Retire CVE-2018-15471

author: Salvatore Bonaccorso <carnil@debian.org> 2018-10-22 09:24:26 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2018-10-22 09:24:26 +0200
commit: 144b48b922af59adfc606031ba089826b40f08b0 (patch)
tree: 4a98325142b8280a0c2733f616a928b790b44407 /retired/CVE-2018-15471
parent: 149054a769e64be888ce637576b37ee3bd27b9ff (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/retired/CVE-2018-15471 b/retired/CVE-2018-15471
new file mode 100644
index 00000000..8f53a1a9
--- /dev/null
+++ b/retired/CVE-2018-15471
@@ -0,0 +1,12 @@
+Description: xen netback driver OOB access in hash handling
+References:
+ https://xenbits.xen.org/xsa/advisory-270.html
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1607
+Notes:
+Bugs:
+upstream: released (4.19-rc7) [780e83c259fc33e8959fed8dfdad17e378d72b62]
+4.9-upstream-stable: released (4.9.133) [2962761863cb161d419c94f3dde7443af0e63c31]
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (4.18.10-2) [bugfix/all/xen-netback-fix-input-validation-in-xenvif_set_hash_.patch]
+4.9-stretch-security: released (4.9.110-3+deb9u6) [bugfix/all/xen-netback-fix-input-validation-in-xenvif_set_hash_.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2018-10-22 09:24:26 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2018-10-22 09:24:26 +0200
commit	144b48b922af59adfc606031ba089826b40f08b0 (patch)
tree	4a98325142b8280a0c2733f616a928b790b44407 /retired/CVE-2018-15471
parent	149054a769e64be888ce637576b37ee3bd27b9ff (diff)