diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2014-07-14 10:16:14 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2014-07-14 10:16:14 +0000 |
commit | 62a92f5f266664476bac215626961ab647075056 (patch) | |
tree | 27f05669d005f5a7457e2e1a54710427a0a922d4 /retired/CVE-2014-3144 | |
parent | fc1e12a588f67532c94cb9c2ef71c2f53efb4911 (diff) |
retire issues which have been submitted to 2.6.32.x LTS and which are fixed in
all other suites, 2.6.32.x releases at much slower pace, no need to wait here
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3442 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2014-3144')
-rw-r--r-- | retired/CVE-2014-3144 | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2014-3144 b/retired/CVE-2014-3144 new file mode 100644 index 00000000..015d0976 --- /dev/null +++ b/retired/CVE-2014-3144 @@ -0,0 +1,14 @@ +Description: The BPF_S_ANC_NLATTR and BPF_S_ANC_NLATTR_NEST extensions fail to check for a minimal message length +References: + http://www.openwall.com/lists/oss-security/2014/05/09/5 +Notes: + Thought to be fixed in 3.14.4-1 by patch + bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch, + but two hunks are applied in the same place so the bug is only half-fixed. +Bugs: +upstream: released (v3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3] +2.6.32-upstream-stable: pending (2.6.32.64) +sid: released (3.14.5-1) +3.2-wheezy-security: released (3.2.57-3+deb7u2) [bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch] +2.6.32-squeeze-security: released (2.6.32-48squeeze8) +3.2-upstream-stable: released (3.2.60) |