Retire some CVEs fixed everywhere

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5025 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 20 insertions, 0 deletions

diff --git a/retired/CVE-2017-2618 b/retired/CVE-2017-2618
new file mode 100644
index 00000000..0e61321b
--- /dev/null
+++ b/retired/CVE-2017-2618
@@ -0,0 +1,20 @@
+Description: selinux: fix off-by-one in setprocattr 
+References:
+Notes:
+ carnil> Possibly introduced in 3.5-rc1 with d6ea83ec6864e9297fa8b00ec3dae183413a90e3
+ bwh> The off-by-one error was introduced in Linux 2.6.12 (just before
+ bwh> the switch to git), as a (very minor) information leak.  The above
+ bwh> commit increased the security impact - writing exactly "\n" can
+ bwh> result in a buffer under-read and oops, which is what this CVE
+ bwh> describes.  Later, commit bb646cdb12e7 "proc_pid_attr_write():
+ bwh> switch to memdup_user()" reduced the buffer size so there is also
+ bwh> a buffer over-read.  However, I think that has no additional impact
+ bwh> since even SLOB pads heap allocations to at least 2 bytes.
+Bugs:
+upstream: released (4.10-rc8) [0c461cb727d146c9ef2d3e86214f498b78b7d125]
+4.9-upstream-stable: released (4.9.10) [6cbaf7b94373743deb42fd410173aab81f8945fe]
+3.16-upstream-stable: released (3.16.41) [selinux-fix-off-by-one-in-setprocattr.patch]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.9.10-1)
+3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/all/selinux-fix-off-by-one-in-setprocattr.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"