diff options
author | Ben Hutchings <benh@debian.org> | 2017-02-23 21:55:28 +0000 |
---|---|---|
committer | Ben Hutchings <benh@debian.org> | 2017-02-23 21:55:28 +0000 |
commit | c77a05b32b2f63a5cefb610c25affbe3a5afe807 (patch) | |
tree | 83c44ec760bac31786ce6385a318fbf76a8d8e81 /retired/CVE-2015-8964 | |
parent | 8006483d9aab4dfb5da87b728df3166107707e9e (diff) |
Retire many issues now released (or N/A or ignored) in all branches
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5001 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2015-8964')
-rw-r--r-- | retired/CVE-2015-8964 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2015-8964 b/retired/CVE-2015-8964 new file mode 100644 index 00000000..97e0f859 --- /dev/null +++ b/retired/CVE-2015-8964 @@ -0,0 +1,18 @@ +Description: Potential information leak or use-after-free in tty subsystem +References: + https://source.android.com/security/bulletin/2016-11-01.html +Notes: + bwh> A known use-after-free bug in N_X25 has already been fixed + bwh> (commit ee9159ddce14, no CVE assigned). The Android security + bwh> bulletin says this fixes an information leak, presumably because + bwh> if receive_room is too large it will permit reading beyond a + bwh> buffer. We also need commit fd98e9419d8d ("isdn/gigaset: reset + bwh> tty->receive_room when attaching ser_gigaset") to avoid a + bwh> regression. +Bugs: +upstream: released (4.5-rc1) [dd42bf1197144ede075a9d4793123f7689e164bc] +3.16-upstream-stable: released (3.16.40) [tty-prevent-ldisc-drivers-from-re-using-stale-tty-fields.patch] +3.2-upstream-stable: released (3.2.85) [tty-prevent-ldisc-drivers-from-re-using-stale-tty-fields.patch] +sid: released (4.5.1-1) +3.16-jessie-security: released (3.16.39-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch] +3.2-wheezy-security: released (3.2.84-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch] |