Retire CVE-2017-18202

author: Salvatore Bonaccorso <carnil@debian.org> 2018-03-04 21:18:50 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2018-03-04 21:18:50 +0100
commit: e089d19a5014a30ac69ec6d4f239867998ce39da (patch)
tree: 20f172ea0b86ae2444e5a8e4463a9d797b2f0009 /retired/CVE-2017-18202
parent: ea60e3d8e460f524b201d16c4c6b015a5b925bcb (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2017-18202 b/retired/CVE-2017-18202
new file mode 100644
index 00000000..bdda468e
--- /dev/null
+++ b/retired/CVE-2017-18202
@@ -0,0 +1,16 @@
+Description: mm, oom_reaper: gather each vma to prevent leaking TLB entry
+References:
+Notes:
+ bwh> If I read the fix description correctly, this is caused by an
+ bwh> optimisation on arm64 to defer flushing of TLB entries when a
+ bwh> whole mm is freed (added in 4.4), and the oom-reaper (added in
+ bwh> 4.6) not doing the synchronisation that makes that safe.
+Bugs:
+upstream: released (4.15-rc2) [687cb0884a714ff484d038e9190edc874edcf146]
+4.9-upstream-stable: released (4.9.68) [ee23ae915fa74956503507c1e55cbb2102f349ec]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.14.7-1)
+4.9-stretch-security: released (4.9.80-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2018-03-04 21:18:50 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2018-03-04 21:18:50 +0100
commit	e089d19a5014a30ac69ec6d4f239867998ce39da (patch)
tree	20f172ea0b86ae2444e5a8e4463a9d797b2f0009 /retired/CVE-2017-18202
parent	ea60e3d8e460f524b201d16c4c6b015a5b925bcb (diff)