From b548dd7921f0546d3b690664603154a033db4619 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 28 Feb 2024 07:42:23 +0100
Subject: Retire several CVEs

---
 retired/CVE-2020-36777 | 16 ++++++++++++++++
 retired/CVE-2021-46938 | 16 ++++++++++++++++
 retired/CVE-2021-46939 | 19 +++++++++++++++++++
 retired/CVE-2021-46940 | 16 ++++++++++++++++
 retired/CVE-2021-46942 | 16 ++++++++++++++++
 retired/CVE-2021-46943 | 16 ++++++++++++++++
 retired/CVE-2021-46944 | 16 ++++++++++++++++
 retired/CVE-2021-46945 | 16 ++++++++++++++++
 retired/CVE-2021-46946 | 17 +++++++++++++++++
 retired/CVE-2021-46947 | 16 ++++++++++++++++
 retired/CVE-2021-46948 | 16 ++++++++++++++++
 retired/CVE-2021-46949 | 16 ++++++++++++++++
 retired/CVE-2021-46950 | 16 ++++++++++++++++
 retired/CVE-2021-46951 | 16 ++++++++++++++++
 retired/CVE-2021-46952 | 16 ++++++++++++++++
 retired/CVE-2021-46953 | 16 ++++++++++++++++
 retired/CVE-2021-46954 | 16 ++++++++++++++++
 retired/CVE-2021-46955 | 17 +++++++++++++++++
 retired/CVE-2021-46956 | 16 ++++++++++++++++
 retired/CVE-2021-46957 | 16 ++++++++++++++++
 retired/CVE-2021-46958 | 16 ++++++++++++++++
 retired/CVE-2021-46960 | 16 ++++++++++++++++
 retired/CVE-2021-46961 | 17 +++++++++++++++++
 retired/CVE-2021-46962 | 16 ++++++++++++++++
 retired/CVE-2021-46963 | 16 ++++++++++++++++
 retired/CVE-2021-46964 | 16 ++++++++++++++++
 retired/CVE-2021-46965 | 16 ++++++++++++++++
 retired/CVE-2021-46966 | 16 ++++++++++++++++
 retired/CVE-2021-46967 | 16 ++++++++++++++++
 retired/CVE-2021-46968 | 16 ++++++++++++++++
 retired/CVE-2021-46970 | 16 ++++++++++++++++
 retired/CVE-2021-46971 | 16 ++++++++++++++++
 retired/CVE-2021-46974 | 16 ++++++++++++++++
 retired/CVE-2021-46975 | 16 ++++++++++++++++
 34 files changed, 550 insertions(+)
 create mode 100644 retired/CVE-2020-36777
 create mode 100644 retired/CVE-2021-46938
 create mode 100644 retired/CVE-2021-46939
 create mode 100644 retired/CVE-2021-46940
 create mode 100644 retired/CVE-2021-46942
 create mode 100644 retired/CVE-2021-46943
 create mode 100644 retired/CVE-2021-46944
 create mode 100644 retired/CVE-2021-46945
 create mode 100644 retired/CVE-2021-46946
 create mode 100644 retired/CVE-2021-46947
 create mode 100644 retired/CVE-2021-46948
 create mode 100644 retired/CVE-2021-46949
 create mode 100644 retired/CVE-2021-46950
 create mode 100644 retired/CVE-2021-46951
 create mode 100644 retired/CVE-2021-46952
 create mode 100644 retired/CVE-2021-46953
 create mode 100644 retired/CVE-2021-46954
 create mode 100644 retired/CVE-2021-46955
 create mode 100644 retired/CVE-2021-46956
 create mode 100644 retired/CVE-2021-46957
 create mode 100644 retired/CVE-2021-46958
 create mode 100644 retired/CVE-2021-46960
 create mode 100644 retired/CVE-2021-46961
 create mode 100644 retired/CVE-2021-46962
 create mode 100644 retired/CVE-2021-46963
 create mode 100644 retired/CVE-2021-46964
 create mode 100644 retired/CVE-2021-46965
 create mode 100644 retired/CVE-2021-46966
 create mode 100644 retired/CVE-2021-46967
 create mode 100644 retired/CVE-2021-46968
 create mode 100644 retired/CVE-2021-46970
 create mode 100644 retired/CVE-2021-46971
 create mode 100644 retired/CVE-2021-46974
 create mode 100644 retired/CVE-2021-46975

(limited to 'retired')

diff --git a/retired/CVE-2020-36777 b/retired/CVE-2020-36777
new file mode 100644
index 00000000..c79eb4b6
--- /dev/null
+++ b/retired/CVE-2020-36777
@@ -0,0 +1,16 @@
+Description: media: dvbdev: Fix memory leak in dvb_media_device_free()
+References:
+Notes:
+ carnil> Introduced in 0230d60e4661 ("[media] dvbdev: Add RF connector if needed").
+ carnil> Vulnerable versions: 4.5-rc1.
+Bugs:
+upstream: released (5.13-rc1) [bf9a40ae8d722f281a2721779595d6df1c33a0bf]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [43263fd43083e412311fa764cd04a727b0c6a749]
+4.19-upstream-stable: released (4.19.191) [cd89f79be5d553c78202f686e8e4caa5fbe94e98]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46938 b/retired/CVE-2021-46938
new file mode 100644
index 00000000..a76546e8
--- /dev/null
+++ b/retired/CVE-2021-46938
@@ -0,0 +1,16 @@
+Description: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails
+References:
+Notes:
+ carnil> Introduced in 1c357a1e86a4 ("dm: allocate blk_mq_tag_set rather than embed in
+ carnil> mapped_device"). Vulnerable versions: 4.6-rc1.
+Bugs:
+upstream: released (5.13-rc1) [8e947c8f4a5620df77e43c9c75310dc510250166]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [1cb02dc76f4c0a2749a02b26469512d6984252e9]
+4.19-upstream-stable: released (4.19.191) [772b9f59657665af3b68d24d12b9d172d31f0dfb]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46939 b/retired/CVE-2021-46939
new file mode 100644
index 00000000..587433fc
--- /dev/null
+++ b/retired/CVE-2021-46939
@@ -0,0 +1,19 @@
+Description: tracing: Restructure trace_clock_global() to never block
+References:
+Notes:
+ carnil> Introduced in b02414c8f045 ("ring-buffer: Fix recursion protection transitions
+ carnil> between interrupt context") # started showing the problem
+ carnil> 14131f2f98ac3 ("tracing: implement trace_clock_*() APIs") # where the bug
+ carnil> happened. Vulnerable versions: 2.6.30-rc1 4.4.244 4.9.244 4.14.207 4.19.156
+ carnil> 5.4.76 5.9.7 5.10-rc3.
+Bugs:
+upstream: released (5.13-rc1) [aafe104aa9096827a429bc1358f8260ee565b7cc]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [a33614d52e97fc8077eb0b292189ca7d964cc534]
+4.19-upstream-stable: released (4.19.191) [d43d56dbf452ccecc1ec735cd4b6840118005d7c]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46940 b/retired/CVE-2021-46940
new file mode 100644
index 00000000..fb368f55
--- /dev/null
+++ b/retired/CVE-2021-46940
@@ -0,0 +1,16 @@
+Description: tools/power turbostat: Fix offset overflow issue in index converting
+References:
+Notes:
+ carnil> Introduced in 9972d5d84d76 ("tools/power turbostat: Enable accumulate RAPL
+ carnil> display"). Vulnerable versions: 5.10-rc4.
+Bugs:
+upstream: released (5.13-rc1) [13a779de4175df602366d129e41782ad7168cef0]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [ea6803ff2cd1a2d7d880256bf562172b708a76ff]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46942 b/retired/CVE-2021-46942
new file mode 100644
index 00000000..abc4b8d4
--- /dev/null
+++ b/retired/CVE-2021-46942
@@ -0,0 +1,16 @@
+Description: io_uring: fix shared sqpoll cancellation hangs
+References:
+Notes:
+ carnil> Introduced in 37d1e2e3642e2 ("io_uring: move SQPOLL thread io-wq forked
+ carnil> worker"). Vulnerable versions: 5.12-rc1.
+Bugs:
+upstream: released (5.13-rc1) [734551df6f9bedfbefcd113ede665945e9de0b99]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46943 b/retired/CVE-2021-46943
new file mode 100644
index 00000000..05682f25
--- /dev/null
+++ b/retired/CVE-2021-46943
@@ -0,0 +1,16 @@
+Description: media: staging/intel-ipu3: Fix set_fmt error handling
+References:
+Notes:
+ carnil> Introduced in 6d5f26f2e045 ("media: staging/intel-ipu3-v4l: reduce kernel stack
+ carnil> usage"). Vulnerable versions: 5.2-rc1.
+Bugs:
+upstream: released (5.13-rc1) [ad91849996f9dd79741a961fd03585a683b08356]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [c6b81b897f6f9445d57f8d47c4e060ec21556137]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46944 b/retired/CVE-2021-46944
new file mode 100644
index 00000000..68c16382
--- /dev/null
+++ b/retired/CVE-2021-46944
@@ -0,0 +1,16 @@
+Description: media: staging/intel-ipu3: Fix memory leak in imu_fmt
+References:
+Notes:
+ carnil> Introduced in 6d5f26f2e045 ("media: staging/intel-ipu3-v4l: reduce kernel stack
+ carnil> usage"). Vulnerable versions: 5.2-rc1.
+Bugs:
+upstream: released (5.13-rc1) [3630901933afba1d16c462b04d569b7576339223]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [517f6f570566a863c2422b843c8b7d099474f6a9]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46945 b/retired/CVE-2021-46945
new file mode 100644
index 00000000..40e220f2
--- /dev/null
+++ b/retired/CVE-2021-46945
@@ -0,0 +1,16 @@
+Description: ext4: always panic when errors=panic is specified
+References:
+Notes:
+ carnil> Introduced in 014c9caa29d3 ("ext4: make ext4_abort() use __ext4_error()").
+ carnil> Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.13-rc1) [ac2f7ca51b0929461ea49918f27c11b680f28995]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46946 b/retired/CVE-2021-46946
new file mode 100644
index 00000000..fb247303
--- /dev/null
+++ b/retired/CVE-2021-46946
@@ -0,0 +1,17 @@
+Description: ext4: fix check to prevent false positive report of incorrect used inodes
+References:
+Notes:
+ carnil> Introduced in 50122847007 ("ext4: fix check to prevent initializing reserved
+ carnil> inodes"). Vulnerable versions: 3.16.58 3.18.124 4.4.148 4.9.120 4.14.60 4.17.12
+ carnil> 4.18-rc7.
+Bugs:
+upstream: released (5.13-rc1) [a149d2a5cabbf6507a7832a1c4fd2593c55fd450]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [098b257563b959f4ca6c1d82fde0ee727792cb19]
+4.19-upstream-stable: released (4.19.191) [7687f5aba0f50c7ff8040e506bae184e59c8e7b8]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46947 b/retired/CVE-2021-46947
new file mode 100644
index 00000000..172b8859
--- /dev/null
+++ b/retired/CVE-2021-46947
@@ -0,0 +1,16 @@
+Description: sfc: adjust efx->xdp_tx_queue_count with the real number of initialized queues
+References:
+Notes:
+ carnil> Introduced in e26ca4b53582 ("sfc: reduce the number of requested xdp ev
+ carnil> queues"). Vulnerable versions: 5.12-rc1.
+Bugs:
+upstream: released (5.13-rc1) [99ba0ea616aabdc8e26259fd722503e012199a76]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46948 b/retired/CVE-2021-46948
new file mode 100644
index 00000000..0e487f70
--- /dev/null
+++ b/retired/CVE-2021-46948
@@ -0,0 +1,16 @@
+Description: sfc: farch: fix TX queue lookup in TX event handling
+References:
+Notes:
+ carnil> Introduced in 12804793b17c ("sfc: decouple TXQ type from label"). Vulnerable
+ carnil> versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [83b09a1807415608b387c7bc748d329fefc5617e]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [bf2b941d0a6f2d3b9f5fa3c4c21bdd54f71ce253]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46949 b/retired/CVE-2021-46949
new file mode 100644
index 00000000..2c3d3078
--- /dev/null
+++ b/retired/CVE-2021-46949
@@ -0,0 +1,16 @@
+Description: sfc: farch: fix TX queue lookup in TX flush done handling
+References:
+Notes:
+ carnil> Introduced in 12804793b17c ("sfc: decouple TXQ type from label"). Vulnerable
+ carnil> versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [5b1faa92289b53cad654123ed2bc8e10f6ddd4ac]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [fb791572d6747ef385f628450f8d57cd132e6e5a]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46950 b/retired/CVE-2021-46950
new file mode 100644
index 00000000..c4334272
--- /dev/null
+++ b/retired/CVE-2021-46950
@@ -0,0 +1,16 @@
+Description: md/raid1: properly indicate failure when ending a failed write request
+References:
+Notes:
+ carnil> Introduced in eeba6809d8d5 ("md/raid1: end bio when the device faulty").
+ carnil> Vulnerable versions: 4.14.147 4.19.77 5.2.19 5.3.4 5.4-rc1.
+Bugs:
+upstream: released (5.13-rc1) [2417b9869b81882ab90fd5ed1081a1cb2d4db1dd]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [661061a45e32d8b2cc0e306da9f169ad44011382]
+4.19-upstream-stable: released (4.19.191) [a6e17cab00fc5bf85472434c52ac751426257c6f]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46951 b/retired/CVE-2021-46951
new file mode 100644
index 00000000..5ddb03d0
--- /dev/null
+++ b/retired/CVE-2021-46951
@@ -0,0 +1,16 @@
+Description: tpm: efi: Use local variable for calculating final log size
+References:
+Notes:
+ carnil> Introduced in 166a2809d65b ("tpm: Don't duplicate events from the final event
+ carnil> log in the TCG2 log"). Vulnerable versions: 5.3-rc1.
+Bugs:
+upstream: released (5.13-rc1) [48cff270b037022e37835d93361646205ca25101]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [60a01ecc9f68067e4314a0b55148e39e5d58a51b]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46952 b/retired/CVE-2021-46952
new file mode 100644
index 00000000..2b4319db
--- /dev/null
+++ b/retired/CVE-2021-46952
@@ -0,0 +1,16 @@
+Description: NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds
+References:
+Notes:
+ carnil> Introduced in 9954bf92c0cd ("NFS: Move mount parameterisation bits into their
+ carnil> own file"). Vulnerable versions: 5.6-rc1.
+Bugs:
+upstream: released (5.13-rc1) [c09f11ef35955785f92369e25819bf0629df2e59]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [96fa26b74cdcf9f5c98996bf36bec9fb5b19ffe2]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46953 b/retired/CVE-2021-46953
new file mode 100644
index 00000000..8c41e6de
--- /dev/null
+++ b/retired/CVE-2021-46953
@@ -0,0 +1,16 @@
+Description: ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure
+References:
+Notes:
+ carnil> Introduced in ca9ae5ec4ef0 ("acpi/arm64: Add SBSA Generic Watchdog support in
+ carnil> GTDT driver"). Vulnerable versions: 4.12-rc1.
+Bugs:
+upstream: released (5.13-rc1) [1ecd5b129252249b9bc03d7645a7bda512747277]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [e0f2d86481eaa83df33b0793f75212919db7a19d]
+4.19-upstream-stable: released (4.19.191) [7b2162db1498c71962a4bb2f776fa4e76d4d305b]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46954 b/retired/CVE-2021-46954
new file mode 100644
index 00000000..a7731117
--- /dev/null
+++ b/retired/CVE-2021-46954
@@ -0,0 +1,16 @@
+Description: net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets
+References:
+Notes:
+ carnil> Introduced in c129412f74e9 ("net/sched: sch_frag: add generic packet fragment
+ carnil> support."). Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.13-rc1) [31fe34a0118e0acc958c802e830ad5d37ef6b1d3]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46955 b/retired/CVE-2021-46955
new file mode 100644
index 00000000..4ab2a104
--- /dev/null
+++ b/retired/CVE-2021-46955
@@ -0,0 +1,17 @@
+Description: openvswitch: fix stack OOB read while fragmenting IPv4 packets
+References:
+Notes:
+ carnil> Introduced in d52e5a7e7ca4 ("ipv4: lock mtu in fnhe when received PMTU <
+ carnil> net.ipv4.route.min_pmt"). Vulnerable versions: 3.16.57 4.4.134 4.9.104 4.14.45
+ carnil> 4.16-rc7.
+Bugs:
+upstream: released (5.13-rc1) [7c0ea5930c1c211931819d83cfb157bff1539a4c]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [a1478374b0bda89b4277a8afd39208271faad4be]
+4.19-upstream-stable: released (4.19.191) [df9e900de24637be41879e2c50afb713ec4e8b2e]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46956 b/retired/CVE-2021-46956
new file mode 100644
index 00000000..02cd88f7
--- /dev/null
+++ b/retired/CVE-2021-46956
@@ -0,0 +1,16 @@
+Description: virtiofs: fix memory leak in virtio_fs_probe()
+References:
+Notes:
+ carnil> Introduced in a62a8ef9d97d ("virtio-fs: add virtiofs filesystem"). Vulnerable
+ carnil> versions: 5.4-rc1.
+Bugs:
+upstream: released (5.13-rc1) [c79c5e0178922a9e092ec8fed026750f39dcaef4]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [d19555ff225d0896a33246a49279e6d578095f15]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46957 b/retired/CVE-2021-46957
new file mode 100644
index 00000000..468ff7b4
--- /dev/null
+++ b/retired/CVE-2021-46957
@@ -0,0 +1,16 @@
+Description: riscv/kprobe: fix kernel panic when invoking sys_read traced by kprobe
+References:
+Notes:
+ carnil> Introduced in c22b0bcb1dd02 ("riscv: Add kprobes supported"). Vulnerable
+ carnil> versions: 5.12-rc1.
+Bugs:
+upstream: released (5.13-rc1) [b1ebaa0e1318494a7637099a26add50509e37964]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46958 b/retired/CVE-2021-46958
new file mode 100644
index 00000000..4cec7d4c
--- /dev/null
+++ b/retired/CVE-2021-46958
@@ -0,0 +1,16 @@
+Description: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free
+References:
+Notes:
+ carnil> Introduced in ef67963dac255b ("btrfs: drop logs when we've aborted a
+ carnil> transaction"). Vulnerable versions: 5.7-rc4.
+Bugs:
+upstream: released (5.13-rc1) [061dde8245356d8864d29e25207aa4daa0be4d3c]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [a4794be7b00b7eda4b45fffd283ab7d76df7e5d6]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46960 b/retired/CVE-2021-46960
new file mode 100644
index 00000000..bbe34c98
--- /dev/null
+++ b/retired/CVE-2021-46960
@@ -0,0 +1,16 @@
+Description: cifs: Return correct error code from smb2_get_enc_key
+References:
+Notes:
+ carnil> Introduced in 61cfac6f267d ("CIFS: Fix possible use after free in demultiplex
+ carnil> thread"). Vulnerable versions: 4.11-rc1.
+Bugs:
+upstream: released (5.13-rc1) [83728cbf366e334301091d5b808add468ab46b27]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [aaa0faa5c28a91c362352d6b35dc3ed10df56fb0]
+4.19-upstream-stable: released (4.19.191) [e486f8397f3f14a7cadc166138141fdb14379a54]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46961 b/retired/CVE-2021-46961
new file mode 100644
index 00000000..ca16f572
--- /dev/null
+++ b/retired/CVE-2021-46961
@@ -0,0 +1,17 @@
+Description: irqchip/gic-v3: Do not enable irqs when handling spurious interrups
+References:
+Notes:
+ carnil> Introduced in 3f1f3234bc2d ("irqchip/gic-v3: Switch to PMR masking before
+ carnil> calling IRQ handler")
+ carnil> Vulnerable versions: 5.1-rc1.
+Bugs:
+upstream: released (5.13-rc1) [a97709f563a078e259bf0861cd259aa60332890a]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [7be4db5c2b59fa77071c93ca4329876fb9777202]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46962 b/retired/CVE-2021-46962
new file mode 100644
index 00000000..959131a2
--- /dev/null
+++ b/retired/CVE-2021-46962
@@ -0,0 +1,16 @@
+Description: mmc: uniphier-sd: Fix a resource leak in the remove function
+References:
+Notes:
+ carnil> Introduced in 3fd784f745dd ("mmc: uniphier-sd: add UniPhier SD/eMMC controller
+ carnil> driver"). Vulnerable versions: 4.20-rc1.
+Bugs:
+upstream: released (5.13-rc1) [e29c84857e2d51aa017ce04284b962742fb97d9e]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [25ac6ce65f1ab458982d15ec1caf441acd37106a]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46963 b/retired/CVE-2021-46963
new file mode 100644
index 00000000..d3a50a0b
--- /dev/null
+++ b/retired/CVE-2021-46963
@@ -0,0 +1,16 @@
+Description: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
+References:
+Notes:
+ carnil> Introduced in af2a0c51b120 ("scsi: qla2xxx: Fix SRB leak on switch command
+ carnil> timeout"). Vulnerable versions: 4.19.90 5.3.17 5.4.4 5.5-rc1.
+Bugs:
+upstream: released (5.13-rc1) [6641df81ab799f28a5d564f860233dd26cca0d93]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [702cdaa2c6283c135ef16d52e0e4e3c1005aa538]
+4.19-upstream-stable: released (4.19.191) [c5ab9b67d8b061de74e2ca51bf787ee599bd7f89]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46964 b/retired/CVE-2021-46964
new file mode 100644
index 00000000..a44dddbe
--- /dev/null
+++ b/retired/CVE-2021-46964
@@ -0,0 +1,16 @@
+Description: scsi: qla2xxx: Reserve extra IRQ vectors
+References:
+Notes:
+ carnil> Introduced in a6dcfe08487e ("scsi: qla2xxx: Limit interrupt vectors to number
+ carnil> of CPUs"). Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.13-rc1) [f02d4086a8f36a0e1aaebf559b54cf24a177a486]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46965 b/retired/CVE-2021-46965
new file mode 100644
index 00000000..7e7954cc
--- /dev/null
+++ b/retired/CVE-2021-46965
@@ -0,0 +1,16 @@
+Description: mtd: physmap: physmap-bt1-rom: Fix unintentional stack access
+References:
+Notes:
+ carnil> Introduced in b3e79e7682e0 ("mtd: physmap: Add Baikal-T1 physically mapped ROM
+ carnil> support"). Vulnerable versions: 5.10-rc1.
+Bugs:
+upstream: released (5.13-rc1) [683313993dbe1651c7aa00bb42a041d70e914925]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [34ec706bf0b7c4ca249a729c1bcb91f706c7a7be]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46966 b/retired/CVE-2021-46966
new file mode 100644
index 00000000..45f0aa8c
--- /dev/null
+++ b/retired/CVE-2021-46966
@@ -0,0 +1,16 @@
+Description: ACPI: custom_method: fix potential use-after-free issue
+References:
+Notes:
+ carnil> Introduced in 03d1571d9513 ("ACPI: custom_method: fix memory leaks").
+ carnil> Vulnerable versions: 4.4.195 4.9.195 4.14.147 4.19.77 5.2.19 5.3.4 5.4-rc1.
+Bugs:
+upstream: released (5.13-rc1) [e483bb9a991bdae29a0caa4b3a6d002c968f94aa]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [62dc2440ebb552aa0d7f635e1697e077d9d21203]
+4.19-upstream-stable: released (4.19.191) [a5b26a2e362f572d87e9fd35435680e557052a17]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46967 b/retired/CVE-2021-46967
new file mode 100644
index 00000000..850fecfd
--- /dev/null
+++ b/retired/CVE-2021-46967
@@ -0,0 +1,16 @@
+Description: vhost-vdpa: fix vm_flags for virtqueue doorbell mapping
+References:
+Notes:
+ carnil> Introduced in ddd89d0a059d ("vhost_vdpa: support doorbell mapping via mmap").
+ carnil> Vulnerable versions: 5.8-rc1.
+Bugs:
+upstream: released (5.13-rc1) [3a3e0fad16d40a2aa68ddf7eea4acdf48b22dd44]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [3b8b6399666a29daa30b0bb3f5c9e3fc81c5a6a6]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46968 b/retired/CVE-2021-46968
new file mode 100644
index 00000000..d63e1827
--- /dev/null
+++ b/retired/CVE-2021-46968
@@ -0,0 +1,16 @@
+Description: s390/zcrypt: fix zcard and zqueue hot-unplug memleak
+References:
+Notes:
+ carnil> Introduced in 29c2680fd2bf ("s390/ap: fix ap devices reference counting").
+ carnil> Vulnerable versions: 5.10-rc3.
+Bugs:
+upstream: released (5.13-rc1) [70fac8088cfad9f3b379c9082832b4d7532c16c2]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [026499a9c2e002e621ad568d1378324ae97e5524]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46970 b/retired/CVE-2021-46970
new file mode 100644
index 00000000..e92506e4
--- /dev/null
+++ b/retired/CVE-2021-46970
@@ -0,0 +1,16 @@
+Description: bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state workqueue
+References:
+Notes:
+ carnil> Introduced in 8f7039787687 ("bus: mhi: core: Move to using high priority
+ carnil> workqueue"). Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.13-rc1) [0fccbf0a3b690b162f53b13ed8bc442ea33437dc]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46971 b/retired/CVE-2021-46971
new file mode 100644
index 00000000..e1746950
--- /dev/null
+++ b/retired/CVE-2021-46971
@@ -0,0 +1,16 @@
+Description: perf/core: Fix unconditional security_locked_down() call
+References:
+Notes:
+ carnil> Introduced in b0c8fdc7fdb7 ("lockdown: Lock down perf when in confidentiality
+ carnil> mode"). Vulnerable versions: 5.4-rc1.
+Bugs:
+upstream: released (5.13-rc1) [08ef1af4de5fe7de9c6d69f1e22e51b66e385d9b]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.35) [4348d3b5027bc3ff6336368b6c60605d4ef8e1ce]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2021-46974 b/retired/CVE-2021-46974
new file mode 100644
index 00000000..e48d9f75
--- /dev/null
+++ b/retired/CVE-2021-46974
@@ -0,0 +1,16 @@
+Description: bpf: Fix masking negation logic upon negative dst register
+References:
+Notes:
+ carnil> Introduced in 979d63d50c0c ("bpf: prevent out of bounds speculation on pointer
+ carnil> arithmetic"). Vulnerable versions: 4.14.113 4.19.19 4.20.6 5.0-rc1.
+Bugs:
+upstream: released (5.13-rc1) [b9b34ddbe2076ade359cd5ce7537d5ed019e9807]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.35) [2cfa537674cd1051a3b8111536d77d0558f33d5d]
+4.19-upstream-stable: released (4.19.190) [0e2dfdc74a7f4036127356d42ea59388f153f42c]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
diff --git a/retired/CVE-2021-46975 b/retired/CVE-2021-46975
new file mode 100644
index 00000000..a7416215
--- /dev/null
+++ b/retired/CVE-2021-46975
@@ -0,0 +1,16 @@
+Description: netfilter: conntrack: Make global sysctls readonly in non-init netns
+References:
+Notes:
+ carnil> Introduced in d0febd81ae77 ("netfilter: conntrack: re-visit sysctls in
+ carnil> unprivileged namespaces"). Vulnerable versions: 5.7-rc1.
+Bugs:
+upstream: released (5.13-rc1) [2671fa4dc0109d3fb581bc3078fdf17b5d9080f6]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.35) [d3598eb3915cc0c0d8cab42f4a6258ff44c4033e]
+4.19-upstream-stable: released (4.19.191) [9b288479f7a901a14ce703938596438559d7df55]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3