From 403fda5be130ce093c1bfe4fbe82468d7fa030d4 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 19 Mar 2024 21:18:52 +0100 Subject: Retire some CVEs --- active/CVE-2023-52611 | 16 ---------------- active/CVE-2023-52613 | 16 ---------------- active/CVE-2024-24860 | 15 --------------- active/CVE-2024-26631 | 16 ---------------- active/CVE-2024-26632 | 16 ---------------- active/CVE-2024-26634 | 16 ---------------- active/CVE-2024-26637 | 16 ---------------- active/CVE-2024-26638 | 16 ---------------- retired/CVE-2023-52611 | 16 ++++++++++++++++ retired/CVE-2023-52613 | 16 ++++++++++++++++ retired/CVE-2024-24860 | 15 +++++++++++++++ retired/CVE-2024-26631 | 16 ++++++++++++++++ retired/CVE-2024-26632 | 16 ++++++++++++++++ retired/CVE-2024-26634 | 16 ++++++++++++++++ retired/CVE-2024-26637 | 16 ++++++++++++++++ retired/CVE-2024-26638 | 16 ++++++++++++++++ 16 files changed, 127 insertions(+), 127 deletions(-) delete mode 100644 active/CVE-2023-52611 delete mode 100644 active/CVE-2023-52613 delete mode 100644 active/CVE-2024-24860 delete mode 100644 active/CVE-2024-26631 delete mode 100644 active/CVE-2024-26632 delete mode 100644 active/CVE-2024-26634 delete mode 100644 active/CVE-2024-26637 delete mode 100644 active/CVE-2024-26638 create mode 100644 retired/CVE-2023-52611 create mode 100644 retired/CVE-2023-52613 create mode 100644 retired/CVE-2024-24860 create mode 100644 retired/CVE-2024-26631 create mode 100644 retired/CVE-2024-26632 create mode 100644 retired/CVE-2024-26634 create mode 100644 retired/CVE-2024-26637 create mode 100644 retired/CVE-2024-26638 diff --git a/active/CVE-2023-52611 b/active/CVE-2023-52611 deleted file mode 100644 index b51090d9..00000000 --- a/active/CVE-2023-52611 +++ /dev/null @@ -1,16 +0,0 @@ -Description: wifi: rtw88: sdio: Honor the host max_req_size in the RX path -References: -Notes: - carnil> Introduced in 65371a3f14e7 ("wifi: rtw88: sdio: Add HCI implementation for SDIO - carnil> based chipsets"). Vulnerable versions: 6.4-rc1. -Bugs: -upstream: released (6.8-rc1) [00384f565a91c08c4bedae167f749b093d10e3fe] -6.7-upstream-stable: released (6.7.2) [0e9ffff72a0674cd6656314dbd99cdd2123a3030] -6.6-upstream-stable: released (6.6.14) [5b5ddf21b978ec315cab9d9e7e6ac7374791a8c7] -6.1-upstream-stable: N/A "Vulnerable code not present" -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.6.15-1) -6.1-bookworm-security: N/A "Vulnerable code not present" -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-52613 b/active/CVE-2023-52613 deleted file mode 100644 index 7743cf66..00000000 --- a/active/CVE-2023-52613 +++ /dev/null @@ -1,16 +0,0 @@ -Description: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment -References: -Notes: - carnil> Introduced in e7e3a7c35791 ("thermal/drivers/loongson-2: Add thermal management - carnil> support"). Vulnerable versions: 6.6-rc1. -Bugs: -upstream: released (6.8-rc1) [15ef92e9c41124ee9d88b01208364f3fe1f45f84] -6.7-upstream-stable: released (6.7.2) [6010a9fc14eb1feab5cafd84422001134fe8ec58] -6.6-upstream-stable: released (6.6.14) [70481755ed77400e783200e2d022e5fea16060ce] -6.1-upstream-stable: N/A "Vulnerable code not present" -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.6.15-1) -6.1-bookworm-security: N/A "Vulnerable code not present" -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-24860 b/active/CVE-2024-24860 deleted file mode 100644 index 618d9412..00000000 --- a/active/CVE-2024-24860 +++ /dev/null @@ -1,15 +0,0 @@ -Description: -References: - https://bugzilla.openanolis.cn/show_bug.cgi?id=8151 -Notes: - carnil> Introduced by 18f81241b74f ("Bluetooth: Move {min,max}_key_size - carnil> debugfs ...") in 5.6-rc1. -Bugs: -upstream: released (6.8-rc1) [da9065caa594d19b26e1a030fd0cc27bd365d685] -6.1-upstream-stable: released (6.1.75) [96860d9ad462db61f4eeb09934235c38eab655c4] -5.10-upstream-stable: released (5.10.209) [394c6c0b6d9bdd7d6ebca35ca9cfbabf44c0c257] -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.6.15-1) -6.1-bookworm-security: released (6.1.76-1) -5.10-bullseye-security: released (5.10.209-1) -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26631 b/active/CVE-2024-26631 deleted file mode 100644 index c0c6aea8..00000000 --- a/active/CVE-2024-26631 +++ /dev/null @@ -1,16 +0,0 @@ -Description: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work -References: -Notes: - carnil> Introduced in 2d9a93b4902b ("mld: convert from timer to delayed work"). - carnil> Vulnerable versions: 5.13-rc1. -Bugs: -upstream: released (6.8-rc1) [2e7ef287f07c74985f1bf2858bedc62bd9ebf155] -6.7-upstream-stable: released (6.7.2) [3bb5849675ae1d592929798a2b37ea450879c855] -6.6-upstream-stable: released (6.6.14) [3cc283fd16fba72e2cefe3a6f48d7a36b0438900] -6.1-upstream-stable: released (6.1.75) [380540bb06bb1d1b12bdc947d1b8f56cda6b5663] -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.6.15-1) -6.1-bookworm-security: released (6.1.76-1) -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26632 b/active/CVE-2024-26632 deleted file mode 100644 index 7bbc26c5..00000000 --- a/active/CVE-2024-26632 +++ /dev/null @@ -1,16 +0,0 @@ -Description: block: Fix iterating over an empty bio with bio_for_each_folio_all -References: -Notes: - carnil> Introduced in 640d1930bef4 ("block: Add bio_for_each_folio_all()"). Vulnerable - carnil> versions: 5.17-rc1. -Bugs: -upstream: released (6.8-rc1) [7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7] -6.7-upstream-stable: released (6.7.2) [ca3ede3f5893e2d26d4dbdef1eec28a8487fafde] -6.6-upstream-stable: released (6.6.14) [a6bd8182137a12d22d3f2cee463271bdcb491659] -6.1-upstream-stable: released (6.1.75) [c6350b5cb78e9024c49eaee6fdb914ad2903a5fe] -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.6.15-1) -6.1-bookworm-security: released (6.1.76-1) -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26634 b/active/CVE-2024-26634 deleted file mode 100644 index cfd29950..00000000 --- a/active/CVE-2024-26634 +++ /dev/null @@ -1,16 +0,0 @@ -Description: net: fix removing a namespace with conflicting altnames -References: -Notes: - carnil> Introduced in 7663d522099e ("net: check for altname conflicts when changing - carnil> netdev's netns"). Vulnerable versions: 6.1.60 6.5.9 6.6-rc7. -Bugs: -upstream: released (6.8-rc2) [d09486a04f5da0a812c26217213b89a3b1acf836] -6.7-upstream-stable: released (6.7.3) [8072699aa9e67d1727692cfb3c347263bb627fb9] -6.6-upstream-stable: released (6.6.15) [e855dded4b70d1975ee7b9fed0c700391e3c8ea6] -6.1-upstream-stable: released (6.1.76) [a2232f29bf52c24f827865b3c90829c44b6c695b] -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.6.15-1) -6.1-bookworm-security: released (6.1.76-1) -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26637 b/active/CVE-2024-26637 deleted file mode 100644 index 2549f401..00000000 --- a/active/CVE-2024-26637 +++ /dev/null @@ -1,16 +0,0 @@ -Description: wifi: ath11k: rely on mac80211 debugfs handling for vif -References: -Notes: - carnil> Introduced in 0a3d898ee9a8 ("wifi: mac80211: add/remove driver debugfs entries - carnil> as appropriate"). Vulnerable versions: 6.7. -Bugs: -upstream: released (6.8-rc2) [556857aa1d0855aba02b1c63bc52b91ec63fc2cc] -6.7-upstream-stable: released (6.7.3) [aa74ce30a8a40d19a4256de4ae5322e71344a274] -6.6-upstream-stable: N/A "Vulnerable code not present" -6.1-upstream-stable: N/A "Vulnerable code not present" -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: N/A "Vulnerable code not present" -6.1-bookworm-security: N/A "Vulnerable code not present" -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26638 b/active/CVE-2024-26638 deleted file mode 100644 index f4c823c6..00000000 --- a/active/CVE-2024-26638 +++ /dev/null @@ -1,16 +0,0 @@ -Description: nbd: always initialize struct msghdr completely -References: -Notes: - carnil> Introduced in f94fd25cb0aa ("tcp: pass back data left in socket after - carnil> receive"). Vulnerable versions: 5.19-rc1. -Bugs: -upstream: released (6.8-rc1) [78fbb92af27d0982634116c7a31065f24d092826] -6.7-upstream-stable: released (6.7.3) [b0028f333420a65a53a63978522db680b37379dd] -6.6-upstream-stable: released (6.6.15) [1960f2b534da1e6c65fb96f9e98bda773495f406] -6.1-upstream-stable: released (6.1.76) [d9c54763e5cdbbd3f81868597fe8aca3c96e6387] -5.10-upstream-stable: N/A "Vulnerable code not present" -4.19-upstream-stable: N/A "Vulnerable code not present" -sid: released (6.6.15-1) -6.1-bookworm-security: released (6.1.76-1) -5.10-bullseye-security: N/A "Vulnerable code not present" -4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-52611 b/retired/CVE-2023-52611 new file mode 100644 index 00000000..b51090d9 --- /dev/null +++ b/retired/CVE-2023-52611 @@ -0,0 +1,16 @@ +Description: wifi: rtw88: sdio: Honor the host max_req_size in the RX path +References: +Notes: + carnil> Introduced in 65371a3f14e7 ("wifi: rtw88: sdio: Add HCI implementation for SDIO + carnil> based chipsets"). Vulnerable versions: 6.4-rc1. +Bugs: +upstream: released (6.8-rc1) [00384f565a91c08c4bedae167f749b093d10e3fe] +6.7-upstream-stable: released (6.7.2) [0e9ffff72a0674cd6656314dbd99cdd2123a3030] +6.6-upstream-stable: released (6.6.14) [5b5ddf21b978ec315cab9d9e7e6ac7374791a8c7] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-52613 b/retired/CVE-2023-52613 new file mode 100644 index 00000000..7743cf66 --- /dev/null +++ b/retired/CVE-2023-52613 @@ -0,0 +1,16 @@ +Description: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment +References: +Notes: + carnil> Introduced in e7e3a7c35791 ("thermal/drivers/loongson-2: Add thermal management + carnil> support"). Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.8-rc1) [15ef92e9c41124ee9d88b01208364f3fe1f45f84] +6.7-upstream-stable: released (6.7.2) [6010a9fc14eb1feab5cafd84422001134fe8ec58] +6.6-upstream-stable: released (6.6.14) [70481755ed77400e783200e2d022e5fea16060ce] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-24860 b/retired/CVE-2024-24860 new file mode 100644 index 00000000..618d9412 --- /dev/null +++ b/retired/CVE-2024-24860 @@ -0,0 +1,15 @@ +Description: +References: + https://bugzilla.openanolis.cn/show_bug.cgi?id=8151 +Notes: + carnil> Introduced by 18f81241b74f ("Bluetooth: Move {min,max}_key_size + carnil> debugfs ...") in 5.6-rc1. +Bugs: +upstream: released (6.8-rc1) [da9065caa594d19b26e1a030fd0cc27bd365d685] +6.1-upstream-stable: released (6.1.75) [96860d9ad462db61f4eeb09934235c38eab655c4] +5.10-upstream-stable: released (5.10.209) [394c6c0b6d9bdd7d6ebca35ca9cfbabf44c0c257] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: released (5.10.209-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-26631 b/retired/CVE-2024-26631 new file mode 100644 index 00000000..c0c6aea8 --- /dev/null +++ b/retired/CVE-2024-26631 @@ -0,0 +1,16 @@ +Description: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work +References: +Notes: + carnil> Introduced in 2d9a93b4902b ("mld: convert from timer to delayed work"). + carnil> Vulnerable versions: 5.13-rc1. +Bugs: +upstream: released (6.8-rc1) [2e7ef287f07c74985f1bf2858bedc62bd9ebf155] +6.7-upstream-stable: released (6.7.2) [3bb5849675ae1d592929798a2b37ea450879c855] +6.6-upstream-stable: released (6.6.14) [3cc283fd16fba72e2cefe3a6f48d7a36b0438900] +6.1-upstream-stable: released (6.1.75) [380540bb06bb1d1b12bdc947d1b8f56cda6b5663] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-26632 b/retired/CVE-2024-26632 new file mode 100644 index 00000000..7bbc26c5 --- /dev/null +++ b/retired/CVE-2024-26632 @@ -0,0 +1,16 @@ +Description: block: Fix iterating over an empty bio with bio_for_each_folio_all +References: +Notes: + carnil> Introduced in 640d1930bef4 ("block: Add bio_for_each_folio_all()"). Vulnerable + carnil> versions: 5.17-rc1. +Bugs: +upstream: released (6.8-rc1) [7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7] +6.7-upstream-stable: released (6.7.2) [ca3ede3f5893e2d26d4dbdef1eec28a8487fafde] +6.6-upstream-stable: released (6.6.14) [a6bd8182137a12d22d3f2cee463271bdcb491659] +6.1-upstream-stable: released (6.1.75) [c6350b5cb78e9024c49eaee6fdb914ad2903a5fe] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-26634 b/retired/CVE-2024-26634 new file mode 100644 index 00000000..cfd29950 --- /dev/null +++ b/retired/CVE-2024-26634 @@ -0,0 +1,16 @@ +Description: net: fix removing a namespace with conflicting altnames +References: +Notes: + carnil> Introduced in 7663d522099e ("net: check for altname conflicts when changing + carnil> netdev's netns"). Vulnerable versions: 6.1.60 6.5.9 6.6-rc7. +Bugs: +upstream: released (6.8-rc2) [d09486a04f5da0a812c26217213b89a3b1acf836] +6.7-upstream-stable: released (6.7.3) [8072699aa9e67d1727692cfb3c347263bb627fb9] +6.6-upstream-stable: released (6.6.15) [e855dded4b70d1975ee7b9fed0c700391e3c8ea6] +6.1-upstream-stable: released (6.1.76) [a2232f29bf52c24f827865b3c90829c44b6c695b] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-26637 b/retired/CVE-2024-26637 new file mode 100644 index 00000000..2549f401 --- /dev/null +++ b/retired/CVE-2024-26637 @@ -0,0 +1,16 @@ +Description: wifi: ath11k: rely on mac80211 debugfs handling for vif +References: +Notes: + carnil> Introduced in 0a3d898ee9a8 ("wifi: mac80211: add/remove driver debugfs entries + carnil> as appropriate"). Vulnerable versions: 6.7. +Bugs: +upstream: released (6.8-rc2) [556857aa1d0855aba02b1c63bc52b91ec63fc2cc] +6.7-upstream-stable: released (6.7.3) [aa74ce30a8a40d19a4256de4ae5322e71344a274] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-26638 b/retired/CVE-2024-26638 new file mode 100644 index 00000000..f4c823c6 --- /dev/null +++ b/retired/CVE-2024-26638 @@ -0,0 +1,16 @@ +Description: nbd: always initialize struct msghdr completely +References: +Notes: + carnil> Introduced in f94fd25cb0aa ("tcp: pass back data left in socket after + carnil> receive"). Vulnerable versions: 5.19-rc1. +Bugs: +upstream: released (6.8-rc1) [78fbb92af27d0982634116c7a31065f24d092826] +6.7-upstream-stable: released (6.7.3) [b0028f333420a65a53a63978522db680b37379dd] +6.6-upstream-stable: released (6.6.15) [1960f2b534da1e6c65fb96f9e98bda773495f406] +6.1-upstream-stable: released (6.1.76) [d9c54763e5cdbbd3f81868597fe8aca3c96e6387] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" -- cgit v1.2.3