Retire CVE-2015-8970

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4697 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 21 insertions, 0 deletions

diff --git a/retired/CVE-2015-8970 b/retired/CVE-2015-8970
new file mode 100644
index 00000000..f2cbaaa4
--- /dev/null
+++ b/retired/CVE-2015-8970
@@ -0,0 +1,21 @@
+Description: crypto: GPF in lrw_crypt caused by null-deref
+References:
+Notes:
+ carnil> dd504589577d8e8e70f51f997ad487a4cb6c026f is the initial patch
+ carnil> followed by a set of related patches. Possibly related:
+ carnil> dd504589577d8e8e70f51f997ad487a4cb6c026f crypto: algif_skcipher - Require setkey before accept(2)
+ carnil> c840ac6af3f8713a71b4d2363419145760bd6044 crypto: af_alg - Disallow bind/setkey/... after accept(2)
+ carnil> a383292c86663bbc31ac62cc0c04fc77504636a6 crypto: af_alg - Fix socket double-free when accept fails
+ carnil> 37766586c965d63758ad542325a96d5384f4a8c9 crypto: af_alg - Add nokey compatibility path
+ carnil> a0fa2d037129a9849918a92d91b79ed6c7bd2818 crypto: algif_skcipher - Add nokey compatibility path
+ carnil> a5596d6332787fd383b3b5427b41f94254430827 crypto: hash - Add crypto_ahash_has_setkey
+ carnil> 6de62f15b581f920ade22d758f4c338311c2f0d4 crypto: algif_hash - Require setkey before accept(2)
+ carnil> a1383cd86a062fc798899ab20f0ec2116cce39cb crypto: skcipher - Add crypto_skcipher_has_setkey
+ carnil> 6e8d8ecf438792ecf7a3207488fb4eebc4edb040 crypto: algif_skcipher - Add key check exception for cipher_null
+Bugs:
+upstream: released (4.5-rc1) [dd504589577d8e8e70f51f997ad487a4cb6c026f]
+3.16-upstream-stable: released (3.16.7-ckt25)
+3.2-upstream-stable: released (3.2.77)
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1)
+3.2-wheezy-security: released (3.2.78-1)