diff options
| author | Ben Hutchings <benh@debian.org> | 2017-03-14 14:41:30 +0000 |
|---|---|---|
| committer | Ben Hutchings <benh@debian.org> | 2017-03-14 14:41:30 +0000 |
| commit | 8a44df4fec5f79355bc39998060326e21d404fbb (patch) | |
| tree | b913998f6a1fc5233b4593e1a48a5454dc2818b3 | |
| parent | 710455f232bc6c860e183658a65f137b146a9957 (diff) | |
Ignore CVE-2015-2877 for all branches, and retire it
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5077 e094ebfe-e918-0410-adfb-c712417f3574
| -rw-r--r-- | active/CVE-2015-2877 | 13 | ||||
| -rw-r--r-- | active/CVE-2016-10200 | 2 | ||||
| -rw-r--r-- | active/CVE-2017-5967 | 2 | ||||
| -rw-r--r-- | retired/CVE-2015-2877 | 15 |
4 files changed, 17 insertions, 15 deletions
diff --git a/active/CVE-2015-2877 b/active/CVE-2015-2877 deleted file mode 100644 index e84ca796..00000000 --- a/active/CVE-2015-2877 +++ /dev/null @@ -1,13 +0,0 @@ -Description: Cross-VM ASL INtrospection (CAIN) -References: - https://www.usenix.org/conference/woot15/workshop-program/presentation/barresi -Notes: - bwh> Depends on KSM, which needs to be explicitly enabled at run-time -Bugs: -upstream: needed -4.9-upstream-stable: needed -3.16-upstream-stable: needed -3.2-upstream-stable: needed -sid: needed -3.16-jessie-security: needed -3.2-wheezy-security: needed diff --git a/active/CVE-2016-10200 b/active/CVE-2016-10200 index e359c9c7..453af291 100644 --- a/active/CVE-2016-10200 +++ b/active/CVE-2016-10200 @@ -8,4 +8,4 @@ upstream: released (v4.9-rc7) [32c231164b762dddefa13af5a0101032c70b50ef] 3.2-upstream-stable: needed sid: released (4.8.15-1) 3.16-jessie-security: pending (3.16.39-1+deb8u3) [bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch] -3.2-wheezy-security: needed +3.2-wheezy-security: pending (3.2.86-2) [bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch] diff --git a/active/CVE-2017-5967 b/active/CVE-2017-5967 index 024a54f8..f04c5342 100644 --- a/active/CVE-2017-5967 +++ b/active/CVE-2017-5967 @@ -14,4 +14,4 @@ upstream: released (4.11-rc1) [dfb4357da6ddbdf57d583ba64361c9d792b0e0b1] 3.2-upstream-stable: ignored "Upstream fix is not suitable for backporting" sid: released (4.9.13-1) [debian/time-mark-timer_stats-as-broken.patch] 3.16-jessie-security: pending (3.16.39-1+deb8u3) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch] -3.2-wheezy-security: needed +3.2-wheezy-security: pending (3.2.86-2) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch] diff --git a/retired/CVE-2015-2877 b/retired/CVE-2015-2877 new file mode 100644 index 00000000..bccd0c82 --- /dev/null +++ b/retired/CVE-2015-2877 @@ -0,0 +1,15 @@ +Description: Cross-VM ASL INtrospection (CAIN) +References: + https://www.usenix.org/conference/woot15/workshop-program/presentation/barresi + http://www.antoniobarresi.com/files/cain_advisory.txt +Notes: + bwh> Depends on KSM, which needs to be explicitly enabled at run-time. + bwh> It appears to be impractical to fix or mitigate this in KSM. +Bugs: +upstream: ignored "Intrinsic risk of KSM feature" +4.9-upstream-stable: ignored "Intrinsic risk of KSM feature" +3.16-upstream-stable: ignored "Intrinsic risk of KSM feature" +3.2-upstream-stable: ignored "Intrinsic risk of KSM feature" +sid: ignored "Intrinsic risk of KSM feature" +3.16-jessie-security: ignored "Intrinsic risk of KSM feature" +3.2-wheezy-security: ignored "Intrinsic risk of KSM feature" |