Retire four CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5207 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2017-04-23 10:23:24 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-04-23 10:23:24 +0000
commit: 816a5c9ee308eaa9d89e64aa5bc3fbe16fcc9b9a (patch)
tree: ca6c784d51ff82b3ed088adb83b8351ad014a5a5 /retired/CVE-2017-2596
parent: f6b2b34855d52bd7e681ac586783eea087ff7965 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2017-2596 b/retired/CVE-2017-2596
new file mode 100644
index 00000000..af79b633
--- /dev/null
+++ b/retired/CVE-2017-2596
@@ -0,0 +1,15 @@
+Description: kvm: page reference leakage in handle_vmon
+References:
+ https://www.spinics.net/lists/kvm/msg144319.html
+Notes:
+ bwh> Introduced in 3.16 by 3573e22cfeca "KVM: nVMX: additional checks on vmxon
+ bwh> region"
+Bugs:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1417812
+upstream: released (4.11-rc1) [06ce521af9558814b8606c0476c54497cf83a653]
+4.9-upstream-stable: released (4.9.24) [75465e71ec3139b958d06d48dfc85720aed69b6a]
+3.16-upstream-stable: released (3.16.42) [591fc80b6369a886a1d21cacf11f91b455781df3]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.9.13-1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
+3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2017-04-23 10:23:24 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-04-23 10:23:24 +0000
commit	816a5c9ee308eaa9d89e64aa5bc3fbe16fcc9b9a (patch)
tree	ca6c784d51ff82b3ed088adb83b8351ad014a5a5 /retired/CVE-2017-2596
parent	f6b2b34855d52bd7e681ac586783eea087ff7965 (diff)