kernel-hci: Add CVE-2023-2248 CVE-2023-2177 CVE-2023-2008 CVE-2023-0458 CVE-2023-1382 CVE-2023-23005 CVE-2023-2006 CVE-2023-1998 CVE-2023-28327 CVE-2023-2235 CVE-2023-30772 CVE-2023-28328 CVE-2023-2019 CVE-2023-2162 CVE-2023-22997 CVE-2023-2166 CVE-2023-31436 CVE-2023-1872 CVE-2023-2194 (#5526)

2023-05-22 10:53:22 -07:00 · 2023-05-22 10:53:22 -07:00 · e7eba853e6
parent 0923e30d32
commit e7eba853e6
19 changed files with 60 additions and 0 deletions
--- a/SPECS/kernel-hci/CVE-2023-0458.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-0458.nopatch
@ -0,0 +1,3 @@
+CVE-2023-0458 - patched in 5.15.90.1 - (generated by autopatch tool)
+upstream 739790605705ddcf18f21782b9c99ad7d53a8c11 - stable f01aefe374d32c4bb1e5fd1e9f931cf77fca621a
+
--- a/SPECS/kernel-hci/CVE-2023-1382.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-1382.nopatch
@ -0,0 +1,3 @@
+CVE-2023-1382 - already patched in 5.15.81.1 stable kernel
+Upstream: 0e5d56c64afcd6fd2d132ea972605b66f8a7d3c4, a7b42969d63f47320853a802efd879fbdc4e010e
+Stable: 4ae907c45fcad4450423b8cdefa5a74bad772068, 33fb115a76ae6683e34f76f7e07f6f0734b2525f
--- a/SPECS/kernel-hci/CVE-2023-1872.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-1872.nopatch
@ -0,0 +1,3 @@
+CVE-2023-1872 - patched in 5.15.98.1
+Upstream: 5106dd6e74ab6c94daac1c357094f11e6934b36f
+Stable: 937c15e27a63a071d1622928dea6edc8447db738
--- a/SPECS/kernel-hci/CVE-2023-1998.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-1998.nopatch
@ -0,0 +1,3 @@
+CVE-2023-1998 - patched in 5.15.99.1 - (generated by autopatch tool)
+upstream 6921ed9049bc7457f66c1596c5b78aec0dae4a9d - stable e7f1ddebd9f5b12de40bc37db9243957678f1448
+
--- a/SPECS/kernel-hci/CVE-2023-2006.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2006.nopatch
@ -0,0 +1,3 @@
+CVE-2023-2006 - patched in 5.15.81.1
+Upstream: 3bcd6c7eaa53b56c3f584da46a1f7652e759d0e5  
+Stable: 38fe0988bd516f35c614ea9a5ff86c0d29f90c9a  
--- a/SPECS/kernel-hci/CVE-2023-2008.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2008.nopatch
@ -0,0 +1,3 @@
+CVE-2023-2008 - already patched in 5.15.51.1
+Upstream: 05b252cccb2e5c3f56119d25de684b4f810ba4
+Stable: 5b45535865d62633e3816ee30eb8d3213038dc17
--- a/SPECS/kernel-hci/CVE-2023-2019.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2019.nopatch
@ -0,0 +1,3 @@
+CVE-2023-2019 - patched in 5.15.61.1
+Upstream: 180a6a3ee60a7cb69ed1232388460644f6a21f00   
+Stable: f671cf48f383fccba313346eddb4bd6bcbdb55a4  
--- a/SPECS/kernel-hci/CVE-2023-2162.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2162.nopatch
@ -0,0 +1,3 @@
+CVE-CVE-2023-2162 - patched in 5.15.93.1
+Upstream: f484a794e4ee2a9ce61f52a78e810ac45f3fe3b3   
+Stable: 0aaabdb900c7415caa2006ef580322f7eac5f6b6 
--- a/SPECS/kernel-hci/CVE-2023-2166.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2166.nopatch
@ -0,0 +1,3 @@
+CVE-2023-2166 - patched in 5.15.83.1
+Upstream: 0acc442309a0a1b01bcdaa135e56e6398a49439c   
+Stable: c142cba37de29f740a3852f01f59876af8ae462a  
--- a/SPECS/kernel-hci/CVE-2023-2177.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2177.nopatch
@ -0,0 +1,3 @@
+CVE-2023-2177 - patched in 5.15.59.1
+Upstream: 181d8d2066c000ba0a0e6940a7ad80f1a0e68e9d   
+Stable: e796e1fe20ecaf6da419ef6a5841ba181bba7a0c  
--- a/SPECS/kernel-hci/CVE-2023-2194.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2194.nopatch
@ -0,0 +1,3 @@
+CVE-2023-2194 - patched in 5.15.105.1
+Upstream: 92fbb6d1296f81f41f65effd7f5f8c0f74943d15  
+Stable: 272dc775a52f2b0d0d8e844e77fefa7df8ebc653 
--- a/SPECS/kernel-hci/CVE-2023-2235.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2235.nopatch
@ -0,0 +1,3 @@
+CVE-2023-2235 - patched in 5.15.104.1 - (generated by autopatch tool)
+upstream fd0815f632c24878e325821943edccc7fde947a2 - stable de3ef7ba684a25313c4b7405d007ab22912ef95a
+
--- a/SPECS/kernel-hci/CVE-2023-2248.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-2248.nopatch
@ -0,0 +1,3 @@
+CVE-2023-2248 - patched in 5.15.109.1 - (generated by autopatch tool)
+upstream 3037933448f60f9acb705997eae62013ecb81e0d - stable 1ffc0e8105510cb826cb9d27ed1820a1131c82d4
+
--- a/SPECS/kernel-hci/CVE-2023-22997.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-22997.nopatch
@ -0,0 +1,3 @@
+CVE-2023-22997 - Vulnerable code not present in 5.15, kernel decompressing is introduced in 5.17
+Upstream offending commit: b1ae6dc41eaaa98bb75671e0f3665bfda248c3e7
+Upstream fix: 45af1d7aae7d5520d2858f8517a1342646f015db
--- a/SPECS/kernel-hci/CVE-2023-23005.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-23005.nopatch
@ -0,0 +1,6 @@
+CVE-2023-23005 - The CVE has been disputed
+
+Upstream offending commit: 7b88bda3761b95856cf97822efe8281c8100067b
+Upstream fix: 4a625ceee8a0ab0273534cb6b432ce6b331db5ee
+
+See https://nvd.nist.gov/vuln/detail/CVE-2023-23005 for more details.
--- a/SPECS/kernel-hci/CVE-2023-28327.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-28327.nopatch
@ -0,0 +1,3 @@
+CVE-2023-28327 - patched in 5.15.83.1
+Upstream: b3abe42e94900bdd045c472f9c9be620ba5ce553   
+Stable: 5c014eb0ed6c8c57f483e94cc6e90f34ce426d91  
--- a/SPECS/kernel-hci/CVE-2023-28328.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-28328.nopatch
@ -0,0 +1,3 @@
+CVE-2023-28328 - patched in 5.15.86.1
+Upstream: 0ed554fd769a19ea8464bb83e9ac201002ef74ad   
+Stable: 210fcf64be4db82c0e190e74b5111e4eef661a7a  
--- a/SPECS/kernel-hci/CVE-2023-30772.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-30772.nopatch
@ -0,0 +1,3 @@
+CVE-2023-30772 - already patched in 5.15.105.1
+Upstream: 06615d11cc78162dfd5116efb71f29eb29502d37
+Stable: 0fdb1cc4fe5255d0198c332b961bc4c1f8787982
--- a/SPECS/kernel-hci/CVE-2023-31436.nopatch
+++ b/SPECS/kernel-hci/CVE-2023-31436.nopatch
@ -0,0 +1,3 @@
+CVE-2023-31436 - patched in 5.15.109.1 - (generated by autopatch tool)
+upstream 3037933448f60f9acb705997eae62013ecb81e0d - stable 1ffc0e8105510cb826cb9d27ed1820a1131c82d4
+