retire CVE-2016-8660

author: Moritz Muehlenhoff <jmm@debian.org> 2020-07-14 22:06:39 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2020-07-14 22:06:39 +0200
commit: a37d9f2dee8b723f260ebc0485f6a11adda31040 (patch)
tree: cb35e9a776fc8db7007e680306375ae76c9f6968 /retired/CVE-2016-8660
parent: 1c94728014cf531ffb78475a5d91bbe5a89f7f09 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2016-8660 b/retired/CVE-2016-8660
new file mode 100644
index 00000000..109f9ae2
--- /dev/null
+++ b/retired/CVE-2016-8660
@@ -0,0 +1,19 @@
+Description: local DoS due to a page lock order bug in the XFS seek hole/data implementation
+References:
+Notes:
+ possibly introduced by fc0561cefc04e7803c0f6501ca4f310a502f65b8 but needs to
+ be verified.
+ Cf. http://www.openwall.com/lists/oss-security/2016/10/13/8
+ https://bugzilla.novell.com/show_bug.cgi?id=1004532#c10
+ jmm> Not a security bug per Dave Chinner at https://marc.info/?l=linux-fsdevel&m=147639177409294&w=2
+Bugs:
+upstream: ignored "not a security bug"
+4.19-upstream-stable: ignored "not a security bug"
+4.9-upstream-stable: ignored "not a security bug"
+3.16-upstream-stable: N/A "Vulnerable code introduced in (4.4-rc1) [fc0561cefc04e7803c0f6501ca4f310a502f65b8]"
+3.2-upstream-stable: N/A "Vulnerable code introduced in (4.4-rc1) [fc0561cefc04e7803c0f6501ca4f310a502f65b8]"
+sid: ignored "not a security bug"
+4.19-buster-security: ignored "not a security bug"
+4.9-stretch-security: ignored "not a security bug"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Moritz Muehlenhoff <jmm@debian.org>	2020-07-14 22:06:39 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2020-07-14 22:06:39 +0200
commit	a37d9f2dee8b723f260ebc0485f6a11adda31040 (patch)
tree	cb35e9a776fc8db7007e680306375ae76c9f6968 /retired/CVE-2016-8660
parent	1c94728014cf531ffb78475a5d91bbe5a89f7f09 (diff)