff --git a/retired/CVE-2020-26559 b/retired/CVE-2020-26559
new file mode 100644
index 000000000..3112e2b1a
--- /dev/null
+++ b/retired/CVE-2020-26559
@@ -0,0 +1,16 @@
+Description: Authvalue leak in Bluetooth Mesh Provisioning
+References:
+ https://kb.cert.org/vuls/id/799380
+ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1960011
+Notes:
+ bwh> Mesh provisioning seems to be handled in user-space.
+Bugs:
+upstream: N/A "Not implemented in kernel"
+5.10-upstream-stable: N/A "Not implemented in kernel"
+4.19-upstream-stable: N/A "Not implemented in kernel"
+4.9-upstream-stable: N/A "Not implemented in kernel"
+sid: N/A "Not implemented in kernel"
+5.10-bullseye-security: N/A "Not implemented in kernel"
+4.19-buster-security: N/A "Not implemented in kernel"
+4.9-stretch-security: N/A "Not implemented in kernel"
diff --git a/retired/CVE-2020-26560 b/retired/CVE-2020-26560
new file mode 100644
index 000000000..be0abd403
--- /dev/null
+++ b/retired/CVE-2020-26560
@@ -0,0 +1,16 @@
+Description: impersonation attack in Bluetooth Mesh Provisioning
+References:
+ https://kb.cert.org/vuls/id/799380
+ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/impersonation-mesh/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1959994
+Notes:
+ bwh> Mesh provisioning seems to be handled in user-space.
+Bugs:
+upstream: N/A "Not implemented in kernel"
+5.10-upstream-stable: N/A "Not implemented in kernel"
+4.19-upstream-stable: N/A "Not implemented in kernel"
+4.9-upstream-stable: N/A "Not implemented in kernel"
+sid: N/A "Not implemented in kernel"
+5.10-bullseye-security: N/A "Not implemented in kernel"
+4.19-buster-security: N/A "Not implemented in kernel"
+4.9-stretch-security: N/A "Not implemented in kernel"
diff --git a/retired/CVE-2021-4148 b/retired/CVE-2021-4148
new file mode 100644
index 000000000..90eddbb5e
--- /dev/null
+++ b/retired/CVE-2021-4148
@@ -0,0 +1,19 @@
+Description: mm: Opening THP-backed special file for write causes crash in block_invalidatepage()
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2026487
+ https://lkml.org/lkml/2021/9/17/1037
+ https://lkml.org/lkml/2021/9/12/323
+ https://lore.kernel.org/linux-mm/a07564a3-b2fc-9ffe-3ace-3f276075ea5c@google.com/
+ https://lore.kernel.org/lkml/CACkBjsYwLYLRmX8GpsDpMthagWOjWWrNxqY6ZLNQVr6yx+f5vA@mail.gmail.com/
+Notes:
+ bwh> Introduced in 5.4 by commit 99cb0dbd47a1 "mm,thp: add read-only THP
+ bwh> support for (non-shmem) FS".
+Bugs:
+upstream: released (5.15) [a4aeaa06d45e90f9b279f0b09de84bd00006e733]
+5.10-upstream-stable: released (5.10.78) [6d67b2a73b8e3a079c355bab3c1aef7d85a044b8]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.14.16-1)
+5.10-bullseye-security: released (5.10.84-1)
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-4150 b/retired/CVE-2021-4150
new file mode 100644
index 000000000..588d6073c
--- /dev/null
+++ b/retired/CVE-2021-4150
@@ -0,0 +1,17 @@
+Description: Block subsystem mishandles reference counts
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2025938
+ https://lkml.org/lkml/2021/9/6/781
+ https://lkml.org/lkml/2021/10/18/485
+Notes:
+ bwh> Introduced in 5.15-rc1 by commit 9d3b8813895d "block: change the
+ bwh> refcounting for partitions", so never appeared in a stable release.
+Bugs:
+upstream: released (5.15-rc7) [9fbfabfda25d8774c5a08634fdd2da000a924890]
+5.10-upstream-stable: N/A "Vulnerability introduced later"
+4.19-upstream-stable: N/A "Vulnerability introduced later"
+4.9-upstream-stable: N/A "Vulnerability introduced later"
+sid: N/A "Vulnerability introduced and fixed in experimental"
+5.10-bullseye-security: N/A "Vulnerability introduced later"
+4.19-buster-security: N/A "Vulnerability introduced later"
+4.9-stretch-security: N/A "Vulnerability introduced later"
diff --git a/retired/CVE-2021-4218 b/retired/CVE-2021-4218
new file mode 100644
index 000000000..12445f6a7
--- /dev/null
+++ b/retired/CVE-2021-4218
@@ -0,0 +1,17 @@
+Description: xprtrdma: Wrong copy function used in sysctl handler
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2048359
+ https://bugs.centos.org/view.php?id=18395
+Notes:
+ bwh> This issue is specific to CentOS/RHEL. In mainline,
+ bwh> xprtrdma always used copy_to_user() until the general
+ bwh> conversion of sysctls to use a kernel buffer.
+Bugs:
+upstream: N/A "Vulnerability never present"
+5.10-upstream-stable: N/A "Vulnerability never present"
+4.19-upstream-stable: N/A "Vulnerability never present"
+4.9-upstream-stable: N/A "Vulnerability never present"
+sid: N/A "Vulnerability never present"
+5.10-bullseye-security: N/A "Vulnerability never present"
+4.19-buster-security: N/A "Vulnerability never present"
+4.9-stretch-security: N/A "Vulnerability never present"
diff --git a/retired/CVE-2022-0382 b/retired/CVE-2022-0382
new file mode 100644
index 000000000..102b3dc4e
--- /dev/null
+++ b/retired/CVE-2022-0382
@@ -0,0 +1,15 @@
+Description: net ticp:fix a kernel-infoleak in __tipc_sendmsg()
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2046440
+Notes:
+ bwh> Introduced in 5.13-rc1 by commit 908148bc5046
+ bwh> "tipc: refactor tipc_sendmsg() and tipc_lookup_anycast()".
+Bugs:
+upstream: released (5.16) [d6d86830705f173fca6087a3e67ceaf68db80523]
+5.10-upstream-stable: N/A "Vulnerability introduced later"
+4.19-upstream-stable: N/A "Vulnerability introduced later"
+4.9-upstream-stable: N/A "Vulnerability introduced later"
+sid: released (5.15.15-1)
+5.10-bullseye-security: N/A "Vulnerability introduced later"
+4.19-buster-security: N/A "Vulnerability introduced later"
+4.9-stretch-security: N/A "Vulnerability introduced later"
diff --git a/retired/CVE-2022-0480 b/retired/CVE-2022-0480
new file mode 100644
index 000000000..1a5cebfb9
--- /dev/null
+++ b/retired/CVE-2022-0480
@@ -0,0 +1,15 @@
+Description: memcg: enable accounting for file lock caches
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2049700
+ https://github.com/kata-containers/kata-containers/issues/3373
+ https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm@linux-foundation.org/
+Notes:
+Bugs:
+upstream: released (5.15-rc1) [0f12156dff2862ac54235fc72703f18770769042]
+5.10-upstream-stable: ignored "Minor issue"
+4.19-upstream-stable: ignored "Minor issue"
+4.9-upstream-stable: ignored "Minor issue"
+sid: released (5.15.3-1)
+5.10-bullseye-security: ignored "Minor issue"
+4.19-buster-security: ignored "Minor issue"
+4.9-stretch-security: ignored "Minor issue"
diff --git a/retired/CVE-2022-0646 b/retired/CVE-2022-0646
new file mode 100644
index 000000000..fa793b068
--- /dev/null
+++ b/retired/CVE-2022-0646
@@ -0,0 +1,15 @@
+Description: mctp: serial: Cancel pending work from ndo_uninit handler
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2055206
+ https://lore.kernel.org/all/20220211011552.1861886-1-jk@codeconstruct.com.au/T/
+Notes:
+ bwh> This driver was only added in 5.17-rc1!
+Bugs:
+upstream: released (5.17-rc5) [6c342ce2239c182c2428ce5a44cb32330434ae6e]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2022-25265 b/retired/CVE-2022-25265
new file mode 100644
index 000000000..8e6b64d27
--- /dev/null
+++ b/retired/CVE-2022-25265
@@ -0,0 +1,16 @@
+Description: x86: Old ELF binaries run with executable stack and data segment
+References:
+ https://github.com/x0reaxeax/exec-prot-bypass
+ https://github.com/torvalds/linux/blob/1c33bb0507508af24fd754dd7123bd8e997fab2f/arch/x86/include/asm/elf.h#L281-L294
+Notes:
+ bwh> This is necessary backward compatibility and can be disabled
+ bwh> through an LSM if wanted.
+Bugs:
+upstream: ignored "Not a security flaw"
+5.10-upstream-stable: ignored "Not a security flaw"
+4.19-upstream-stable: ignored "Not a security flaw"
+4.9-upstream-stable: ignored "Not a security flaw"
+sid: ignored "Not a security flaw"
+5.10-bullseye-security: ignored "Not a security flaw"
+4.19-buster-security: ignored "Not a security flaw"
+4.9-stretch-security: ignored "Not a security flaw"