Retire CVE-2017-18174

author: Salvatore Bonaccorso <carnil@debian.org> 2018-03-04 21:17:01 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2018-03-04 21:17:01 +0100
commit: 8f62020dff59a2bdcb4a4b5f46c92ca5cb3791c1 (patch)
tree: ec6fda52dbc8ab43eff4f1a3381d95e11ca037b1 /retired/CVE-2017-18174
parent: a47423f4585b98d81741c91645db748e8037a96b (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2017-18174 b/retired/CVE-2017-18174
new file mode 100644
index 00000000..78db9c18
--- /dev/null
+++ b/retired/CVE-2017-18174
@@ -0,0 +1,17 @@
+Description: pinctrl: amd: Use devm_pinctrl_register() for pinctrl registration
+References:
+Notes:
+ carnil> Issue fixed in 251e22abde21833b3d29577e4d8c7aaccd650eee (4.7-rc1).
+ carnil> Was shortly introduced in a rc version with 3bfd44306c65d073008b9ca8f062249f35576b61
+ carnil> in 4.11-rc1 and fixed in same rc version with 8dca4a41f1ad65043a78c2338d9725f859c8d2c3
+ bwh> The security issue is the double-free introduced and fixed in the
+ bwh> 4.11 release cycle.  The change in 4.7 was not security-relevant.
+Bugs:
+upstream: released (4.11-rc1) [8dca4a41f1ad65043a78c2338d9725f859c8d2c3]
+4.9-upstream-stable: N/A "Issue introduced later"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Issue introduced later"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2018-03-04 21:17:01 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2018-03-04 21:17:01 +0100
commit	8f62020dff59a2bdcb4a4b5f46c92ca5cb3791c1 (patch)
tree	ec6fda52dbc8ab43eff4f1a3381d95e11ca037b1 /retired/CVE-2017-18174
parent	a47423f4585b98d81741c91645db748e8037a96b (diff)