From ba1d7184f3244398d0a06e14449578bf40d63662 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 22 Feb 2024 22:28:33 +0100 Subject: Retire some CVEs --- retired/CVE-2023-52447 | 14 ++++++++++++++ retired/CVE-2023-52448 | 14 ++++++++++++++ retired/CVE-2023-52450 | 14 ++++++++++++++ retired/CVE-2024-26587 | 14 ++++++++++++++ retired/CVE-2024-26588 | 14 ++++++++++++++ retired/CVE-2024-26591 | 14 ++++++++++++++ 6 files changed, 84 insertions(+) create mode 100644 retired/CVE-2023-52447 create mode 100644 retired/CVE-2023-52448 create mode 100644 retired/CVE-2023-52450 create mode 100644 retired/CVE-2024-26587 create mode 100644 retired/CVE-2024-26588 create mode 100644 retired/CVE-2024-26591 (limited to 'retired') diff --git a/retired/CVE-2023-52447 b/retired/CVE-2023-52447 new file mode 100644 index 00000000..5adabf05 --- /dev/null +++ b/retired/CVE-2023-52447 @@ -0,0 +1,14 @@ +Description: bpf: Defer the free of inner map when necessary +References: +Notes: + carnil> Introduced with 638e4b825d52 ("bpf: Allows per-cpu maps and map-in- + carnil> map in sleepable programs") 5.12-rc1. +Bugs: +upstream: released (6.8-rc1) [876673364161da50eed6b472d746ef88242b2368] +6.1-upstream-stable: released (6.1.75) [62fca83303d608ad4fec3f7428c8685680bb01b0] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-52448 b/retired/CVE-2023-52448 new file mode 100644 index 00000000..11a67dfe --- /dev/null +++ b/retired/CVE-2023-52448 @@ -0,0 +1,14 @@ +Description: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump +References: +Notes: + carnil> Introduced by 72244b6bc752 ("gfs2: improve debug information + carnil> when lvb mismatches are found") 4.20-rc1. +Bugs: +upstream: released (6.8-rc1) [8877243beafa7c6bfc42022cbfdf9e39b25bd4fa] +6.1-upstream-stable: released (6.1.75) [d69d7804cf9e2ba171a27e5f98bc266f13d0414a] +5.10-upstream-stable: released (5.10.209) [5c28478af371a1c3fdb570ca67f110e1ae60fc37] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: released (5.10.209-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-52450 b/retired/CVE-2023-52450 new file mode 100644 index 00000000..8f1073bc --- /dev/null +++ b/retired/CVE-2023-52450 @@ -0,0 +1,14 @@ +Description: perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() +References: +Notes: + carnil> Introduced by f680b6e6062e ("perf/x86/intel/uncore: Enable UPI + carnil> topology discovery for Icelake Server") in 6.2-rc1. +Bugs: +upstream: released (6.8-rc1) [1692cf434ba13ee212495b5af795b6a07e986ce4] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-26587 b/retired/CVE-2024-26587 new file mode 100644 index 00000000..40601831 --- /dev/null +++ b/retired/CVE-2024-26587 @@ -0,0 +1,14 @@ +Description: net: netdevsim: don't try to destroy PHC on VFs +References: +Notes: + carnil> Fixes b63e78fca889 ("net: netdevsim: use mock PHC driver") + carnil> 6.6-rc1. +Bugs: +upstream: released (6.8-rc1) [ea937f77208323d35ffe2f8d8fc81b00118bfcda] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-26588 b/retired/CVE-2024-26588 new file mode 100644 index 00000000..64e3f7de --- /dev/null +++ b/retired/CVE-2024-26588 @@ -0,0 +1,14 @@ +Description: LoongArch: BPF: Prevent out-of-bounds memory access +References: +Notes: + carnil> Fixes bbfddb904df6f82 ("LoongArch: BPF: Avoid declare variables + carnil> in switch-case") in 6.1-rc3. +Bugs: +upstream: released (6.8-rc1) [36a87385e31c9343af9a4756598e704741250a67] +6.1-upstream-stable: released (6.1.75) [4631c2dd69d928bca396f9f58baeddf85e14ced5] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-26591 b/retired/CVE-2024-26591 new file mode 100644 index 00000000..af39b95a --- /dev/null +++ b/retired/CVE-2024-26591 @@ -0,0 +1,14 @@ +Description: bpf: Fix re-attachment branch in bpf_tracing_prog_attach +References: +Notes: + carnil> Commit fixes f3a95075549e0 ("bpf: Allow trampoline re-attach + carnil> for tracing and lsm programs") in 5.13-rc1 +Bugs: +upstream: released (6.8-rc1) [715d82ba636cb3629a6e18a33bb9dbe53f9936ee] +6.1-upstream-stable: released (6.1.75) [6cc9c0af0aa06f781fa515a1734b1a4239dfd2c0] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" -- cgit v1.2.3