Retire issues that are released, ignored or N/A in all branches

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4740 e094ebfe-e918-0410-adfb-c712417f3574
author: Ben Hutchings <benh@debian.org> 2016-11-28 19:33:33 +0000
committer: Ben Hutchings <benh@debian.org> 2016-11-28 19:33:33 +0000
commit: 5a35fd3e2ee09fbe52e052d63d2e491cbd23d973 (patch)
tree: aba1da681fcd72899634aff14139502c1f20931e /retired/CVE-2016-7916
parent: beac2cd11531361a8fad0a70dd91bb460ca29641 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2016-7916 b/retired/CVE-2016-7916
new file mode 100644
index 00000000..8df14bbe
--- /dev/null
+++ b/retired/CVE-2016-7916
@@ -0,0 +1,17 @@
+Description:
+ Race condition in the environ_read function in fs/proc/base.c in the Linux kernel
+ before 4.5.4 allows local users to obtain sensitive information from kernel memory
+ by reading a /proc/*/environ file during a process-setup time interval in which
+ environment-variable copying is incomplete. 
+References:
+ http://source.android.com/security/bulletin/2016-11-01.html
+ https://bugzilla.kernel.org/show_bug.cgi?id=116461
+ https://forums.grsecurity.net/viewtopic.php?f=3&t=4363 
+Notes:
+Bugs:
+upstream: released (4.6-rc7) [8148a73c9901a8794a50f950083c00ccf97d43b3]
+3.16-upstream-stable: released (3.16.36)
+3.2-upstream-stable: released (3.2.81)
+sid: released (4.5.4-1)
+3.16-jessie-security: released (3.16.36-1)
+3.2-wheezy-security: released (3.2.81-1)
author	Ben Hutchings <benh@debian.org>	2016-11-28 19:33:33 +0000
committer	Ben Hutchings <benh@debian.org>	2016-11-28 19:33:33 +0000
commit	5a35fd3e2ee09fbe52e052d63d2e491cbd23d973 (patch)
tree	aba1da681fcd72899634aff14139502c1f20931e /retired/CVE-2016-7916
parent	beac2cd11531361a8fad0a70dd91bb460ca29641 (diff)