diff options
author | Ben Hutchings <benh@debian.org> | 2016-11-28 19:33:33 +0000 |
---|---|---|
committer | Ben Hutchings <benh@debian.org> | 2016-11-28 19:33:33 +0000 |
commit | 5a35fd3e2ee09fbe52e052d63d2e491cbd23d973 (patch) | |
tree | aba1da681fcd72899634aff14139502c1f20931e /retired/CVE-2016-7916 | |
parent | beac2cd11531361a8fad0a70dd91bb460ca29641 (diff) |
Retire issues that are released, ignored or N/A in all branches
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4740 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2016-7916')
-rw-r--r-- | retired/CVE-2016-7916 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2016-7916 b/retired/CVE-2016-7916 new file mode 100644 index 00000000..8df14bbe --- /dev/null +++ b/retired/CVE-2016-7916 @@ -0,0 +1,17 @@ +Description: + Race condition in the environ_read function in fs/proc/base.c in the Linux kernel + before 4.5.4 allows local users to obtain sensitive information from kernel memory + by reading a /proc/*/environ file during a process-setup time interval in which + environment-variable copying is incomplete. +References: + http://source.android.com/security/bulletin/2016-11-01.html + https://bugzilla.kernel.org/show_bug.cgi?id=116461 + https://forums.grsecurity.net/viewtopic.php?f=3&t=4363 +Notes: +Bugs: +upstream: released (4.6-rc7) [8148a73c9901a8794a50f950083c00ccf97d43b3] +3.16-upstream-stable: released (3.16.36) +3.2-upstream-stable: released (3.2.81) +sid: released (4.5.4-1) +3.16-jessie-security: released (3.16.36-1) +3.2-wheezy-security: released (3.2.81-1) |