diff options
author | Ben Hutchings <benh@debian.org> | 2017-03-14 14:29:39 +0000 |
---|---|---|
committer | Ben Hutchings <benh@debian.org> | 2017-03-14 14:29:39 +0000 |
commit | 710455f232bc6c860e183658a65f137b146a9957 (patch) | |
tree | 6281b18711c0462e688694268ee6604f11edf1f4 /retired/CVE-2015-8952 | |
parent | 57e59fe6374329a144de30288f65f72c6b14dd95 (diff) |
Ignore CVE-2015-8952 for jessie, and retire it
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5076 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2015-8952')
-rw-r--r-- | retired/CVE-2015-8952 | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/retired/CVE-2015-8952 b/retired/CVE-2015-8952 new file mode 100644 index 00000000..d08d5fda --- /dev/null +++ b/retired/CVE-2015-8952 @@ -0,0 +1,23 @@ +Description: +References: + https://lwn.net/Articles/668718/ + https://bugzilla.redhat.com/show_bug.cgi?id=1360968 + https://bugzilla.kernel.org/show_bug.cgi?id=107301 +Notes: + bwh> The upstream fix (rewrite of mbcache) is too intrusive to backport. + bwh> We will mitigate this with cond_resched() as suggested in comment 1 + bwh> on the bz.k.o bug report. I don't want to add the no_mbcache mount + bwh> option as in comment 12 - that is a uAPI extension that we would + bwh> have to support indefinitely even though it's redundant in new kernel + bwh> versions. An alternative would be to make ext4 avoid using mbcache + bwh> for ceph xattrs (I have an untested patch for this). + bwh> The problem seems to have been introduced (or exacerbated) by commit + bwh> 1f3e55fe02d1 in 3.15, which added a retry loop in mb_cache_entry_alloc(). +Bugs: +upstream: released (4.6-rc1) [f9a61eb4e2471c56a63cd804c7474128138c38ac, 82939d7999dfc1f1998c4b1c12e2f19edbdff272, be0726d33cb8f411945884664924bed3cb8c70ee] +4.9-upstream-stable: N/A "Fixed before branch point" +3.16-upstream-stable: ignored "Too intrusive to backport" +3.2-upstream-stable: ignored "Too intrusive to backport, and seems to be minor issue" +sid: released (4.6.1-1) +3.16-jessie-security: ignored "Too intrusive to backport, but will be mitigated" +3.2-wheezy-security: ignored "Too intrusive to backport, and seems to be minor issue" |