diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-09 08:52:03 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-09 08:52:03 +0000 |
commit | f3dd331af9c70c6b5158fc1cd6a0ebc8f14714d3 (patch) | |
tree | edcf14e6de0e9d6e41f5c2a25173cff32a4ec6a3 /retired/CVE-2017-12188 | |
parent | 8a5e0e12add23e540c83f904ae19ccac1a4116fa (diff) |
Retire several CVEs fixed everywhere
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5772 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2017-12188')
-rw-r--r-- | retired/CVE-2017-12188 | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/retired/CVE-2017-12188 b/retired/CVE-2017-12188 new file mode 100644 index 00000000..3039e991 --- /dev/null +++ b/retired/CVE-2017-12188 @@ -0,0 +1,21 @@ +Description: KVM: MMU potential stack buffer overrun during page walks +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1500380 + https://www.spinics.net/lists/kvm/msg156651.html +Notes: + carnil> According to Paolo Bonzini, only + carnil> https://www.spinics.net/lists/kvm/msg156650.html + carnil> is needed to fix CVE-2017-12188 + carnil> Issue might thus only affect kernels starting from 4.6-rc1 + carnil> but I'm not 100% certain on the last claim or if we should + carnil> adress the issue as well for kernels later than 3.12-rc1 + bwh> Let's trust Paolo on this +Bugs: +upstream: released (4.14-rc5) [fd19d3b45164466a4adce7cbff448ba9189e1427, 829ee279aed43faa5cb1e4d65c0cad52f2426c53] +4.9-upstream-stable: released (4.9.57) [28955b03fac36829831e185e3ec2793f8eb18689, 3610c4a7838df867d1b9d83a38c87042859ff896] +3.16-upstream-stable: N/A "Vulnerable code not present" +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.13.4-2) [bugfix/x86/KVM-nVMX-update-last_nonleaf_level-when-initializing.patch, bugfix/x86/KVM-MMU-always-terminate-page-walks-at-level-1.patch] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: N/A "Vulnerable code not present" +3.2-wheezy-security: N/A "Vulnerable code not present" |