Retire several CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2018-07-14 16:17:43 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2018-07-14 16:17:43 +0200
commit: 75e31d6511c043ea84ab413b0a595d860367cd89 (patch)
tree: 777571a45e5fdba0861b3c734d6ac554b706357a /retired/CVE-2018-12232
parent: 81f63b8fb3fdb033e956a9c74843a43c1edc2faf (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2018-12232 b/retired/CVE-2018-12232
new file mode 100644
index 00000000..581e97bc
--- /dev/null
+++ b/retired/CVE-2018-12232
@@ -0,0 +1,14 @@
+Description: socket: close race condition between sock_close() and sockfs_setattr()
+References:
+ https://lkml.org/lkml/2018/6/5/14
+ https://patchwork.ozlabs.org/patch/926519/
+Notes:
+ bwh> Introduced in 4.10 by commit 86741ec25462 "net: core: Add a UID
+ bwh> field to struct sock."
+Bugs:
+upstream: released (4.18-rc1) [6d8c50dcb029872b298eea68cc6209c866fd3e14]
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.17.3-1)
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2018-07-14 16:17:43 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2018-07-14 16:17:43 +0200
commit	75e31d6511c043ea84ab413b0a595d860367cd89 (patch)
tree	777571a45e5fdba0861b3c734d6ac554b706357a /retired/CVE-2018-12232
parent	81f63b8fb3fdb033e956a9c74843a43c1edc2faf (diff)