Fill in status for CVE-2015-8967 and retire it

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4811 e094ebfe-e918-0410-adfb-c712417f3574
author: Ben Hutchings <benh@debian.org> 2016-12-28 16:41:40 +0000
committer: Ben Hutchings <benh@debian.org> 2016-12-28 16:41:40 +0000
commit: 71ea5e127199b19e3c7ef1f08009ff56a9361a90 (patch)
tree: 61027cae3acc605ef52ae910bc82917f0c6ee828 /retired/CVE-2015-8967
parent: 3f4a5dea8e83fbde73e1a88c68e6dccea1c6766a (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/retired/CVE-2015-8967 b/retired/CVE-2015-8967
new file mode 100644
index 00000000..80ace3b0
--- /dev/null
+++ b/retired/CVE-2015-8967
@@ -0,0 +1,13 @@
+Description: arm64 syscall table is not read-only
+References:
+Notes:
+ bwh> This is not a security flaw in itself, but a missing mitigation.
+ bwh> Additionally, arm64 had no support for page protections in the
+ bwh> kernel mapping before 4.0, so this is impractical to backport.
+Bugs:
+upstream: released (4.0-rc1) [c623b33b4e9599c6ac5076f7db7369eb9869aa04]
+3.16-upstream-stable: ignored "Missing mitigation, impractical to backport"
+3.2-upstream-stable: N/A "Vulnerable architecture not present"
+sid: released (4.0.2-1)
+3.16-jessie-security: ignored "Missing mitigation, impractical to backport"
+3.2-wheezy-security: N/A "Vulnerable architecture not present"
author	Ben Hutchings <benh@debian.org>	2016-12-28 16:41:40 +0000
committer	Ben Hutchings <benh@debian.org>	2016-12-28 16:41:40 +0000
commit	71ea5e127199b19e3c7ef1f08009ff56a9361a90 (patch)
tree	61027cae3acc605ef52ae910bc82917f0c6ee828 /retired/CVE-2015-8967
parent	3f4a5dea8e83fbde73e1a88c68e6dccea1c6766a (diff)