diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-07-05 21:41:59 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-07-05 21:41:59 +0200 |
commit | 5ce936e17b5deaa779771b2395157902bf0cecf7 (patch) | |
tree | 7dae04e2c221cbfcbcff67c4ef47494a4745f693 /retired | |
parent | 1010e0291357fca6978f4a69cd246d79bfc80fb4 (diff) |
Retire some completed CVEs
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2022-48425 | 13 | ||||
-rw-r--r-- | retired/CVE-2023-32250 | 14 | ||||
-rw-r--r-- | retired/CVE-2023-32254 | 14 | ||||
-rw-r--r-- | retired/CVE-2023-35826 | 16 |
4 files changed, 57 insertions, 0 deletions
diff --git a/retired/CVE-2022-48425 b/retired/CVE-2022-48425 new file mode 100644 index 00000000..83f943be --- /dev/null +++ b/retired/CVE-2022-48425 @@ -0,0 +1,13 @@ +Description: fs/ntfs3: Validate MFT flags before replaying logs +References: + https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/fs/ntfs3?id=467333af2f7b95eeaa61a5b5369a80063cd971fd +Notes: +Bugs: +upstream: released (6.4-rc1) [98bea253aa28ad8be2ce565a9ca21beb4a9419e5] +6.1-upstream-stable: released (6.1.33) [a8eaa9a06addbd9cb0238cb1c729921ecbb6504c] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.3.7-1) +6.1-bookworm-security: released (6.1.37-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-32250 b/retired/CVE-2023-32250 new file mode 100644 index 00000000..71bd9c9c --- /dev/null +++ b/retired/CVE-2023-32250 @@ -0,0 +1,14 @@ +Description: ksmbd: fix racy issue from session setup and logoff +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2208849 + https://www.zerodayinitiative.com/advisories/ZDI-23-698/ +Notes: +Bugs: +upstream: released (6.4-rc1) [f5c779b7ddbda30866cf2a27c63e34158f858c73] +6.1-upstream-stable: released (6.1.29) [f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.3.7-1) +6.1-bookworm-security: released (6.1.37-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-32254 b/retired/CVE-2023-32254 new file mode 100644 index 00000000..97bc76d5 --- /dev/null +++ b/retired/CVE-2023-32254 @@ -0,0 +1,14 @@ +Description: ksmbd: fix racy issue under cocurrent smb2 tree disconnect +References: + https://www.zerodayinitiative.com/advisories/ZDI-CAN-20592/ + https://bugzilla.redhat.com/show_bug.cgi?id=2191658 +Notes: +Bugs: +upstream: released (6.4-rc1) [30210947a343b6b3ca13adc9bfc88e1543e16dd5] +6.1-upstream-stable: released (6.1.28) [bd80d35725a0cf4df9307bfe2f1a3b2cb983d8e6] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.3.7-1) +6.1-bookworm-security: released (6.1.37-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-35826 b/retired/CVE-2023-35826 new file mode 100644 index 00000000..0c7aa98b --- /dev/null +++ b/retired/CVE-2023-35826 @@ -0,0 +1,16 @@ +Description: media: cedrus: fix use after free bug in cedrus_remove due to race condition +References: + https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a%40xs4all.nl/ + https://lore.kernel.org/linux-arm-kernel/20230308032333.1893394-1-zyytlz.wz%40163.com/T/ +Notes: + carnil> Commit fixes 7c38a551bda1 ("media: cedrus: Add watchdog for job + carnil> completion") in 5.18-rc1. +Bugs: +upstream: released (6.4-rc1) [50d0a7aea4809cef87979d4669911276aa23b71f] +6.1-upstream-stable: released (6.1.28) [2cdc8f729d953143b3bbdc56841bb6800752de7f] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.3.7-1) +6.1-bookworm-security: released (6.1.37-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" |