diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2016-03-08 10:16:46 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2016-03-08 10:16:46 +0000 |
commit | 6764f2f792102212f9e0810bdb2982d27837b88f (patch) | |
tree | 7abffe4f3e550ddd0a8c42124ab2d15e96c9d5b0 /retired/CVE-2013-4312 | |
parent | 57f9ea60adeaa2ead8f668b5bf7640d874a21ceb (diff) |
retire
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4229 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2013-4312')
-rw-r--r-- | retired/CVE-2013-4312 | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/retired/CVE-2013-4312 b/retired/CVE-2013-4312 new file mode 100644 index 00000000..24a18df9 --- /dev/null +++ b/retired/CVE-2013-4312 @@ -0,0 +1,21 @@ +Description: unix: properly account for FDs passed over unix sockets +References: + https://lkml.org/lkml/2015/12/31/15 +Notes: + carnil> 712f4aad406bb1ed67f3f98d04c044191f0ff593 according to the commit + carnil> message mitigated the issue. + bwh> This was applied in 3.16.7-ckt20-1+deb8u3, 4.3.3-6, and 4.3.5. + carnil> There is a second commit [759c01142a5d0f364a462346168a56de28a80f52] to + carnil> mitigate CVE-2013-4312, but this is slightly more involving. Ben + carnil> suggested to wait before starting to backport this as well and look + carnil> for possible regressions/problems. +Bugs: + https://bugzilla.kernel.org/show_bug.cgi?id=20402 +upstream: released (4.5-rc1) [712f4aad406bb1ed67f3f98d04c044191f0ff593] +3.16-upstream-stable: released (3.16.7-ckt24) +3.2-upstream-stable: released (v3.2.78) [a5a6cf8c405e826ff7ed1308dde72560c0ed4854] +2.6.32-upstream-stable: ignored +sid: released (4.3.3-6) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch] +3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch] +3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch] +2.6.32-squeeze-security: ignored "Too risky to backport at EOL" |