Retire two CVEs

2 files changed, 28 insertions, 0 deletions

diff --git a/retired/CVE-2019-18812 b/retired/CVE-2019-18812
new file mode 100644
index 000000000..343635426
--- /dev/null
+++ b/retired/CVE-2019-18812
@@ -0,0 +1,16 @@
+Description: ASoC: SOF: Fix memory leak in sof_dfsentry_write
+References:
+ https://github.com/torvalds/linux/commit/c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed
+Notes:
+ bwh> Introduced in 5.3 by commit 091c12e1f50c "ASoC: SOF: debug: add new
+ bwh> debugfs entries for IPC flood test".  No real security impact as
+ bwh> this function is only exposed through debugfs.
+Bugs:
+upstream: released (5.4-rc7) [c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.4.6-1)
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2019-19055 b/retired/CVE-2019-19055
new file mode 100644
index 000000000..e9f2ba3b9
--- /dev/null
+++ b/retired/CVE-2019-19055
@@ -0,0 +1,12 @@
+Description: nl80211: fix memory leak in nl80211_get_ftm_responder_stats
+References:
+Notes:
+Bugs:
+upstream: released (5.4-rc4) [1399c59fa92984836db90538cf92397fe7caaa57]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.4.6-1)
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"