Retire CVE-2017-14954

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5608 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2017-10-02 04:23:09 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-10-02 04:23:09 +0000
commit: 938f0c44db72b0fac848615346b5c5c7ca285419 (patch)
tree: b0d672ab09dca258029872fedfd0ae07ddd5dd11 /retired/CVE-2017-14954
parent: 318aa3d6412d3aa9e7b023bb31460ffbde52d6a4 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2017-14954 b/retired/CVE-2017-14954
new file mode 100644
index 00000000..626bf94d
--- /dev/null
+++ b/retired/CVE-2017-14954
@@ -0,0 +1,16 @@
+Description: fix infoleak in waitid(2)
+References:
+ https://grsecurity.net/~spender/exploits/wait_for_kaslr_to_be_effective.c
+ https://twitter.com/_argp/status/914021130712870912
+ https://twitter.com/grsecurity/status/914079864478666753
+Notes:
+ carnil> Fixes ce72a16fa705f960ca2352e95a7c5f4801475e75 (4.13-rc1)
+Bugs:
+upstream: released (4.14-rc3) [6c85501f2fabcfc4fc6ed976543d252c4eaf4be9]
+4.9-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1"
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1"
+sid: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2017-10-02 04:23:09 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-10-02 04:23:09 +0000
commit	938f0c44db72b0fac848615346b5c5c7ca285419 (patch)
tree	b0d672ab09dca258029872fedfd0ae07ddd5dd11 /retired/CVE-2017-14954
parent	318aa3d6412d3aa9e7b023bb31460ffbde52d6a4 (diff)