diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-05-01 21:27:29 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-05-01 21:27:29 +0200 |
commit | bcce47f6eaa1770d877fcd92df311b9a5efee54f (patch) | |
tree | 2123e885bc8fdd2405211e6fce0aec1125338bf5 /retired | |
parent | 52a3eb5c9653ed9b0fa35e48959cc87ff36c3e29 (diff) |
Retire some CVEs
Diffstat (limited to 'retired')
29 files changed, 465 insertions, 0 deletions
diff --git a/retired/CVE-2022-48669 b/retired/CVE-2022-48669 new file mode 100644 index 00000000..42133200 --- /dev/null +++ b/retired/CVE-2022-48669 @@ -0,0 +1,16 @@ +Description: powerpc/pseries: Fix potential memleak in papr_get_attr() +References: +Notes: + carnil> Introduced in 3c14b73454cf ("powerpc/pseries: Interface to represent PAPR + carnil> firmware attributes"). Vulnerable versions: 5.18-rc1. +Bugs: +upstream: released (6.9-rc1) [cda9c0d556283e2d4adaa9960b2dc19b16156bae] +6.8-upstream-stable: released (6.8.2) [d0647c3e81eff62b66d46fd4e475318cb8cb3610] +6.6-upstream-stable: released (6.6.23) [1699fb915b9f61794d559b55114c09a390aaf234] +6.1-upstream-stable: released (6.1.83) [a3f22feb2220a945d1c3282e34199e8bcdc5afc4] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: released (6.1.85-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-52649 b/retired/CVE-2023-52649 new file mode 100644 index 00000000..3e2b3d8e --- /dev/null +++ b/retired/CVE-2023-52649 @@ -0,0 +1,16 @@ +Description: drm/vkms: Avoid reading beyond LUT array +References: +Notes: + carnil> Introduced in db1f254f2cfa ("drm/vkms: Add support to 1D gamma LUT"). + carnil> Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.9-rc1) [2fee84030d12d9fddfa874e4562d71761a129277] +6.8-upstream-stable: released (6.8.2) [92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d] +6.6-upstream-stable: released (6.6.23) [9556c167673057d48ce4a0da675026fe046654c1] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27023 b/retired/CVE-2024-27023 new file mode 100644 index 00000000..41d680eb --- /dev/null +++ b/retired/CVE-2024-27023 @@ -0,0 +1,16 @@ +Description: md: Fix missing release of 'active_io' for flush +References: +Notes: + carnil> Introduced in fa2bbff7b0b4 ("md: synchronize flush io with array + carnil> reconfiguration"). Vulnerable versions: 6.1.75 6.6.14 6.7.2 6.8-rc1. +Bugs: +upstream: released (6.8-rc6) [855678ed8534518e2b428bcbcec695de9ba248e8] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: released (6.6.19) [02dad157ba11064d073f5499dc33552b227d5d3a] +6.1-upstream-stable: released (6.1.80) [6b2ff10390b19a2364af622b6666b690443f9f3f] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.7-1) +6.1-bookworm-security: released (6.1.82-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27026 b/retired/CVE-2024-27026 new file mode 100644 index 00000000..840095be --- /dev/null +++ b/retired/CVE-2024-27026 @@ -0,0 +1,16 @@ +Description: vmxnet3: Fix missing reserved tailroom +References: +Notes: + carnil> Introduced in 54f00cce1178 ("vmxnet3: Add XDP support."). Vulnerable versions: + carnil> 6.6-rc1. +Bugs: +upstream: released (6.9-rc1) [e127ce7699c1e05279ee5ee61f00893e7bfa9671] +6.8-upstream-stable: released (6.8.2) [91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262] +6.6-upstream-stable: released (6.6.23) [aba8659caf88017507419feea06069f529329ea6] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27027 b/retired/CVE-2024-27027 new file mode 100644 index 00000000..c9676d62 --- /dev/null +++ b/retired/CVE-2024-27027 @@ -0,0 +1,16 @@ +Description: dpll: fix dpll_xa_ref_*_del() for multiple registrations +References: +Notes: + carnil> Introduced in 9431063ad323 ("dpll: core: Add DPLL framework base functions"). + carnil> Vulnerable versions: 6.7-rc1. +Bugs: +upstream: released (6.9-rc1) [b446631f355ece73b13c311dd712c47381a23172] +6.8-upstream-stable: released (6.8.2) [b27e32e9367dac024cd6f61f22655714f483fd67] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27029 b/retired/CVE-2024-27029 new file mode 100644 index 00000000..e92756b9 --- /dev/null +++ b/retired/CVE-2024-27029 @@ -0,0 +1,16 @@ +Description: drm/amdgpu: fix mmhub client id out-of-bounds access +References: +Notes: + carnil> Introduced in aba2be41470a ("drm/amdgpu: add mmhub 3.3.0 support"). Vulnerable + carnil> versions: 6.7-rc1. +Bugs: +upstream: released (6.9-rc1) [6540ff6482c1a5a6890ae44b23d0852ba1986d9e] +6.8-upstream-stable: released (6.8.2) [1f24b3040f2b6ffcb97151fabb3070328254d923] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27031 b/retired/CVE-2024-27031 new file mode 100644 index 00000000..30bd48f5 --- /dev/null +++ b/retired/CVE-2024-27031 @@ -0,0 +1,16 @@ +Description: NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt +References: +Notes: + carnil> Introduced in 000dbe0bec05 ("NFS: Convert buffered read paths to use netfs when + carnil> fscache is enabled"). Vulnerable versions: 6.4-rc1. +Bugs: +upstream: released (6.9-rc1) [fd5860ab6341506004219b080aea40213b299d2e] +6.8-upstream-stable: released (6.8.2) [8a2e5977cecd3cde6a0e3e86b7b914d00240e5dc] +6.6-upstream-stable: released (6.6.23) [ad27382f8495f8ef6d2c66c413d756bfd13c0598] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27033 b/retired/CVE-2024-27033 new file mode 100644 index 00000000..d8af9f85 --- /dev/null +++ b/retired/CVE-2024-27033 @@ -0,0 +1,16 @@ +Description: f2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic +References: +Notes: + carnil> Introduced in 18792e64c86d ("f2fs: support fault injection for + carnil> f2fs_is_valid_blkaddr()"). Vulnerable versions: 6.2-rc1. +Bugs: +upstream: released (6.9-rc1) [b896e302f79678451a94769ddd9e52e954c64fbb] +6.8-upstream-stable: released (6.8.2) [abe98a05e7162f64759bf9111108ebcb11322dec] +6.6-upstream-stable: released (6.6.23) [0386408036bfc8b50296d9e544ff91c4d52af2db] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27036 b/retired/CVE-2024-27036 new file mode 100644 index 00000000..caa4e371 --- /dev/null +++ b/retired/CVE-2024-27036 @@ -0,0 +1,16 @@ +Description: cifs: Fix writeback data corruption +References: +Notes: + carnil> Introduced in d08089f649a0 ("cifs: Change the I/O paths to use an iterator + carnil> rather than a page list"). Vulnerable versions: 6.3-rc1. +Bugs: +upstream: released (6.9-rc1) [f3dc1bdb6b0b0693562c7c54a6c28bafa608ba3c] +6.8-upstream-stable: released (6.8.2) [844b4e132f57f1333dc79feaa035075a096762e4] +6.6-upstream-stable: released (6.6.23) [e45deec35bf7f1f4f992a707b2d04a8c162f2240] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27039 b/retired/CVE-2024-27039 new file mode 100644 index 00000000..47053f0e --- /dev/null +++ b/retired/CVE-2024-27039 @@ -0,0 +1,16 @@ +Description: clk: hisilicon: hi3559a: Fix an erroneous devm_kfree() +References: +Notes: + carnil> Introduced in 6c81966107dc ("clk: hisilicon: Add clock driver for hi3559A + carnil> SoC"). Vulnerable versions: 5.14-rc1. +Bugs: +upstream: released (6.9-rc1) [64c6a38136b74a2f18c42199830975edd9fbc379] +6.8-upstream-stable: released (6.8.2) [d575765b1b62e8bdb00af11caa1aabeb01763d9f] +6.6-upstream-stable: released (6.6.23) [95d1f1228c1bb54803ae57525b76db60e99b37e4] +6.1-upstream-stable: released (6.1.83) [e0b0d1c46a2ce1e46b79d004a7270fdef872e097] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: released (6.1.85-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27040 b/retired/CVE-2024-27040 new file mode 100644 index 00000000..df6f4b43 --- /dev/null +++ b/retired/CVE-2024-27040 @@ -0,0 +1,16 @@ +Description: drm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()' +References: +Notes: + carnil> Introduced in c7ddc0a800bc ("drm/amd/display: Add Functions to enable Freesync + carnil> Panel Replay"). Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.9-rc1) [f6aed043ee5d75b3d1bfc452b1a9584b63c8f76b] +6.8-upstream-stable: released (6.8.2) [d0e94f4807ff0df66cf447d6b4bbb8ac830e99c3] +6.6-upstream-stable: released (6.6.23) [f610c46771ef1047e46d61807aa7c69cd29e63d8] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27048 b/retired/CVE-2024-27048 new file mode 100644 index 00000000..e50f6d98 --- /dev/null +++ b/retired/CVE-2024-27048 @@ -0,0 +1,16 @@ +Description: wifi: brcm80211: handle pmk_op allocation failure +References: +Notes: + carnil> Introduced in a96202acaea4 ("wifi: brcmfmac: cfg80211: Add support for PMKID_V3 + carnil> operations"). Vulnerable versions: 6.4-rc1. +Bugs: +upstream: released (6.9-rc1) [b4152222e04cb8afeeca239c90e3fcaf4c553b42] +6.8-upstream-stable: released (6.8.2) [6138a82f3bccfc67ed7ac059493579fc326c02e5] +6.6-upstream-stable: released (6.6.23) [df62e22c2e27420e8990a4f09e30d7bf56c2036f] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27049 b/retired/CVE-2024-27049 new file mode 100644 index 00000000..34edc9f8 --- /dev/null +++ b/retired/CVE-2024-27049 @@ -0,0 +1,16 @@ +Description: wifi: mt76: mt7925e: fix use-after-free in free_irq() +References: +Notes: + carnil> Introduced in c948b5da6bbe ("wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for + carnil> mt7925 chips"). Vulnerable versions: 6.7-rc1. +Bugs: +upstream: released (6.9-rc1) [a5a5f4413d91f395cb2d89829d376d7393ad48b9] +6.8-upstream-stable: released (6.8.2) [6d9930096e1f13cf6d9aabfbf95d0e05fb04144f] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27050 b/retired/CVE-2024-27050 new file mode 100644 index 00000000..42ccec02 --- /dev/null +++ b/retired/CVE-2024-27050 @@ -0,0 +1,16 @@ +Description: libbpf: Use OPTS_SET() macro in bpf_xdp_query() +References: +Notes: + carnil> Introduced in 13ce2daa259a ("xsk: add new netlink attribute dedicated for ZC + carnil> max frags"). Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.9-rc1) [92a871ab9fa59a74d013bc04f321026a057618e7] +6.8-upstream-stable: released (6.8.2) [cd3be9843247edb8fc6fcd8d8237cbce2bc19f5e] +6.6-upstream-stable: released (6.6.23) [fa5bef5e80c6a3321b2b1a7070436f3bc5daf07c] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27055 b/retired/CVE-2024-27055 new file mode 100644 index 00000000..2b0d5a5a --- /dev/null +++ b/retired/CVE-2024-27055 @@ -0,0 +1,17 @@ +Description: workqueue: Don't call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active() +References: +Notes: + carnil> Introduced in 5797b1c18919 ("workqueue: Implement system-wide nr_active + carnil> enforcement for unbound workqueues"). Vulnerable versions: 6.6.25 6.7.11 6.8.4 + carnil> 6.9-rc1. +Bugs: +upstream: released (6.9-rc1) [15930da42f8981dc42c19038042947b475b19f47] +6.8-upstream-stable: released (6.8.4) [adc646d2126988a64234502f579e4bc2b080d7cf] +6.6-upstream-stable: released (6.6.25) [a75ac2693d734d20724f0e10e039ca85f1fcfc4e] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27058 b/retired/CVE-2024-27058 new file mode 100644 index 00000000..d7f30129 --- /dev/null +++ b/retired/CVE-2024-27058 @@ -0,0 +1,16 @@ +Description: tmpfs: fix race on handling dquot rbtree +References: +Notes: + carnil> Introduced in eafc474e2029 ("shmem: prepare shmem quota infrastructure"). + carnil> Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.9-rc2) [0a69b6b3a026543bc215ccc866d0aea5579e6ce2] +6.8-upstream-stable: released (6.8.3) [f82f184874d2761ebaa60dccf577921a0dbb3810] +6.6-upstream-stable: released (6.6.24) [c7077f43f30d817d10a9f8245e51576ac114b2f0] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27060 b/retired/CVE-2024-27060 new file mode 100644 index 00000000..cc9e53c6 --- /dev/null +++ b/retired/CVE-2024-27060 @@ -0,0 +1,16 @@ +Description: thunderbolt: Fix NULL pointer dereference in tb_port_update_credits() +References: +Notes: + carnil> Introduced in 81af2952e606 ("thunderbolt: Add support for asymmetric link"). + carnil> Vulnerable versions: 6.7-rc1. +Bugs: +upstream: released (6.8) [d3d17e23d1a0d1f959b4fa55b35f1802d9c584fa] +6.8-upstream-stable: released (6.8) [d3d17e23d1a0d1f959b4fa55b35f1802d9c584fa] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27061 b/retired/CVE-2024-27061 new file mode 100644 index 00000000..cf18512f --- /dev/null +++ b/retired/CVE-2024-27061 @@ -0,0 +1,16 @@ +Description: crypto: sun8i-ce - Fix use after free in unprepare +References: +Notes: + carnil> Introduced in 4136212ab18e ("crypto: sun8i-ce - Remove prepare/unprepare + carnil> request"). Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.8) [183420038444547c149a0fc5f58e792c2752860c] +6.8-upstream-stable: released (6.8) [183420038444547c149a0fc5f58e792c2752860c] +6.6-upstream-stable: released (6.6.24) [dc60b25540c82fc4baa95d1458ae96ead21859e0] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27063 b/retired/CVE-2024-27063 new file mode 100644 index 00000000..2b8afb63 --- /dev/null +++ b/retired/CVE-2024-27063 @@ -0,0 +1,16 @@ +Description: leds: trigger: netdev: Fix kernel panic on interface rename trig notify +References: +Notes: + carnil> Introduced in d5e01266e7f5 ("leds: trigger: netdev: add additional specific + carnil> link speed mode"). Vulnerable versions: 6.5-rc1. +Bugs: +upstream: released (6.9-rc1) [415798bc07dd1c1ae3a656aa026580816e0b9fe8] +6.8-upstream-stable: released (6.8.3) [3f360227cb46edb2cd2494128e1e06ed5768a62e] +6.6-upstream-stable: released (6.6.24) [10f2af1af8ab8a7064f193446abd5579d3def7e3] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27064 b/retired/CVE-2024-27064 new file mode 100644 index 00000000..c9c7b2d7 --- /dev/null +++ b/retired/CVE-2024-27064 @@ -0,0 +1,16 @@ +Description: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain +References: +Notes: + carnil> Introduced in b9703ed44ffb ("netfilter: nf_tables: support for adding new + carnil> devices to an existing netdev chain"). Vulnerable versions: 6.3.3 6.4-rc1. +Bugs: +upstream: released (6.9-rc1) [7eaf837a4eb5f74561e2486972e7f5184b613f6e] +6.8-upstream-stable: released (6.8.2) [e77a6b53a3a547b6dedfc40c37cee4f310701090] +6.6-upstream-stable: released (6.6.23) [79846fdcc548d617b0b321addc6a3821d3b75b20] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27066 b/retired/CVE-2024-27066 new file mode 100644 index 00000000..23a9f5f0 --- /dev/null +++ b/retired/CVE-2024-27066 @@ -0,0 +1,16 @@ +Description: virtio: packed: fix unmap leak for indirect desc table +References: +Notes: + carnil> Introduced in b319940f83c2 ("virtio_ring: skip unmap for premapped"). + carnil> Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.9-rc1) [d5c0ed17fea60cca9bc3bf1278b49ba79242bbcd] +6.8-upstream-stable: released (6.8.2) [51bacd9d29bf98c3ebc65e4a0477bb86306b4140] +6.6-upstream-stable: released (6.6.23) [e142169aca5546ae6619c39a575cda8105362100] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27067 b/retired/CVE-2024-27067 new file mode 100644 index 00000000..e9112c2b --- /dev/null +++ b/retired/CVE-2024-27067 @@ -0,0 +1,16 @@ +Description: xen/evtchn: avoid WARN() when unbinding an event channel +References: +Notes: + carnil> Introduced in 9e90e58c11b7 ("xen: evtchn: Allow shared registration of IRQ + carnil> handers"). Vulnerable versions: 6.6.19 6.7-rc1. +Bugs: +upstream: released (6.9-rc1) [51c23bd691c0f1fb95b29731c356c6fd69925d17] +6.8-upstream-stable: released (6.8.2) [9e2d4b58c1da48a32905802aaeadba7084b46895] +6.6-upstream-stable: released (6.6.23) [99e425032c6ec13584d3cd33846e0c7307501b47] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27068 b/retired/CVE-2024-27068 new file mode 100644 index 00000000..90c0f06e --- /dev/null +++ b/retired/CVE-2024-27068 @@ -0,0 +1,16 @@ +Description: thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path +References: +Notes: + carnil> Introduced in f5f633b18234 ("thermal/drivers/mediatek: Add the Low Voltage + carnil> Thermal Sensor driver"). Vulnerable versions: 6.3-rc1. +Bugs: +upstream: released (6.9-rc1) [ca93bf607a44c1f009283dac4af7df0d9ae5e357] +6.8-upstream-stable: released (6.8.2) [9b02197596671800dd934609384b1aca7c6ad218] +6.6-upstream-stable: released (6.6.23) [2db869da91afd48e5b9ec76814709be49662b07d] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27069 b/retired/CVE-2024-27069 new file mode 100644 index 00000000..317fcf80 --- /dev/null +++ b/retired/CVE-2024-27069 @@ -0,0 +1,16 @@ +Description: ovl: relax WARN_ON in ovl_verify_area() +References: +Notes: + carnil> Introduced in ca7ab482401c ("ovl: add permission hooks outside of + carnil> do_splice_direct()"). Vulnerable versions: 6.8-rc1. +Bugs: +upstream: released (6.9-rc1) [77a28aa476873048024ad56daf8f4f17d58ee48e] +6.8-upstream-stable: released (6.8.2) [c3c85aefc0da1e5074a06c682542a54ccc99bdca] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27070 b/retired/CVE-2024-27070 new file mode 100644 index 00000000..f490576c --- /dev/null +++ b/retired/CVE-2024-27070 @@ -0,0 +1,16 @@ +Description: f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault +References: +Notes: + carnil> Introduced in 87f3afd366f7 ("f2fs: add tracepoint for f2fs_vm_page_mkwrite()"). + carnil> Vulnerable versions: 6.8-rc1. +Bugs: +upstream: released (6.9-rc1) [eb70d5a6c932d9d23f4bb3e7b83782c21ac4b064] +6.8-upstream-stable: released (6.8.2) [8186e16a766d709a08f188d2f4e84098f364bea1] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27071 b/retired/CVE-2024-27071 new file mode 100644 index 00000000..88f100d9 --- /dev/null +++ b/retired/CVE-2024-27071 @@ -0,0 +1,16 @@ +Description: backlight: hx8357: Fix potential NULL pointer dereference +References: +Notes: + carnil> Introduced in 7d84a63a39b7 ("backlight: hx8357: Convert to agnostic GPIO API"). + carnil> Vulnerable versions: 6.8-rc1. +Bugs: +upstream: released (6.9-rc1) [b1ba8bcb2d1ffce11b308ce166c9cc28d989e3b9] +6.8-upstream-stable: released (6.8.2) [67e578c8ff2d7df03bf8ca9a7f5436b1796f6ad1] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27390 b/retired/CVE-2024-27390 new file mode 100644 index 00000000..d7515f2f --- /dev/null +++ b/retired/CVE-2024-27390 @@ -0,0 +1,16 @@ +Description: ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down() +References: +Notes: + carnil> Introduced in f185de28d9ae ("mld: add new workqueues for process mld events"). + carnil> Vulnerable versions: 5.13-rc1. +Bugs: +upstream: released (6.9-rc1) [17ef8efc00b34918b966388b2af0993811895a8c] +6.8-upstream-stable: released (6.8.2) [5da9a218340a2bc804dc4327e5804392e24a0b88] +6.6-upstream-stable: released (6.6.23) [26d4bac55750d535f1f0b8790dc26daf6089e373] +6.1-upstream-stable: released (6.1.83) [a03ede2282ebbd181bd6f5c38cbfcb5765afcd04] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: released (6.1.85-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27391 b/retired/CVE-2024-27391 new file mode 100644 index 00000000..020ab76d --- /dev/null +++ b/retired/CVE-2024-27391 @@ -0,0 +1,16 @@ +Description: wifi: wilc1000: do not realloc workqueue everytime an interface is added +References: +Notes: + carnil> Introduced in 09ed8bfc5215 ("wilc1000: Rename workqueue from "WILC_wq" to + carnil> "NETDEV-wq""). Vulnerable versions: 5.17-rc1. +Bugs: +upstream: released (6.9-rc1) [328efda22af81130c2ad981c110518cb29ff2f1d] +6.8-upstream-stable: released (6.8.2) [9ab0c303ccabfd6bdce14432792d41090070008c] +6.6-upstream-stable: released (6.6.23) [4041c60a9d543b3ad50225385b072ba68e96166e] +6.1-upstream-stable: released (6.1.83) [515cc676dfbce40d93c92b1ff3c1070e917f4e52] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.12-1) +6.1-bookworm-security: released (6.1.85-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-27392 b/retired/CVE-2024-27392 new file mode 100644 index 00000000..4cf34fd6 --- /dev/null +++ b/retired/CVE-2024-27392 @@ -0,0 +1,16 @@ +Description: nvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse() +References: +Notes: + carnil> Introduced in a1a825ab6a60 ("nvme: add csi, ms and nuse to sysfs"). Vulnerable + carnil> versions: 6.8-rc1. +Bugs: +upstream: released (6.9-rc1) [8d0d2447394b13fb22a069f0330f9c49b7fff9d3] +6.8-upstream-stable: released (6.8.2) [534f9dc7fe495b3f9cc84363898ac50c5a25fccb] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" |