Retire CVE-2017-17864

1 files changed, 23 insertions, 0 deletions

diff --git a/retired/CVE-2017-17864 b/retired/CVE-2017-17864
new file mode 100644
index 00000000..fb727027
--- /dev/null
+++ b/retired/CVE-2017-17864
@@ -0,0 +1,23 @@
+Description: bpf/verifier: Fix states_equal() comparison of pointer and UNKNOWN
+References:
+Notes:
+ carnil> Ben's commit message states "This was fixed differently upstream,
+ carnil> but the code around here waslargely rewritten in 4.14 by commit
+ carnil> f1174f77b50c "bpf/verifier: rework value tracking". The bug can be
+ carnil> detected by the bpf/verifier sub-test "pointer/scalar confusion in
+ carnil> state equality check (way 1)"."
+ carnil> how was it fixed? Which upstream commit?
+ carnil> So needs to be checked if 179d1c5602997fef5a940c6ddcf31212cbfebd14
+ carnil> fixed that problem.
+ bwh> I know that the test case was fixed upstream and in sid by the recent
+ bwh> series of fixes, so have marked this as released even though I'm not
+ bwh> absolutely certain that this is the specific commit that fixed it.
+Bugs:
+upstream: released (4.15-rc5) [179d1c5602997fef5a940c6ddcf31212cbfebd14]
+4.9-upstream-stable: released (4.9.73) [37435f7e80ef9adc32a69013c18f135e3f434244]
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+3.2-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (4.14.7-1) [bugfix/all/bpf-don-t-prune-branches-when-a-scalar-is-replaced-w.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-verifier-fix-states_equal-comparison-of-pointer-and-unknown.patch]
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"