diff options
author | Ben Hutchings <benh@debian.org> | 2016-05-23 01:06:13 +0000 |
---|---|---|
committer | Ben Hutchings <benh@debian.org> | 2016-05-23 01:06:13 +0000 |
commit | 8012b458653778e85a6e2af7e911db136ba4c774 (patch) | |
tree | 20c49c70ef30bbe21fe93e3be9fde172146fad0a /retired/CVE-2016-3707 | |
parent | a6825029e7cf80d67d7d0a3830e121d4d381bb60 (diff) |
Retire CVE-2016-3707
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4409 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2016-3707')
-rw-r--r-- | retired/CVE-2016-3707 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2016-3707 b/retired/CVE-2016-3707 new file mode 100644 index 00000000..71d0f789 --- /dev/null +++ b/retired/CVE-2016-3707 @@ -0,0 +1,18 @@ +Description: Sending SysRq command via ICMP echo request +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1327484 + https://lwn.net/Articles/448790/ +Notes: + carnil> This CVE is in effect only when the rt featureset + carnil> is enabled, and the aptch features/all/rt/ping-sysrq.patch + carnil> is active. + bwh> ... and when the feature is enabled by setting a sysctl. So far + bwh> as I can see, this is a debug feature that was not meant to be + bwh> enabled on production systems. +Bugs: +upstream: N/A "Vulnerable code not present" +3.16-upstream-stable: N/A "Vulnerable code not present" +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +3.16-jessie-security: N/A "Vulnerable code not present" +3.2-wheezy-security: ignored "Debug feature works as intended" |