From c289ed05ac639a3e8c9efc1122633dd94123af99 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 29 Feb 2024 07:55:53 +0100 Subject: Retire CVEs --- retired/CVE-2020-36778 | 16 ++++++++++++++++ retired/CVE-2020-36779 | 16 ++++++++++++++++ retired/CVE-2020-36781 | 16 ++++++++++++++++ retired/CVE-2020-36785 | 16 ++++++++++++++++ retired/CVE-2020-36786 | 16 ++++++++++++++++ retired/CVE-2020-36787 | 17 +++++++++++++++++ retired/CVE-2021-46976 | 16 ++++++++++++++++ retired/CVE-2021-46977 | 16 ++++++++++++++++ retired/CVE-2021-46978 | 16 ++++++++++++++++ retired/CVE-2021-46979 | 16 ++++++++++++++++ retired/CVE-2021-46980 | 18 ++++++++++++++++++ retired/CVE-2021-46982 | 16 ++++++++++++++++ retired/CVE-2021-46983 | 16 ++++++++++++++++ retired/CVE-2021-46985 | 16 ++++++++++++++++ retired/CVE-2021-46986 | 16 ++++++++++++++++ retired/CVE-2021-46988 | 16 ++++++++++++++++ retired/CVE-2021-46989 | 16 ++++++++++++++++ retired/CVE-2021-46990 | 16 ++++++++++++++++ retired/CVE-2021-46991 | 16 ++++++++++++++++ retired/CVE-2021-46992 | 16 ++++++++++++++++ retired/CVE-2021-46993 | 16 ++++++++++++++++ retired/CVE-2021-46994 | 16 ++++++++++++++++ retired/CVE-2021-46995 | 16 ++++++++++++++++ retired/CVE-2021-46996 | 16 ++++++++++++++++ retired/CVE-2021-46997 | 20 ++++++++++++++++++++ retired/CVE-2021-46998 | 16 ++++++++++++++++ retired/CVE-2021-46999 | 16 ++++++++++++++++ retired/CVE-2021-47000 | 16 ++++++++++++++++ retired/CVE-2021-47001 | 16 ++++++++++++++++ retired/CVE-2021-47002 | 16 ++++++++++++++++ retired/CVE-2021-47003 | 16 ++++++++++++++++ retired/CVE-2021-47004 | 17 +++++++++++++++++ retired/CVE-2021-47005 | 16 ++++++++++++++++ retired/CVE-2021-47006 | 16 ++++++++++++++++ retired/CVE-2021-47007 | 16 ++++++++++++++++ retired/CVE-2021-47008 | 18 ++++++++++++++++++ retired/CVE-2021-47009 | 16 ++++++++++++++++ retired/CVE-2021-47010 | 16 ++++++++++++++++ retired/CVE-2021-47011 | 16 ++++++++++++++++ retired/CVE-2021-47012 | 16 ++++++++++++++++ retired/CVE-2021-47013 | 16 ++++++++++++++++ retired/CVE-2021-47017 | 16 ++++++++++++++++ retired/CVE-2021-47018 | 16 ++++++++++++++++ retired/CVE-2021-47019 | 16 ++++++++++++++++ retired/CVE-2021-47021 | 16 ++++++++++++++++ retired/CVE-2021-47022 | 16 ++++++++++++++++ retired/CVE-2021-47023 | 16 ++++++++++++++++ retired/CVE-2021-47025 | 16 ++++++++++++++++ retired/CVE-2021-47026 | 16 ++++++++++++++++ retired/CVE-2021-47027 | 16 ++++++++++++++++ retired/CVE-2021-47029 | 16 ++++++++++++++++ retired/CVE-2021-47030 | 16 ++++++++++++++++ retired/CVE-2021-47031 | 16 ++++++++++++++++ retired/CVE-2021-47032 | 16 ++++++++++++++++ retired/CVE-2021-47033 | 16 ++++++++++++++++ retired/CVE-2021-47034 | 16 ++++++++++++++++ retired/CVE-2021-47035 | 16 ++++++++++++++++ retired/CVE-2021-47038 | 16 ++++++++++++++++ retired/CVE-2021-47039 | 16 ++++++++++++++++ retired/CVE-2021-47040 | 16 ++++++++++++++++ retired/CVE-2021-47041 | 16 ++++++++++++++++ retired/CVE-2021-47042 | 16 ++++++++++++++++ retired/CVE-2021-47043 | 16 ++++++++++++++++ retired/CVE-2021-47044 | 16 ++++++++++++++++ retired/CVE-2021-47045 | 16 ++++++++++++++++ retired/CVE-2021-47046 | 16 ++++++++++++++++ retired/CVE-2021-47047 | 16 ++++++++++++++++ retired/CVE-2021-47048 | 16 ++++++++++++++++ retired/CVE-2021-47050 | 16 ++++++++++++++++ retired/CVE-2021-47051 | 16 ++++++++++++++++ retired/CVE-2021-47052 | 16 ++++++++++++++++ retired/CVE-2021-47053 | 16 ++++++++++++++++ retired/CVE-2023-52475 | 15 +++++++++++++++ retired/CVE-2023-52477 | 15 +++++++++++++++ retired/CVE-2023-52478 | 15 +++++++++++++++ retired/CVE-2023-52483 | 16 ++++++++++++++++ 76 files changed, 1223 insertions(+) create mode 100644 retired/CVE-2020-36778 create mode 100644 retired/CVE-2020-36779 create mode 100644 retired/CVE-2020-36781 create mode 100644 retired/CVE-2020-36785 create mode 100644 retired/CVE-2020-36786 create mode 100644 retired/CVE-2020-36787 create mode 100644 retired/CVE-2021-46976 create mode 100644 retired/CVE-2021-46977 create mode 100644 retired/CVE-2021-46978 create mode 100644 retired/CVE-2021-46979 create mode 100644 retired/CVE-2021-46980 create mode 100644 retired/CVE-2021-46982 create mode 100644 retired/CVE-2021-46983 create mode 100644 retired/CVE-2021-46985 create mode 100644 retired/CVE-2021-46986 create mode 100644 retired/CVE-2021-46988 create mode 100644 retired/CVE-2021-46989 create mode 100644 retired/CVE-2021-46990 create mode 100644 retired/CVE-2021-46991 create mode 100644 retired/CVE-2021-46992 create mode 100644 retired/CVE-2021-46993 create mode 100644 retired/CVE-2021-46994 create mode 100644 retired/CVE-2021-46995 create mode 100644 retired/CVE-2021-46996 create mode 100644 retired/CVE-2021-46997 create mode 100644 retired/CVE-2021-46998 create mode 100644 retired/CVE-2021-46999 create mode 100644 retired/CVE-2021-47000 create mode 100644 retired/CVE-2021-47001 create mode 100644 retired/CVE-2021-47002 create mode 100644 retired/CVE-2021-47003 create mode 100644 retired/CVE-2021-47004 create mode 100644 retired/CVE-2021-47005 create mode 100644 retired/CVE-2021-47006 create mode 100644 retired/CVE-2021-47007 create mode 100644 retired/CVE-2021-47008 create mode 100644 retired/CVE-2021-47009 create mode 100644 retired/CVE-2021-47010 create mode 100644 retired/CVE-2021-47011 create mode 100644 retired/CVE-2021-47012 create mode 100644 retired/CVE-2021-47013 create mode 100644 retired/CVE-2021-47017 create mode 100644 retired/CVE-2021-47018 create mode 100644 retired/CVE-2021-47019 create mode 100644 retired/CVE-2021-47021 create mode 100644 retired/CVE-2021-47022 create mode 100644 retired/CVE-2021-47023 create mode 100644 retired/CVE-2021-47025 create mode 100644 retired/CVE-2021-47026 create mode 100644 retired/CVE-2021-47027 create mode 100644 retired/CVE-2021-47029 create mode 100644 retired/CVE-2021-47030 create mode 100644 retired/CVE-2021-47031 create mode 100644 retired/CVE-2021-47032 create mode 100644 retired/CVE-2021-47033 create mode 100644 retired/CVE-2021-47034 create mode 100644 retired/CVE-2021-47035 create mode 100644 retired/CVE-2021-47038 create mode 100644 retired/CVE-2021-47039 create mode 100644 retired/CVE-2021-47040 create mode 100644 retired/CVE-2021-47041 create mode 100644 retired/CVE-2021-47042 create mode 100644 retired/CVE-2021-47043 create mode 100644 retired/CVE-2021-47044 create mode 100644 retired/CVE-2021-47045 create mode 100644 retired/CVE-2021-47046 create mode 100644 retired/CVE-2021-47047 create mode 100644 retired/CVE-2021-47048 create mode 100644 retired/CVE-2021-47050 create mode 100644 retired/CVE-2021-47051 create mode 100644 retired/CVE-2021-47052 create mode 100644 retired/CVE-2021-47053 create mode 100644 retired/CVE-2023-52475 create mode 100644 retired/CVE-2023-52477 create mode 100644 retired/CVE-2023-52478 create mode 100644 retired/CVE-2023-52483 (limited to 'retired') diff --git a/retired/CVE-2020-36778 b/retired/CVE-2020-36778 new file mode 100644 index 00000000..0e99f9e4 --- /dev/null +++ b/retired/CVE-2020-36778 @@ -0,0 +1,16 @@ +Description: i2c: xiic: fix reference leak when pm_runtime_get_sync fails +References: +Notes: + carnil> Introduced in 10b17004a74c ("i2c: xiic: Fix the clocking across bind unbind"). + carnil> Vulnerable versions: 5.6-rc1. +Bugs: +upstream: released (5.13-rc1) [a85c5c7a3aa8041777ff691400b4046e56149fd3] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [c977426db644ba476938125597947979e8aba725] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2020-36779 b/retired/CVE-2020-36779 new file mode 100644 index 00000000..16719022 --- /dev/null +++ b/retired/CVE-2020-36779 @@ -0,0 +1,16 @@ +Description: i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails +References: +Notes: + carnil> Introduced in ea6dd25deeb5 ("i2c: stm32f7: add PM_SLEEP suspend/resume + carnil> support"). Vulnerable versions: 5.6-rc1. +Bugs: +upstream: released (5.13-rc1) [2c662660ce2bd3b09dae21a9a9ac9395e1e6c00b] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [c323b270a52a26aa8038a4d1fd9a850904a41166] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2020-36781 b/retired/CVE-2020-36781 new file mode 100644 index 00000000..5c48c726 --- /dev/null +++ b/retired/CVE-2020-36781 @@ -0,0 +1,16 @@ +Description: i2c: imx: fix reference leak when pm_runtime_get_sync fails +References: +Notes: + carnil> Introduced in 3a5ee18d2a32 ("i2c: imx: implement master_xfer_atomic callback"). + carnil> Vulnerable versions: 5.7-rc1. +Bugs: +upstream: released (5.13-rc1) [47ff617217ca6a13194fcb35c6c3a0c57c080693] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [3a0cdd336d92c429b51a79bf4f64b17eafa0325d] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2020-36785 b/retired/CVE-2020-36785 new file mode 100644 index 00000000..3bb8ca11 --- /dev/null +++ b/retired/CVE-2020-36785 @@ -0,0 +1,16 @@ +Description: media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs() +References: +Notes: + carnil> Introduced in ad85094b293e ("Revert "media: staging: atomisp: Remove driver""). + carnil> Vulnerable versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc1) [ba11bbf303fafb33989e95473e409f6ab412b18d] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [d218c7a0284f6b92a7b82d2e19706e18663b4193] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2020-36786 b/retired/CVE-2020-36786 new file mode 100644 index 00000000..564dae55 --- /dev/null +++ b/retired/CVE-2020-36786 @@ -0,0 +1,16 @@ +Description: media: [next] staging: media: atomisp: fix memory leak of object flash +References: +Notes: + carnil> Introduced in 9289cdf39992 ("staging: media: atomisp: Convert to GPIO + carnil> descriptors"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [6045b01dd0e3cd3759eafe7f290ed04c957500b1] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [cc4cc2fb5aaf9adb83c02211eb13b16cfcb7ba64] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2020-36787 b/retired/CVE-2020-36787 new file mode 100644 index 00000000..f5e61012 --- /dev/null +++ b/retired/CVE-2020-36787 @@ -0,0 +1,17 @@ +Description: media: aspeed: fix clock handling logic +References: +Notes: + carnil> Introduced in d2b4387f3bdf ("media: platform: Add Aspeed Video Engine driver") + carnil> d3d04f6c330a ("clk: Add support for AST2600 SoC"). Vulnerable versions: 5.0-rc1 + carnil> 5.4-rc1. +Bugs: +upstream: released (5.13-rc1) [3536169f8531c2c5b153921dc7d1ac9fd570cda7] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [a59d01384c80a8a4392665802df57c3df20055f5] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46976 b/retired/CVE-2021-46976 new file mode 100644 index 00000000..f13b1b8b --- /dev/null +++ b/retired/CVE-2021-46976 @@ -0,0 +1,16 @@ +Description: drm/i915: Fix crash in auto_retire +References: +Notes: + carnil> Introduced in 229007e02d69 ("drm/i915: Wrap i915_active in a simple kreffed + carnil> struct"). Vulnerable versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc2) [402be8a101190969fc7ff122d07e262df86e132b] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [805c990a9c54b9451d3daff640b850909c31ab9d] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46977 b/retired/CVE-2021-46977 new file mode 100644 index 00000000..a225085c --- /dev/null +++ b/retired/CVE-2021-46977 @@ -0,0 +1,16 @@ +Description: KVM: VMX: Disable preemption when probing user return MSRs +References: +Notes: + carnil> Introduced in 4be534102624 ("KVM: VMX: Initialize vmx->guest_msrs[] right after + carnil> allocation"). Vulnerable versions: 5.5-rc1. +Bugs: +upstream: released (5.13-rc2) [5104d7ffcf24749939bea7fdb5378d186473f890] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [31f29749ee970c251b3a7e5b914108425940d089] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46978 b/retired/CVE-2021-46978 new file mode 100644 index 00000000..88f3d3ce --- /dev/null +++ b/retired/CVE-2021-46978 @@ -0,0 +1,16 @@ +Description: KVM: nVMX: Always make an attempt to map eVMCS after migration +References: +Notes: + carnil> Introduced in f2c7ef3ba955 ("KVM: nSVM: cancel KVM_REQ_GET_NESTED_STATE_PAGES + carnil> on nested vmexit"). Vulnerable versions: 5.10.13 5.11-rc3. +Bugs: +upstream: released (5.13-rc2) [f5c7e8425f18fdb9bdb7d13340651d7876890329] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [c8bf64e3fb77cc19bad146fbe26651985b117194] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46979 b/retired/CVE-2021-46979 new file mode 100644 index 00000000..3fda350d --- /dev/null +++ b/retired/CVE-2021-46979 @@ -0,0 +1,16 @@ +Description: iio: core: fix ioctl handlers removal +References: +Notes: + carnil> Introduced in 8dedcc3eee3ac ("iio: core: centralize ioctl() calls to the main + carnil> chardev"). Vulnerable versions: 5.11-rc1. +Bugs: +upstream: released (5.13-rc2) [901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46980 b/retired/CVE-2021-46980 new file mode 100644 index 00000000..e420fb7e --- /dev/null +++ b/retired/CVE-2021-46980 @@ -0,0 +1,18 @@ +Description: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 +References: +Notes: + carnil> Introduced in 992a60ed0d5e ("usb: typec: ucsi: register with power_supply + carnil> class") + carnil> 4dbc6a4ef06d ("usb: typec: ucsi: save power data objects in PD mode"). + carnil> Vulnerable versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc2) [1f4642b72be79757f050924a9b9673b6a02034bc] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [e5366bea0277425e1868ba20eeb27c879d5a6e2d] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46982 b/retired/CVE-2021-46982 new file mode 100644 index 00000000..443a12eb --- /dev/null +++ b/retired/CVE-2021-46982 @@ -0,0 +1,16 @@ +Description: f2fs: compress: fix race condition of overwrite vs truncate +References: +Notes: + carnil> Introduced in 4c8ff7095bef ("f2fs: support data compression"). Vulnerable + carnil> versions: 5.6-rc1. +Bugs: +upstream: released (5.13-rc2) [a949dc5f2c5cfe0c910b664650f45371254c0744] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [5639b73fd3bc6fc8ca72e3a9ac15aacaabd7ebff] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46983 b/retired/CVE-2021-46983 new file mode 100644 index 00000000..24016075 --- /dev/null +++ b/retired/CVE-2021-46983 @@ -0,0 +1,16 @@ +Description: nvmet-rdma: Fix NULL deref when SEND is completed with error +References: +Notes: + carnil> Introduced in ca0f1a8055be2 ("nvmet-rdma: use new shared CQ mechanism"). + carnil> Vulnerable versions: 5.9-rc1. +Bugs: +upstream: released (5.13-rc2) [8cc365f9559b86802afc0208389f5c8d46b4ad61] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [64f3410c7bfc389b1a58611d0799f4a36ce4b6b5] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46985 b/retired/CVE-2021-46985 new file mode 100644 index 00000000..b325d2e4 --- /dev/null +++ b/retired/CVE-2021-46985 @@ -0,0 +1,16 @@ +Description: ACPI: scan: Fix a memory leak in an error handling path +References: +Notes: + carnil> Introduced in eb50aaf960e3 ("ACPI: scan: Use unique number for instance_no"). + carnil> Vulnerable versions: 4.9.264 4.14.228 4.19.184 5.4.109 5.10.27 5.11.11 5.12-rc5. +Bugs: +upstream: released (5.13-rc2) [0c8bd174f0fc131bc9dfab35cd8784f59045da87] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [e2381174daeae0ca35eddffef02dcc8de8c1ef8a] +4.19-upstream-stable: released (4.19.191) [69cc821e89ce572884548ac54c4f80eec7a837a5] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-46986 b/retired/CVE-2021-46986 new file mode 100644 index 00000000..ad09dd9b --- /dev/null +++ b/retired/CVE-2021-46986 @@ -0,0 +1,16 @@ +Description: usb: dwc3: gadget: Free gadget structure only after freeing endpoints +References: +Notes: + carnil> Introduced in e81a7018d93a ("usb: dwc3: allocate gadget structure + carnil> dynamically"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc2) [bb9c74a5bd1462499fe5ccb1e3c5ac40dcfa9139] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [1ea775021282d90e1d08d696b7ab54aa75d688e5] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46988 b/retired/CVE-2021-46988 new file mode 100644 index 00000000..2c1d5964 --- /dev/null +++ b/retired/CVE-2021-46988 @@ -0,0 +1,16 @@ +Description: userfaultfd: release page in error path to avoid BUG_ON +References: +Notes: + carnil> Introduced in cb658a453b93 ("userfaultfd: shmem: avoid leaking blocks and used + carnil> blocks in UFFDIO_COPY"). Vulnerable versions: 4.11-rc1. +Bugs: +upstream: released (5.13-rc2) [7ed9d238c7dbb1fdb63ad96a6184985151b0171c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [140cfd9980124aecb6c03ef2e69c72d0548744de] +4.19-upstream-stable: released (4.19.191) [07c9b834c97d0fa3402fb7f3f3b32df370a6ff1f] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-46989 b/retired/CVE-2021-46989 new file mode 100644 index 00000000..7a3877bb --- /dev/null +++ b/retired/CVE-2021-46989 @@ -0,0 +1,16 @@ +Description: hfsplus: prevent corruption in shrinking truncate +References: +Notes: + carnil> Introduced in 31651c607151f ("hfsplus: avoid deadlock on file truncation"). + carnil> Vulnerable versions: 4.19-rc1. +Bugs: +upstream: released (5.13-rc2) [c3187cf32216313fb316084efac4dab3a8459b1d] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [adbd8a2a8cc05d9e501f93e5c95c59307874cc99] +4.19-upstream-stable: released (4.19.191) [52dde855663e5db824af51db39b5757d2ef3e28a] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46990 b/retired/CVE-2021-46990 new file mode 100644 index 00000000..c8e35526 --- /dev/null +++ b/retired/CVE-2021-46990 @@ -0,0 +1,16 @@ +Description: powerpc/64s: Fix crashes when toggling entry flush barrier +References: +Notes: + carnil> Introduced in f79643787e0a ("powerpc/64s: flush L1D on kernel entry"). + carnil> Vulnerable versions: 4.4.245 4.9.245 4.14.208 4.19.159 5.4.79 5.9.10 5.10-rc5. +Bugs: +upstream: released (5.13-rc2) [aec86b052df6541cc97c5fca44e5934cbea4963b] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [d2e3590ca39ccfd8a5a46d8c7f095cb6c7b9ae92] +4.19-upstream-stable: released (4.19.191) [2db22ba4e0e103f00e0512e0ecce36ac78c644f8] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-46991 b/retired/CVE-2021-46991 new file mode 100644 index 00000000..efd42c49 --- /dev/null +++ b/retired/CVE-2021-46991 @@ -0,0 +1,16 @@ +Description: i40e: Fix use-after-free in i40e_client_subtask() +References: +Notes: + carnil> Introduced in 7b0b1a6d0ac9 ("i40e: Disable iWARP VSI PETCP_ENA flag on netdev + carnil> down events"). Vulnerable versions: 4.16-rc1. +Bugs: +upstream: released (5.13-rc1) [38318f23a7ef86a8b1862e5e8078c4de121960c3] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [829a713450b8fb127cbabfc1244c1d8179ec5107] +4.19-upstream-stable: released (4.19.191) [c1322eaeb8af0d8985b5cc5fa759140fa0e57b84] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-46992 b/retired/CVE-2021-46992 new file mode 100644 index 00000000..f1d9fc8b --- /dev/null +++ b/retired/CVE-2021-46992 @@ -0,0 +1,16 @@ +Description: netfilter: nftables: avoid overflows in nft_hash_buckets() +References: +Notes: + carnil> Introduced in 0ed6389c483d ("netfilter: nf_tables: rename set + carnil> implementations"). Vulnerable versions: 4.9-rc1. +Bugs: +upstream: released (5.13-rc1) [a54754ec9891830ba548e2010c889e3c8146e449] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [72b49dd116ca00a46a11d5a4d8d7987f05ed9cd7] +4.19-upstream-stable: released (4.19.191) [efcd730ddd6f25578bd31bfe703e593e2421d708] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-46993 b/retired/CVE-2021-46993 new file mode 100644 index 00000000..44dfca42 --- /dev/null +++ b/retired/CVE-2021-46993 @@ -0,0 +1,16 @@ +Description: sched: Fix out-of-bound access in uclamp +References: +Notes: + carnil> Introduced in 69842cba9ace ("sched/uclamp: Add CPU's clamp buckets + carnil> refcounting"). Vulnerable versions: 5.3-rc1. +Bugs: +upstream: released (5.13-rc1) [6d2f8909a5fabb73fe2a63918117943986c39b6c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [f7347c85490b92dd144fa1fba9e1eca501656ab3] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46994 b/retired/CVE-2021-46994 new file mode 100644 index 00000000..99f51c44 --- /dev/null +++ b/retired/CVE-2021-46994 @@ -0,0 +1,16 @@ +Description: can: mcp251x: fix resume from sleep before interface was brought up +References: +Notes: + carnil> Introduced in 8ce8c0abcba3 ("can: mcp251x: only reset hardware as required"). + carnil> Vulnerable versions: 5.5-rc1. +Bugs: +upstream: released (5.13-rc1) [03c427147b2d3e503af258711af4fc792b89b0af] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [eecb4df8ec9f896b19ee05bfa632ac6c1dcd8f21] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46995 b/retired/CVE-2021-46995 new file mode 100644 index 00000000..c6ab8bb6 --- /dev/null +++ b/retired/CVE-2021-46995 @@ -0,0 +1,16 @@ +Description: can: mcp251xfd: mcp251xfd_probe(): fix an error pointer dereference in probe +References: +Notes: + carnil> Introduced in cf8ee6de2543 ("can: mcp251xfd: mcp251xfd_probe(): use + carnil> dev_err_probe() to simplify error handling"). Vulnerable versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [4cc7faa406975b460aa674606291dea197c1210c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46996 b/retired/CVE-2021-46996 new file mode 100644 index 00000000..f47d0143 --- /dev/null +++ b/retired/CVE-2021-46996 @@ -0,0 +1,16 @@ +Description: netfilter: nftables: Fix a memleak from userdata error path in new objects +References: +Notes: + carnil> Introduced in b131c96496b3 ("netfilter: nf_tables: add userdata support for + carnil> nft_object"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [85dfd816fabfc16e71786eda0a33a7046688b5b0] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [2c784a500f5edd337258b0fdb2f31bc9abde1a23] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46997 b/retired/CVE-2021-46997 new file mode 100644 index 00000000..a6b31cfb --- /dev/null +++ b/retired/CVE-2021-46997 @@ -0,0 +1,20 @@ +Description: arm64: entry: always set GIC_PRIO_PSR_I_SET during entry +References: +Notes: + carnil> Introduced in 23529049c684 ("arm64: entry: fix non-NMI user<->kernel + carnil> transitions") + carnil> 7cd1ea1010ac ("arm64: entry: fix non-NMI kernel<->kernel transitions") + carnil> f0cd5ac1e4c5 ("arm64: entry: fix NMI {user, kernel}->kernel transitions") + carnil> 2a9b3e6ac69a ("arm64: entry: fix EL1 debug transitions"). Vulnerable versions: + carnil> 5.10-rc7. +Bugs: +upstream: released (5.13-rc1) [4d6a38da8e79e94cbd1344aa90876f0f805db705] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [51524fa8b5f7b879ba569227738375d283b79382] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-46998 b/retired/CVE-2021-46998 new file mode 100644 index 00000000..25a6480a --- /dev/null +++ b/retired/CVE-2021-46998 @@ -0,0 +1,16 @@ +Description: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit +References: +Notes: + carnil> Introduced in fb7516d42478e ("enic: add sw timestamp support"). Vulnerable + carnil> versions: 4.16-rc1. +Bugs: +upstream: released (5.13-rc1) [643001b47adc844ae33510c4bb93c236667008a3] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [7afdd6aba95c8a526038e7abe283eeac3e4320f1] +4.19-upstream-stable: released (4.19.191) [25a87b1f566b5eb2af2857a928f0e2310d900976] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-46999 b/retired/CVE-2021-46999 new file mode 100644 index 00000000..ee21f385 --- /dev/null +++ b/retired/CVE-2021-46999 @@ -0,0 +1,16 @@ +Description: sctp: do asoc update earlier in sctp_sf_do_dupcook_a +References: +Notes: + carnil> Introduced in 145cb2f7177d ("sctp: Fix bundling of SHUTDOWN with COOKIE-ACK"). + carnil> Vulnerable versions: 4.19.123 5.4.41 5.6.13 5.7-rc3. +Bugs: +upstream: released (5.13-rc1) [35b4f24415c854cd718ccdf38dbea6297f010aae] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [f01988ecf3654f805282dce2d3bb9afe68d2691e] +4.19-upstream-stable: released (4.19.191) [d624f2991b977821375fbd56c91b0c91d456a697] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-47000 b/retired/CVE-2021-47000 new file mode 100644 index 00000000..60b792c1 --- /dev/null +++ b/retired/CVE-2021-47000 @@ -0,0 +1,16 @@ +Description: ceph: fix inode leak on getattr error in __fh_to_dentry +References: +Notes: + carnil> Introduced in 878dabb64117 ("ceph: don't return -ESTALE if there's still an + carnil> open file"). Vulnerable versions: 5.4.49 5.7.6 5.8-rc1. +Bugs: +upstream: released (5.13-rc1) [1775c7ddacfcea29051c67409087578f8f4d751b] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [bf45c9fe99aa8003d2703f1bd353f956dea47e40] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47001 b/retired/CVE-2021-47001 new file mode 100644 index 00000000..d3583ee2 --- /dev/null +++ b/retired/CVE-2021-47001 @@ -0,0 +1,16 @@ +Description: xprtrdma: Fix cwnd update ordering +References: +Notes: + carnil> Introduced in 2ae50ad68cd7 ("xprtrdma: Close window between waking RPC senders + carnil> and posting Receives"). Vulnerable versions: 5.4.13 5.5-rc1. +Bugs: +upstream: released (5.13-rc1) [35d8b10a25884050bb3b0149b62c3818ec59f77c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [eddae8be7944096419c2ae29477a45f767d0fcd4] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47002 b/retired/CVE-2021-47002 new file mode 100644 index 00000000..0f190902 --- /dev/null +++ b/retired/CVE-2021-47002 @@ -0,0 +1,16 @@ +Description: SUNRPC: Fix null pointer dereference in svc_rqst_free() +References: +Notes: + carnil> Introduced in 5191955d6fc6 ("SUNRPC: Prepare for xdr_stream-style decoding on + carnil> the server-side"). Vulnerable versions: 5.11-rc1. +Bugs: +upstream: released (5.13-rc1) [b9f83ffaa0c096b4c832a43964fe6bff3acffe10] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47003 b/retired/CVE-2021-47003 new file mode 100644 index 00000000..0c7a5f0f --- /dev/null +++ b/retired/CVE-2021-47003 @@ -0,0 +1,16 @@ +Description: dmaengine: idxd: Fix potential null dereference on pointer status +References: +Notes: + carnil> Introduced in 89e3becd8f82 ("dmaengine: idxd: check device state before issue + carnil> command"). Vulnerable versions: 5.10.17 5.11. +Bugs: +upstream: released (5.13-rc1) [28ac8e03c43dfc6a703aa420d18222540b801120] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [5756f757c72501ef1a16f5f63f940623044180e9] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47004 b/retired/CVE-2021-47004 new file mode 100644 index 00000000..a0af8f9c --- /dev/null +++ b/retired/CVE-2021-47004 @@ -0,0 +1,17 @@ +Description: f2fs: fix to avoid touching checkpointed data in get_victim() +References: +Notes: + carnil> Introduced in 4354994f097d ("f2fs: checkpoint disabling") + carnil> 093749e296e2 ("f2fs: support age threshold based garbage collection"). + carnil> Vulnerable versions: 4.20-rc1 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [61461fc921b756ae16e64243f72af2bfc2e620db] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [105155a8146ddb54c119d8318964eef3859d109d] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47005 b/retired/CVE-2021-47005 new file mode 100644 index 00000000..4b0865bc --- /dev/null +++ b/retired/CVE-2021-47005 @@ -0,0 +1,16 @@ +Description: PCI: endpoint: Fix NULL pointer dereference for ->get_features() +References: +Notes: + carnil> Introduced in 2c04c5b8eef79 ("PCI: pci-epf-test: Use pci_epc_get_features() to + carnil> get EPC features"). Vulnerable versions: 5.1-rc1. +Bugs: +upstream: released (5.13-rc1) [6613bc2301ba291a1c5a90e1dc24cf3edf223c03] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [bbed83d7060e07a5d309104d25a00f0a24441428] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47006 b/retired/CVE-2021-47006 new file mode 100644 index 00000000..55432a90 --- /dev/null +++ b/retired/CVE-2021-47006 @@ -0,0 +1,16 @@ +Description: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook +References: +Notes: + carnil> Introduced in 1879445dfa7b ("perf/core: Set event's default + carnil> ::overflow_handler()"). Vulnerable versions: 4.7-rc1. +Bugs: +upstream: released (5.13-rc1) [a506bd5756290821a4314f502b4bafc2afcf5260] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [630146203108bf6b8934eec0dfdb3e46dcb917de] +4.19-upstream-stable: released (4.19.191) [a9938d6d78a238d6ab8de57a4d3dcf77adceb9bb] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-47007 b/retired/CVE-2021-47007 new file mode 100644 index 00000000..5ea925f0 --- /dev/null +++ b/retired/CVE-2021-47007 @@ -0,0 +1,16 @@ +Description: f2fs: fix panic during f2fs_resize_fs() +References: +Notes: + carnil> Introduced in b4b10061ef98 ("f2fs: refactor resize_fs to avoid meta updates in + carnil> progress"). Vulnerable versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc1) [3ab0598e6d860ef49d029943ba80f627c15c15d6] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [1c20a4896409f5ca1c770e1880c33d0a28a8b10f] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47008 b/retired/CVE-2021-47008 new file mode 100644 index 00000000..41c055f0 --- /dev/null +++ b/retired/CVE-2021-47008 @@ -0,0 +1,18 @@ +Description: KVM: SVM: Make sure GHCB is mapped before updating +References: +Notes: + carnil> Introduced in f1c6366e3043 ("KVM: SVM: Add required changes to support + carnil> intercepts under SEV-ES") + carnil> 647daca25d24 ("KVM: SVM: Add support for booting APs in an SEV-ES guest"). + carnil> Vulnerable versions: 5.11-rc1 5.11-rc3. +Bugs: +upstream: released (5.13-rc1) [a3ba26ecfb569f4aa3f867e80c02aa65f20aadad] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47009 b/retired/CVE-2021-47009 new file mode 100644 index 00000000..2542237a --- /dev/null +++ b/retired/CVE-2021-47009 @@ -0,0 +1,16 @@ +Description: KEYS: trusted: Fix memory leak on object td +References: +Notes: + carnil> Introduced in 5df16caada3f ("KEYS: trusted: Fix incorrect handling of + carnil> tpm_get_random()"). Vulnerable versions: 5.10.20 5.11.3 5.12-rc1. +Bugs: +upstream: released (5.13-rc2) [83a775d5f9bfda95b1c295f95a3a041a40c7f321] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [31c9a4b24d86cbb36ff0d7a085725a3b4f0138c8] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47010 b/retired/CVE-2021-47010 new file mode 100644 index 00000000..068b9c1f --- /dev/null +++ b/retired/CVE-2021-47010 @@ -0,0 +1,16 @@ +Description: net: Only allow init netns to set default tcp cong to a restricted algo +References: +Notes: + carnil> Introduced in 6670e1524477 ("tcp: Namespace-ify + carnil> sysctl_tcp_default_congestion_control"). Vulnerable versions: 4.15-rc1. +Bugs: +upstream: released (5.13-rc1) [8d432592f30fcc34ef5a10aac4887b4897884493] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [6c1ea8bee75df8fe2184a50fcd0f70bf82986f42] +4.19-upstream-stable: released (4.19.191) [992de06308d9a9584d59b96d294ac676f924e437] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-47011 b/retired/CVE-2021-47011 new file mode 100644 index 00000000..9f9345ed --- /dev/null +++ b/retired/CVE-2021-47011 @@ -0,0 +1,16 @@ +Description: mm: memcontrol: slab: fix obtain a reference to a freeing memcg +References: +Notes: + carnil> Introduced in 3de7d4f25a74 ("mm: memcg/slab: optimize objcg stock draining"). + carnil> Vulnerable versions: 5.10.11 5.11-rc5. +Bugs: +upstream: released (5.13-rc1) [9f38f03ae8d5f57371b71aa6b4275765b65454fd] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [31df8bc4d3feca9f9c6b2cd06fd64a111ae1a0e6] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47012 b/retired/CVE-2021-47012 new file mode 100644 index 00000000..a80d32bb --- /dev/null +++ b/retired/CVE-2021-47012 @@ -0,0 +1,16 @@ +Description: RDMA/siw: Fix a use after free in siw_alloc_mr +References: +Notes: + carnil> Introduced in 2251334dcac9 ("rdma/siw: application buffer management"). + carnil> Vulnerable versions: 5.3-rc1. +Bugs: +upstream: released (5.13-rc1) [3093ee182f01689b89e9f8797b321603e5de4f63] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [608a4b90ece039940e9425ee2b39c8beff27e00c] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47013 b/retired/CVE-2021-47013 new file mode 100644 index 00000000..37cb8d4d --- /dev/null +++ b/retired/CVE-2021-47013 @@ -0,0 +1,16 @@ +Description: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send +References: +Notes: + carnil> Introduced in b9b17debc69d2 ("net: emac: emac gigabit ethernet controller + carnil> driver"). Vulnerable versions: 4.9-rc1. +Bugs: +upstream: released (5.13-rc1) [6d72e7c767acbbdd44ebc7d89c6690b405b32b57] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [9dc373f74097edd0e35f3393d6248eda8d1ba99d] +4.19-upstream-stable: released (4.19.191) [16d8c44be52e3650917736d45f5904384a9da834] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-47017 b/retired/CVE-2021-47017 new file mode 100644 index 00000000..c564e64f --- /dev/null +++ b/retired/CVE-2021-47017 @@ -0,0 +1,16 @@ +Description: ath10k: Fix a use after free in ath10k_htc_send_bundle +References: +Notes: + carnil> Introduced in c8334512f3dd1 ("ath10k: add htt TX bundle for sdio"). Vulnerable + carnil> versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc1) [8392df5d7e0b6a7d21440da1fc259f9938f4dec3] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [8bb054fb336f4250002fff4e0b075221c05c3c65] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47018 b/retired/CVE-2021-47018 new file mode 100644 index 00000000..45bca5d3 --- /dev/null +++ b/retired/CVE-2021-47018 @@ -0,0 +1,16 @@ +Description: powerpc/64: Fix the definition of the fixmap area +References: +Notes: + carnil> Introduced in 265c3491c4bc ("powerpc: Add support for GENERIC_EARLY_IOREMAP"). + carnil> Vulnerable versions: 5.5-rc1. +Bugs: +upstream: released (5.13-rc1) [9ccba66d4d2aff9a3909aa77d57ea8b7cc166f3c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [4b9fb2c9039a206d37f215936a4d5bee7b1bf9cd] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47019 b/retired/CVE-2021-47019 new file mode 100644 index 00000000..fa0eb51a --- /dev/null +++ b/retired/CVE-2021-47019 @@ -0,0 +1,16 @@ +Description: mt76: mt7921: fix possible invalid register access +References: +Notes: + carnil> Introduced in ffa1bf97425b ("mt76: mt7921: introduce PM support"). Vulnerable + carnil> versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [fe3fccde8870764ba3e60610774bd7bc9f8faeff] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47021 b/retired/CVE-2021-47021 new file mode 100644 index 00000000..c8cb8e5a --- /dev/null +++ b/retired/CVE-2021-47021 @@ -0,0 +1,16 @@ +Description: mt76: mt7915: fix memleak when mt7915_unregister_device() +References: +Notes: + carnil> Introduced in f285dfb98562 ("mt76: mt7915: reset token when mac_reset + carnil> happens"). Vulnerable versions: 5.11.4 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [e9d32af478cfc3744a45245c0b126738af4b3ac4] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47022 b/retired/CVE-2021-47022 new file mode 100644 index 00000000..c5196b6a --- /dev/null +++ b/retired/CVE-2021-47022 @@ -0,0 +1,16 @@ +Description: mt76: mt7615: fix memleak when mt7615_unregister_device() +References: +Notes: + carnil> Introduced in a6275e934605 ("mt76: mt7615: reset token when mac_reset + carnil> happens"). Vulnerable versions: 5.10.21 5.11.4 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [8ab31da7b89f71c4c2defcca989fab7b42f87d71] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [4fa28c807da54c1d720b3cc12e48eb9bea1e2c8f] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47023 b/retired/CVE-2021-47023 new file mode 100644 index 00000000..4f11a945 --- /dev/null +++ b/retired/CVE-2021-47023 @@ -0,0 +1,16 @@ +Description: net: marvell: prestera: fix port event handling on init +References: +Notes: + carnil> Introduced in 501ef3066c89 ("net: marvell: prestera: Add driver for Prestera + carnil> family ASIC devices"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [333980481b99edb24ebd5d1a53af70a15d9146de] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [0ce6052802be2cb61a57b753e41301339c88c839] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47025 b/retired/CVE-2021-47025 new file mode 100644 index 00000000..503717ea --- /dev/null +++ b/retired/CVE-2021-47025 @@ -0,0 +1,16 @@ +Description: iommu/mediatek: Always enable the clk on resume +References: +Notes: + carnil> Introduced in c0b57581b73b ("iommu/mediatek: Add power-domain operation"). + carnil> Vulnerable versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [b34ea31fe013569d42b7e8681ef3f717f77c5b72] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47026 b/retired/CVE-2021-47026 new file mode 100644 index 00000000..d0bbf7f2 --- /dev/null +++ b/retired/CVE-2021-47026 @@ -0,0 +1,16 @@ +Description: RDMA/rtrs-clt: destroy sysfs after removing session from active list +References: +Notes: + carnil> Introduced in 6a98d71daea1 ("RDMA/rtrs: client: main functionality"). + carnil> Vulnerable versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc1) [7f4a8592ff29f19c5a2ca549d0973821319afaad] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [b64415c6b3476cf9fa4d0aea3807065b8403a937] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47027 b/retired/CVE-2021-47027 new file mode 100644 index 00000000..d1703086 --- /dev/null +++ b/retired/CVE-2021-47027 @@ -0,0 +1,16 @@ +Description: mt76: mt7921: fix kernel crash when the firmware fails to download +References: +Notes: + carnil> Introduced in 5c14a5f944b9 ("mt76: mt7921: introduce mt7921e support"). + carnil> Vulnerable versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [e230f0c44f011f3270680a506b19b7e84c5e8923] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47029 b/retired/CVE-2021-47029 new file mode 100644 index 00000000..a8fc7a6c --- /dev/null +++ b/retired/CVE-2021-47029 @@ -0,0 +1,16 @@ +Description: mt76: connac: fix kernel warning adding monitor interface +References: +Notes: + carnil> Introduced in d0e274af2f2e4 ("mt76: mt76_connac: create mcu library"). + carnil> Vulnerable versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [c996f0346e40e3b1ac2ebaf0681df898fb157f60] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47030 b/retired/CVE-2021-47030 new file mode 100644 index 00000000..a9ed3657 --- /dev/null +++ b/retired/CVE-2021-47030 @@ -0,0 +1,16 @@ +Description: mt76: mt7615: fix memory leak in mt7615_coredump_work +References: +Notes: + carnil> Introduced in d2bf7959d9c0f ("mt76: mt7663: introduce coredump support"). + carnil> Vulnerable versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [49cc85059a2cb656f96ff3693f891e8fe8f669a9] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47031 b/retired/CVE-2021-47031 new file mode 100644 index 00000000..567051fa --- /dev/null +++ b/retired/CVE-2021-47031 @@ -0,0 +1,16 @@ +Description: mt76: mt7921: fix memory leak in mt7921_coredump_work +References: +Notes: + carnil> Introduced in 1c099ab44727c ("mt76: mt7921: add MCU support"). Vulnerable + carnil> versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [782b3e86ea970e899f8e723db9f64708a15ca30e] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47032 b/retired/CVE-2021-47032 new file mode 100644 index 00000000..980666f4 --- /dev/null +++ b/retired/CVE-2021-47032 @@ -0,0 +1,16 @@ +Description: mt76: mt7915: fix tx skb dma unmap +References: +Notes: + carnil> Introduced in 27d5c528a7ca ("mt76: fix double DMA unmap of the first buffer on + carnil> 7615/7915"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [7dcf3c04f0aca746517a77433b33d40868ca4749] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [4e7914ce23306b28d377ec395e00e5fde0e6f96e] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47033 b/retired/CVE-2021-47033 new file mode 100644 index 00000000..6900464b --- /dev/null +++ b/retired/CVE-2021-47033 @@ -0,0 +1,16 @@ +Description: mt76: mt7615: fix tx skb dma unmap +References: +Notes: + carnil> Introduced in 27d5c528a7ca ("mt76: fix double DMA unmap of the first buffer on + carnil> 7615/7915"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [ebee7885bb12a8fe2c2f9bac87dbd87a05b645f9] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [75bc5f779a7664d1fc19cb915039439c6e58bb94] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47034 b/retired/CVE-2021-47034 new file mode 100644 index 00000000..d2164f4b --- /dev/null +++ b/retired/CVE-2021-47034 @@ -0,0 +1,16 @@ +Description: powerpc/64s: Fix pte update for kernel memory on radix +References: +Notes: + carnil> Introduced in f1cb8f9beba8 ("powerpc/64s/radix: avoid ptesync after set_pte and + carnil> ptep_set_access_flags"). Vulnerable versions: 4.18-rc1. +Bugs: +upstream: released (5.13-rc1) [b8b2f37cf632434456182e9002d63cbc4cccc50c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [84c0762633f2a7ac8399e6b97d3b9bb8e6e1d50f] +4.19-upstream-stable: released (4.19.191) [b3d5d0983388d6c4fb35f7d722556d5595f167a7] +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.194-1) diff --git a/retired/CVE-2021-47035 b/retired/CVE-2021-47035 new file mode 100644 index 00000000..461ab699 --- /dev/null +++ b/retired/CVE-2021-47035 @@ -0,0 +1,16 @@ +Description: iommu/vt-d: Remove WO permissions on second-level paging entries +References: +Notes: + carnil> Introduced in b802d070a52a1 ("iommu/vt-d: Use iova over first level"). + carnil> Vulnerable versions: 5.6-rc1. +Bugs: +upstream: released (5.13-rc1) [eea53c5816889ee8b64544fa2e9311a81184ff9c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.38) [89bd620798704a8805fc9db0d71d7f812cf5b3d2] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47038 b/retired/CVE-2021-47038 new file mode 100644 index 00000000..f9fca470 --- /dev/null +++ b/retired/CVE-2021-47038 @@ -0,0 +1,16 @@ +Description: Bluetooth: avoid deadlock between hci_dev->lock and socket lock +References: +Notes: + carnil> Introduced in eab2404ba798 ("Bluetooth: Add BT_PHY socket option"). Vulnerable + carnil> versions: 5.7-rc1. +Bugs: +upstream: released (5.13-rc1) [17486960d79b900c45e0bb8fbcac0262848582ba] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [7cc0ba67883c6c8d3bddb283f56c167fc837a555] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47039 b/retired/CVE-2021-47039 new file mode 100644 index 00000000..6d4d359a --- /dev/null +++ b/retired/CVE-2021-47039 @@ -0,0 +1,16 @@ +Description: ataflop: potential out of bounds in do_format() +References: +Notes: + carnil> Introduced in bf9c0538e485 ("ataflop: use a separate gendisk for each media + carnil> format"). Vulnerable versions: 5.11-rc1. +Bugs: +upstream: released (5.13-rc1) [1ffec389a6431782a8a28805830b6fae9bf00af1] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47040 b/retired/CVE-2021-47040 new file mode 100644 index 00000000..329255c7 --- /dev/null +++ b/retired/CVE-2021-47040 @@ -0,0 +1,16 @@ +Description: io_uring: fix overflows checks in provide buffers +References: +Notes: + carnil> Introduced in efe68c1ca8f49 ("io_uring: validate the full range of provided + carnil> buffers for access"). Vulnerable versions: 5.8-rc1. +Bugs: +upstream: released (5.13-rc1) [38134ada0ceea3e848fe993263c0ff6207fd46e7] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [cbbc13b115b8f18e0a714d89f87fbdc499acfe2d] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47041 b/retired/CVE-2021-47041 new file mode 100644 index 00000000..abf3973b --- /dev/null +++ b/retired/CVE-2021-47041 @@ -0,0 +1,16 @@ +Description: nvmet-tcp: fix incorrect locking in state_change sk callback +References: +Notes: + carnil> Introduced in 872d26a391da ("nvmet-tcp: add NVMe over TCP target driver"). + carnil> Vulnerable versions: 5.0-rc1. +Bugs: +upstream: released (5.13-rc1) [b5332a9f3f3d884a1b646ce155e664cc558c1722] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [60ade0d56b06537a28884745059b3801c78e03bc] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47042 b/retired/CVE-2021-47042 new file mode 100644 index 00000000..abe04fdb --- /dev/null +++ b/retired/CVE-2021-47042 @@ -0,0 +1,16 @@ +Description: drm/amd/display: Free local data after use +References: +Notes: + carnil> Introduced in 3a00c04212d1cf ("drm/amd/display/dc/core/dc_link: Move some local + carnil> data from the stack to the heap"). Vulnerable versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [616cf23b6cf40ad6f03ffbddfa1b6c4eb68d8ae1] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47043 b/retired/CVE-2021-47043 new file mode 100644 index 00000000..cb60fffe --- /dev/null +++ b/retired/CVE-2021-47043 @@ -0,0 +1,16 @@ +Description: media: venus: core: Fix some resource leaks in the error path of 'venus_probe()' +References: +Notes: + carnil> Introduced in 32f0a6ddc8c9 ("media: venus: Use on-chip interconnect API"). + carnil> Vulnerable versions: 5.5-rc1. +Bugs: +upstream: released (5.13-rc1) [5a465c5391a856a0c1e9554964d660676c35d1b2] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [00b68a7478343afdf83f30c43e64db5296057030] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47044 b/retired/CVE-2021-47044 new file mode 100644 index 00000000..3baec611 --- /dev/null +++ b/retired/CVE-2021-47044 @@ -0,0 +1,16 @@ +Description: sched/fair: Fix shift-out-of-bounds in load_balance() +References: +Notes: + carnil> Introduced in 5a7f55590467 ("sched/fair: Relax constraint on task's load during + carnil> load balance"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [39a2a6eb5c9b66ea7c8055026303b3aa681b49a5] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [80862cbf76c2646f709a57c4517aefe0b094c774] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47045 b/retired/CVE-2021-47045 new file mode 100644 index 00000000..771d0536 --- /dev/null +++ b/retired/CVE-2021-47045 @@ -0,0 +1,16 @@ +Description: scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb() +References: +Notes: + carnil> Introduced in 4430f7fd09ec ("scsi: lpfc: Rework locations of ndlp reference + carnil> taking"). Vulnerable versions: 5.11-rc1. +Bugs: +upstream: released (5.13-rc1) [8dd1c125f7f838abad009b64bff5f0a11afe3cb6] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47046 b/retired/CVE-2021-47046 new file mode 100644 index 00000000..ad8ba15e --- /dev/null +++ b/retired/CVE-2021-47046 @@ -0,0 +1,16 @@ +Description: drm/amd/display: Fix off by one in hdmi_14_process_transaction() +References: +Notes: + carnil> Introduced in 4c283fdac08a ("drm/amd/display: Add HDCP module"). Vulnerable + carnil> versions: 5.5-rc1. +Bugs: +upstream: released (5.13-rc1) [8e6fafd5a22e7a2eb216f5510db7aab54cc545c1] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [403c4528e5887af3deb9838cb77a557631d1e138] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47047 b/retired/CVE-2021-47047 new file mode 100644 index 00000000..7402934c --- /dev/null +++ b/retired/CVE-2021-47047 @@ -0,0 +1,16 @@ +Description: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails +References: +Notes: + carnil> Introduced in 1c26372e5aa9 ("spi: spi-zynqmp-gqspi: Update driver to use + carnil> spi-mem framework"). Vulnerable versions: 5.10-rc3. +Bugs: +upstream: released (5.13-rc1) [126bdb606fd2802454e6048caef1be3e25dd121e] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [5980a3b9c933408bc22b0e349b78c3ebd7cbf880] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6 .1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47048 b/retired/CVE-2021-47048 new file mode 100644 index 00000000..aa3980ae --- /dev/null +++ b/retired/CVE-2021-47048 @@ -0,0 +1,16 @@ +Description: spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op +References: +Notes: + carnil> Introduced in 1c26372e5aa9 ("spi: spi-zynqmp-gqspi: Update driver to use + carnil> spi-mem framework"). Vulnerable versions: 5.10-rc3. +Bugs: +upstream: released (5.13-rc1) [a2c5bedb2d55dd27c642c7b9fb6886d7ad7bdb58] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [1231279389b5e638bc3b66b9741c94077aed4b5a] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47050 b/retired/CVE-2021-47050 new file mode 100644 index 00000000..ab77ed8f --- /dev/null +++ b/retired/CVE-2021-47050 @@ -0,0 +1,16 @@ +Description: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource +References: +Notes: + carnil> Introduced in ca7d8b980b67 ("memory: add Renesas RPC-IF driver"). Vulnerable + carnil> versions: 5.9-rc2. +Bugs: +upstream: released (5.13-rc1) [59e27d7c94aa02da039b000d33c304c179395801] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [71bcc1b4a1743534d8abdcb57ff912e6bc390438] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47051 b/retired/CVE-2021-47051 new file mode 100644 index 00000000..c7956550 --- /dev/null +++ b/retired/CVE-2021-47051 @@ -0,0 +1,16 @@ +Description: spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware() +References: +Notes: + carnil> Introduced in 944c01a889d9 ("spi: lpspi: enable runtime pm for lpspi"). + carnil> Vulnerable versions: 5.2-rc5. +Bugs: +upstream: released (5.13-rc1) [a03675497970a93fcf25d81d9d92a59c2d7377a7] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [ce02e58ddf8658a4c3bed2296f32a5873b3f7cce] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47052 b/retired/CVE-2021-47052 new file mode 100644 index 00000000..4703bfdf --- /dev/null +++ b/retired/CVE-2021-47052 @@ -0,0 +1,16 @@ +Description: crypto: sa2ul - Fix memory leak of rxd +References: +Notes: + carnil> Introduced in 00c9211f60db ("crypto: sa2ul - Fix DMA mapping API usage"). + carnil> Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [854b7737199848a91f6adfa0a03cf6f0c46c86e8] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [0e596b3734649041ed77edc86a23c0442bbe062b] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2021-47053 b/retired/CVE-2021-47053 new file mode 100644 index 00000000..b676ead5 --- /dev/null +++ b/retired/CVE-2021-47053 @@ -0,0 +1,16 @@ +Description: crypto: sun8i-ss - Fix memory leak of pad +References: +Notes: + carnil> Introduced in d9b45418a917 ("crypto: sun8i-ss - support hash algorithms"). + carnil> Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (5.13-rc1) [50274b01ac1689b1a3f6bc4b5b3dbf361a55dd3a] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.37) [2c67a9333da9d0a3b87310e0d116b7c9070c7b00] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-52475 b/retired/CVE-2023-52475 new file mode 100644 index 00000000..1e3af3ac --- /dev/null +++ b/retired/CVE-2023-52475 @@ -0,0 +1,15 @@ +Description: Input: powermate - fix use-after-free in powermate_config_complete +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.6-rc6) [5c15c60e7be615f05a45cd905093a54b11f461bc] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: released (6.1.59) [2efe67c581a2a6122b328d4bb6f21b3f36f40d46] +5.10-upstream-stable: released (5.10.199) [cd2fbfd8b922b7fdd50732e47d797754ab59cb06] +4.19-upstream-stable: released (4.19.297) [67cace72606baf1758fd60feb358f4c6be92e1cc] +sid: released (6.5.8-1) +6.1-bookworm-security: released (6.1.64-1) +5.10-bullseye-security: released (5.10.205-1) +4.19-buster-security: released (4.19.304-1) diff --git a/retired/CVE-2023-52477 b/retired/CVE-2023-52477 new file mode 100644 index 00000000..f12727fc --- /dev/null +++ b/retired/CVE-2023-52477 @@ -0,0 +1,15 @@ +Description: usb: hub: Guard against accesses to uninitialized BOS descriptors +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.6-rc6) [f74a7afc224acd5e922c7a2e52244d891bbe44ee] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: released (6.1.59) [fb9895ab9533534335fa83d70344b397ac862c81] +5.10-upstream-stable: released (5.10.199) [241f230324337ed5eae3846a554fb6d15169872c] +4.19-upstream-stable: released (4.19.297) [8e7346bfea56453e31b7421c1c17ca2fb9ed613d] +sid: released (6.5.8-1) +6.1-bookworm-security: released (6.1.64-1) +5.10-bullseye-security: released (5.10.205-1) +4.19-buster-security: released (4.19.304-1) diff --git a/retired/CVE-2023-52478 b/retired/CVE-2023-52478 new file mode 100644 index 00000000..abac82c2 --- /dev/null +++ b/retired/CVE-2023-52478 @@ -0,0 +1,15 @@ +Description: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.6-rc6) [dac501397b9d81e4782232c39f94f4307b137452] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: released (6.1.59) [fd72ac9556a473fc7daf54efb6ca8a97180d621d] +5.10-upstream-stable: released (5.10.199) [093af62c023537f097d2ebdfaa0bc7c1a6e874e1] +4.19-upstream-stable: released (4.19.297) [44481b244fcaa2b895a53081d6204c574720c38c] +sid: released (6.5.8-1) +6.1-bookworm-security: released (6.1.64-1) +5.10-bullseye-security: released (5.10.205-1) +4.19-buster-security: released (4.19.304-1) diff --git a/retired/CVE-2023-52483 b/retired/CVE-2023-52483 new file mode 100644 index 00000000..43db8a4a --- /dev/null +++ b/retired/CVE-2023-52483 @@ -0,0 +1,16 @@ +Description: mctp: perform route lookups under a RCU read-side lock +References: +Notes: + carnil> Introduced in 889b7da23abf ("mctp: Add initial routing framework"). Vulnerable + carnil> versions: 5.15-rc1. +Bugs: +upstream: released (6.6-rc6) [5093bbfc10ab6636b32728e35813cbd79feb063c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: released (6.1.59) [1db0724a01b558feb1ecae551782add1951a114a] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.5.8-1) +6.1-bookworm-security: released (6.1.64-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" -- cgit v1.2.3