Retire CVE-2017-7187

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5156 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2017-04-09 17:59:16 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-04-09 17:59:16 +0000
commit: c5c83d161ea7172c975b17f636ea3a84c650b9fe (patch)
tree: 9c7ab43e83939fe2d66a87268f3d0f88b5b603d4 /retired/CVE-2017-7187
parent: c0f5a30aad339340c0ab7bbc2fcab71224d68b36 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2017-7187 b/retired/CVE-2017-7187
new file mode 100644
index 00000000..bcc7bb99
--- /dev/null
+++ b/retired/CVE-2017-7187
@@ -0,0 +1,14 @@
+Description: scsi: sg: check length passed to SG_NEXT_CMD_LEN
+References:
+ https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b
+ https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124
+Notes:
+ bwh> Introduced in 3.17 by 65c26a0f3969 "sg: relax 16 byte cdb restriction"
+Bugs:
+upstream: released (4.11-rc5) [bf33f87dd04c371ea33feb821b60d63d754e3124]
+4.9-upstream-stable: released (4.9.21) [c2a869527865c35b605877f966cb5d514fdc5fbb]
+3.16-upstream-stable: N/A "Range check never removed"
+3.2-upstream-stable: N/A "Range check never removed"
+sid: released (4.9.18-1) [bugfix/all/scsi-sg-check-length-passed-to-sg_next_cmd_len.patch]
+3.16-jessie-security: N/A "Range check never removed"
+3.2-wheezy-security: N/A "Range check never removed"
author	Salvatore Bonaccorso <carnil@debian.org>	2017-04-09 17:59:16 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-04-09 17:59:16 +0000
commit	c5c83d161ea7172c975b17f636ea3a84c650b9fe (patch)
tree	9c7ab43e83939fe2d66a87268f3d0f88b5b603d4 /retired/CVE-2017-7187
parent	c0f5a30aad339340c0ab7bbc2fcab71224d68b36 (diff)