Retire several CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2019-09-26 21:24:41 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2019-09-26 21:24:41 +0200
commit: 4a1ec8a605e7b520d9d9386068c181bef1dbce16 (patch)
tree: be791c8ab84493e3e3ef5a183eac06e5e92ef351 /retired/CVE-2019-14835
parent: 08b161a66936c0baae175db892aa978ac5cebb8a (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2019-14835 b/retired/CVE-2019-14835
new file mode 100644
index 00000000..3ade6ed3
--- /dev/null
+++ b/retired/CVE-2019-14835
@@ -0,0 +1,16 @@
+Description: vhost: make sure log_num < in_num
+References:
+ https://www.openwall.com/lists/oss-security/2019/09/17/1
+ https://blade.tencent.com/en/advisories/v-ghost/
+Notes:
+ carnil> commit fixes 3a4d5c94e959 ("vhost_net: a kernel-level virtio
+ carnil> server") present in all supported releases.
+Bugs:
+upstream: released (5.3) [060423bfdee3f8bc6e2c1bac97de24d5415e2bc4]
+4.19-upstream-stable: released (4.19.73) [ba03ee62aed0b0ee2eadfeb4a2fecc7d7eb47871]
+4.9-upstream-stable: released (4.9.193) [8d8276867b5ac539f1d6e166a028b51c8b1ceda8]
+3.16-upstream-stable: released (3.16.74) [8041c3ee83638f34d4c6b52f432601ad12ea4850]
+sid: released (5.2.17-1)
+4.19-buster-security: released (4.19.67-2+deb10u1) [bugfix/all/vhost-make-sure-log_num-in_num.patch]
+4.9-stretch-security: released (4.9.189-3+deb9u1) [bugfix/all/vhost-make-sure-log_num-in_num.patch]
+3.16-jessie-security: released (3.16.74-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2019-09-26 21:24:41 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2019-09-26 21:24:41 +0200
commit	4a1ec8a605e7b520d9d9386068c181bef1dbce16 (patch)
tree	be791c8ab84493e3e3ef5a183eac06e5e92ef351 /retired/CVE-2019-14835
parent	08b161a66936c0baae175db892aa978ac5cebb8a (diff)