Retire CVE-2016-7039

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4690 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2016-11-06 16:30:32 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2016-11-06 16:30:32 +0000
commit: 0cfb6301118bc0a69433f63bc9fa5b2fe0f27ed2 (patch)
tree: 98c095bc3fa68509df37df544ba387474842bdb3 /retired/CVE-2016-7039
parent: 6cbfd5add261e4daf1047f6118d657e4424bfdd9 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2016-7039 b/retired/CVE-2016-7039
new file mode 100644
index 00000000..91aec662
--- /dev/null
+++ b/retired/CVE-2016-7039
@@ -0,0 +1,14 @@
+Description: net: unbounded recursion in the vlan GRO processing
+References:
+ https://www.mail-archive.com/netdev%40vger.kernel.org/msg132064.html
+ https://patchwork.ozlabs.org/patch/680412/
+Notes:
+ carnil> Note the break-fix fac8e0f579695a3ecbc4d3cac369139d7f819971
+ carnil> got assigned a separate CVE ID, CVE-2016-8666
+Bugs:
+upstream: released (4.9-rc4) [fcd91dd449867c6bfe56a81cabba76b829fd05cd]
+3.16-upstream-stable: N/A "Vulnerable code introduced with 9b174d88c257150562b0101fcc6cb6c3cb74275c and 66e5133f19e901a044fa5eaeeb6ecff4545839e5"
+3.2-upstream-stable: N/A "Vulnerable code introduced with 9b174d88c257150562b0101fcc6cb6c3cb74275c and 66e5133f19e901a044fa5eaeeb6ecff4545839e5"
+sid: released (4.7.8-1) [bugfix/all/net-add-recursion-limit-to-gro.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2016-11-06 16:30:32 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2016-11-06 16:30:32 +0000
commit	0cfb6301118bc0a69433f63bc9fa5b2fe0f27ed2 (patch)
tree	98c095bc3fa68509df37df544ba387474842bdb3 /retired/CVE-2016-7039
parent	6cbfd5add261e4daf1047f6118d657e4424bfdd9 (diff)