Retire CVE-2018-13406

author: Salvatore Bonaccorso <carnil@debian.org> 2019-01-08 06:56:32 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2019-01-08 06:56:32 +0100
commit: 5e2008aa976061dffa9ae7ca7177bc438f6b6a88 (patch)
tree: bfa76aafdc829bb5b274c6d7a964ab0eaafa7928 /retired/CVE-2018-13406
parent: bc836c7a91067ad30e9cc5aedeaf1a0f71d6b95f (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2018-13406 b/retired/CVE-2018-13406
new file mode 100644
index 00000000..dccc8aa4
--- /dev/null
+++ b/retired/CVE-2018-13406
@@ -0,0 +1,17 @@
+Description: video: uvesafb: Fix integer overflow in allocation
+References:
+Notes:
+ bwh> I don't think this is a real issue.  The multiplicands are a
+ bwh> constant 4 of type size_t and a variable of type int which was
+ bwh> already range-checked to be no <= INT_MAX/2.  The latter
+ bwh> will be promoted to size_t (i.e. unsigned int or unsigned long)
+ bwh> and the result will be <= 2*INT_MAX which is representable by
+ bwh> either of those types.
+Bugs:
+upstream: released (4.18-rc1) [9f645bcc566a1e9f921bdae7528a01ced5bc3713]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.111) [7673ca3c93414faf90fa2a3c339f1f625415fecb]
+3.16-upstream-stable: released (3.16.58) [video-uvesafb-fix-integer-overflow-in-allocation.patch]
+sid: released (4.17.6-1)
+4.9-stretch-security: released (4.9.130-1)
+3.16-jessie-security: released (3.16.59-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2019-01-08 06:56:32 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2019-01-08 06:56:32 +0100
commit	5e2008aa976061dffa9ae7ca7177bc438f6b6a88 (patch)
tree	bfa76aafdc829bb5b274c6d7a964ab0eaafa7928 /retired/CVE-2018-13406
parent	bc836c7a91067ad30e9cc5aedeaf1a0f71d6b95f (diff)