Retire CVE-2016-3707

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4409 e094ebfe-e918-0410-adfb-c712417f3574
author: Ben Hutchings <benh@debian.org> 2016-05-23 01:06:13 +0000
committer: Ben Hutchings <benh@debian.org> 2016-05-23 01:06:13 +0000
commit: 8012b458653778e85a6e2af7e911db136ba4c774 (patch)
tree: 20c49c70ef30bbe21fe93e3be9fde172146fad0a /retired/CVE-2016-3707
parent: a6825029e7cf80d67d7d0a3830e121d4d381bb60 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2016-3707 b/retired/CVE-2016-3707
new file mode 100644
index 00000000..71d0f789
--- /dev/null
+++ b/retired/CVE-2016-3707
@@ -0,0 +1,18 @@
+Description: Sending SysRq command via ICMP echo request
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1327484
+ https://lwn.net/Articles/448790/
+Notes:
+ carnil> This CVE is in effect only when the rt featureset
+ carnil> is enabled, and the aptch features/all/rt/ping-sysrq.patch
+ carnil> is active.
+ bwh> ... and when the feature is enabled by setting a sysctl.  So far
+ bwh> as I can see, this is a debug feature that was not meant to be
+ bwh> enabled on production systems.
+Bugs:
+upstream: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: ignored "Debug feature works as intended"
author	Ben Hutchings <benh@debian.org>	2016-05-23 01:06:13 +0000
committer	Ben Hutchings <benh@debian.org>	2016-05-23 01:06:13 +0000
commit	8012b458653778e85a6e2af7e911db136ba4c774 (patch)
tree	20c49c70ef30bbe21fe93e3be9fde172146fad0a /retired/CVE-2016-3707
parent	a6825029e7cf80d67d7d0a3830e121d4d381bb60 (diff)