From ec1ca9c0a7b8d1de31a73121fa40d347a0b1c176 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Thu, 17 Aug 2023 12:47:10 +0200 Subject: move to ignored/ --- ignored/CVE-2022-41848 | 15 +++++++++++++++ ignored/CVE-2022-44032 | 16 ++++++++++++++++ ignored/CVE-2022-44033 | 16 ++++++++++++++++ ignored/CVE-2022-45884 | 16 ++++++++++++++++ ignored/CVE-2022-45885 | 16 ++++++++++++++++ ignored/CVE-2022-45886 | 16 ++++++++++++++++ ignored/CVE-2022-45887 | 16 ++++++++++++++++ ignored/CVE-2022-45919 | 15 +++++++++++++++ 8 files changed, 126 insertions(+) create mode 100644 ignored/CVE-2022-41848 create mode 100644 ignored/CVE-2022-44032 create mode 100644 ignored/CVE-2022-44033 create mode 100644 ignored/CVE-2022-45884 create mode 100644 ignored/CVE-2022-45885 create mode 100644 ignored/CVE-2022-45886 create mode 100644 ignored/CVE-2022-45887 create mode 100644 ignored/CVE-2022-45919 (limited to 'ignored') diff --git a/ignored/CVE-2022-41848 b/ignored/CVE-2022-41848 new file mode 100644 index 00000000..ecdb6a6c --- /dev/null +++ b/ignored/CVE-2022-41848 @@ -0,0 +1,15 @@ +Description: char: pcmcia: synclink_cs: Fix use-after-free in mgslpc_ops +References: + https://lore.kernel.org/lkml/20220919040251.GA302541@ubuntu/T/#rc85e751f467b3e6f9ccef92cfa7fb8a6cc50c270 +Notes: + carnil> Negligible security impact, would need physical access to + carnil> "exploit" +Bugs: +upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" diff --git a/ignored/CVE-2022-44032 b/ignored/CVE-2022-44032 new file mode 100644 index 00000000..0a5b4ee8 --- /dev/null +++ b/ignored/CVE-2022-44032 @@ -0,0 +1,16 @@ +Description: char: pcmcia: cm4000_cs: Fix use-after-free in cm4000_fops +References: + https://lore.kernel.org/lkml/20220915020834.GA110086@ubuntu/ + https://lore.kernel.org/lkml/20220919040701.GA302806@ubuntu/ +Notes: + carnil> Negligible security impact, would need physical access to + carnil> "exploit" +Bugs: +upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" diff --git a/ignored/CVE-2022-44033 b/ignored/CVE-2022-44033 new file mode 100644 index 00000000..fd8d99da --- /dev/null +++ b/ignored/CVE-2022-44033 @@ -0,0 +1,16 @@ +Description: char: pcmcia: cm4040_cs: Fix use-after-free in reader_fops +References: + https://lore.kernel.org/lkml/20220915020834.GA110086@ubuntu/ + https://lore.kernel.org/lkml/20220919040457.GA302681@ubuntu/ +Notes: + carnil> Negligible security impact, would need physical access to + carnil> "exploit" +Bugs: +upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" diff --git a/ignored/CVE-2022-45884 b/ignored/CVE-2022-45884 new file mode 100644 index 00000000..ad9d2013 --- /dev/null +++ b/ignored/CVE-2022-45884 @@ -0,0 +1,16 @@ +Description: media: dvb-core: Fix use-after-free due to race condition occurring in dvb_register_device() +References: + https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/ + https://lore.kernel.org/linux-media/20221115131822.6640-4-imv4bel@gmail.com/ +Notes: + carnil> Negligible security impact, would need physical access to + carnil> "exploit" +Bugs: +upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" diff --git a/ignored/CVE-2022-45885 b/ignored/CVE-2022-45885 new file mode 100644 index 00000000..5980995f --- /dev/null +++ b/ignored/CVE-2022-45885 @@ -0,0 +1,16 @@ +Description: media: dvb-core: Fix use-after-free due to race condition occurring in dvb_frontend +References: + https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/ + https://lore.kernel.org/linux-media/20221115131822.6640-2-imv4bel@gmail.com/ +Notes: + carnil> Negligible security impact, would need physical access to + carnil> "exploit" +Bugs: +upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" diff --git a/ignored/CVE-2022-45886 b/ignored/CVE-2022-45886 new file mode 100644 index 00000000..37f3c7c1 --- /dev/null +++ b/ignored/CVE-2022-45886 @@ -0,0 +1,16 @@ +Description: media: dvb-core: Fix use-after-free due to race condition occurring in dvb_net +References: + https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/ + https://lore.kernel.org/linux-media/20221115131822.6640-3-imv4bel@gmail.com/ +Notes: + carnil> Negligible security impact, would need physical access to + carnil> "exploit" +Bugs: +upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" diff --git a/ignored/CVE-2022-45887 b/ignored/CVE-2022-45887 new file mode 100644 index 00000000..d4654892 --- /dev/null +++ b/ignored/CVE-2022-45887 @@ -0,0 +1,16 @@ +Description: media: ttusb-dec: Fix memory leak in ttusb_dec_exit_dvb() +References: + https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/ + https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel@gmail.com/ +Notes: + carnil> Negligible security impact, would need physical access to + carnil> "exploit" +Bugs: +upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" diff --git a/ignored/CVE-2022-45919 b/ignored/CVE-2022-45919 new file mode 100644 index 00000000..1839a7c7 --- /dev/null +++ b/ignored/CVE-2022-45919 @@ -0,0 +1,15 @@ +Description: media: dvb-core: Fix use-after-free due to race condition occurring in dvb_ca_en50221 +References: + https://lore.kernel.org/linux-media/20221121063308.GA33821%40ubuntu/T/#u +Notes: + carnil> Negligible security impact, would need physical access to + carnil> "exploit" +Bugs: +upstream: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-upstream-stable: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +sid: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +6.1-bookworm-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +5.10-bullseye-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" +4.19-buster-security: ignored "non issue, if anyone has physical access to trigger this they can do more harm anyway" -- cgit v1.2.3