diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-03-06 08:21:20 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-03-06 08:21:20 +0100 |
commit | 6311ee61facf219bf2324a374240b22509f4eb32 (patch) | |
tree | 2a1061ebe5ef4783bcad11e3cfc7009aea8b7594 /retired | |
parent | 623c2faad48f2c726ae18f36db2f1a6b168cc5f0 (diff) |
Retire some CVEs
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2022-48629 | 16 | ||||
-rw-r--r-- | retired/CVE-2022-48630 | 17 | ||||
-rw-r--r-- | retired/CVE-2024-26623 | 16 |
3 files changed, 49 insertions, 0 deletions
diff --git a/retired/CVE-2022-48629 b/retired/CVE-2022-48629 new file mode 100644 index 00000000..d4d13174 --- /dev/null +++ b/retired/CVE-2022-48629 @@ -0,0 +1,16 @@ +Description: crypto: qcom-rng - ensure buffer for generate is completely filled +References: +Notes: + carnil> Introduced in ceec5f5b5988 ("crypto: qcom-rng - Add Qcom prng driver"). + carnil> Vulnerable versions: 4.19-rc1. +Bugs: +upstream: released (5.17) [a680b1832ced3b5fa7c93484248fd221ea0d614b] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.108) [0f9b7b8df17525e464294c916acc8194ce38446b] +4.19-upstream-stable: released (4.19.236) [a8e32bbb96c25b7ab29b1894dcd45e0b3b08fd9d] +sid: released (5.16.18-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.113-1) +4.19-buster-security: released (4.19.249-1) diff --git a/retired/CVE-2022-48630 b/retired/CVE-2022-48630 new file mode 100644 index 00000000..2f5b8f29 --- /dev/null +++ b/retired/CVE-2022-48630 @@ -0,0 +1,17 @@ +Description: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ +References: +Notes: + carnil> Introduced in a680b1832ced ("crypto: qcom-rng - ensure buffer for generate is + carnil> completely filled"). Vulnerable versions: 4.19.236 5.4.187 5.10.108 5.15.31 + carnil> 5.16.17 5.17. +Bugs: +upstream: released (5.18) [16287397ec5c08aa58db6acf7dbc55470d78087d] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.118) [233a3cc60e7a8fe0be8cf9934ae7b67ba25a866c] +4.19-upstream-stable: released (4.19.245) [71a89789552b7faf3ef27969b9bc783fa0df3550] +sid: released (5.17.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.120-1) +4.19-buster-security: released (4.19.249-1) diff --git a/retired/CVE-2024-26623 b/retired/CVE-2024-26623 new file mode 100644 index 00000000..976c4485 --- /dev/null +++ b/retired/CVE-2024-26623 @@ -0,0 +1,16 @@ +Description: pds_core: Prevent race issues involving the adminq +References: +Notes: + carnil> Introduced in 01ba61b55b20 ("pds_core: Add adminq processing and commands"). + carnil> Vulnerable versions: 6.4-rc1. +Bugs: +upstream: released (6.8-rc3) [7e82a8745b951b1e794cc780d46f3fbee5e93447] +6.7-upstream-stable: released (6.7.4) [5939feb63ea1f011027576c64b68b681cbad31ca] +6.6-upstream-stable: released (6.6.16) [22cd6046eb2148b18990257505834dd45c672a1b] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.7-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" |