Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-10-05 15:58:17 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-10-05 15:58:17 +0200
commit: ff87f259584dbf118d84db94fdc9d5c8b4a834b0 (patch)
tree: f8f19a032b605bc6c5cbf38e4cab13bc63d64f14 /retired
parent: 81bc3795e6115ee7fa4144ad5bf0b4a2b7b2d08d (diff)
3 files changed, 47 insertions, 0 deletions
diff --git a/retired/CVE-2022-45886 b/retired/CVE-2022-45886
new file mode 100644
index 00000000..71bbee98
--- /dev/null
+++ b/retired/CVE-2022-45886
@@ -0,0 +1,16 @@
+Description: media: dvb-core: Fix use-after-free due to race condition occurring in dvb_net
+References:
+ https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/
+ https://lore.kernel.org/linux-media/20221115131822.6640-3-imv4bel@gmail.com/
+Notes:
+ carnil> Negligible security impact, would need physical access to
+ carnil> "exploit"
+Bugs:
+upstream: released (6.4-rc3) [4172385b0c9ac366dcab78eda48c26814b87ed1a]
+6.1-upstream-stable: released (6.1.33) [93b5dfebcb1821dde466e29404fcf1fb919f4c72]
+5.10-upstream-stable: released (5.10.183) [2ea7d26ed851db7176e4bfa8174c8a1380255bbe]
+4.19-upstream-stable: released (4.19.285) [7bb9c6e05efcecb15b0354d574efbc36ca321d75]
+sid: released (6.3.7-1)
+6.1-bookworm-security: released (6.1.37-1)
+5.10-bullseye-security: released (5.10.191-1)
+4.19-buster-security: released (4.19.289-1)
diff --git a/retired/CVE-2022-45887 b/retired/CVE-2022-45887
new file mode 100644
index 00000000..a6124c95
--- /dev/null
+++ b/retired/CVE-2022-45887
@@ -0,0 +1,16 @@
+Description: media: ttusb-dec: Fix memory leak in ttusb_dec_exit_dvb()
+References:
+ https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/
+ https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel@gmail.com/
+Notes:
+ carnil> Negligible security impact, would need physical access to
+ carnil> "exploit"
+Bugs:
+upstream: released (6.4-rc3) [517a281338322ff8293f988771c98aaa7205e457]
+6.1-upstream-stable: released (6.1.33) [ea2938c27b0212aaab6702c16b7385e073b35643]
+5.10-upstream-stable: released (5.10.183) [eb37fef417a246fe54530901a3ea9c0abc914fc2]
+4.19-upstream-stable: released (4.19.285) [3e5af0745a4702ab0df2f880bfe0431eb30f9164]
+sid: released (6.3.7-1)
+6.1-bookworm-security: released (6.1.37-1)
+5.10-bullseye-security: released (5.10.191-1)
+4.19-buster-security: released (4.19.289-1)
diff --git a/retired/CVE-2022-45919 b/retired/CVE-2022-45919
new file mode 100644
index 00000000..cfebed39
--- /dev/null
+++ b/retired/CVE-2022-45919
@@ -0,0 +1,15 @@
+Description: media: dvb-core: Fix use-after-free due to race condition occurring in dvb_ca_en50221
+References:
+ https://lore.kernel.org/linux-media/20221121063308.GA33821%40ubuntu/T/#u
+Notes:
+ carnil> Negligible security impact, would need physical access to
+ carnil> "exploit"
+Bugs:
+upstream: released (6.4-rc3) [280a8ab81733da8bc442253c700a52c4c0886ffd]
+6.1-upstream-stable: released (6.1.33) [d5d61f747e3f1ff9042db66896f2f90afa5f3197]
+5.10-upstream-stable: released (5.10.183) [76169f7490899d74aad4b0e2c4c1b9d4904dd01f]
+4.19-upstream-stable: released (4.19.285) [8624c7e048fa9ba584b7ba43715090ab1aed765c]
+sid: released (6.3.7-1)
+6.1-bookworm-security: released (6.1.37-1)
+5.10-bullseye-security: released (5.10.191-1)
+4.19-buster-security: released (4.19.289-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2023-10-05 15:58:17 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-10-05 15:58:17 +0200
commit	ff87f259584dbf118d84db94fdc9d5c8b4a834b0 (patch)
tree	f8f19a032b605bc6c5cbf38e4cab13bc63d64f14 /retired
parent	81bc3795e6115ee7fa4144ad5bf0b4a2b7b2d08d (diff)