diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2014-12-05 16:12:58 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2014-12-05 16:12:58 +0000 |
| commit | 3ec1af233e43d7a7aaa625a8785a80dcde8d52df (patch) | |
| tree | 99e2d99f1f467ca78fb770099e274d7776f57386 /retired | |
| parent | 5bd5dd4448215d5dc724e18924f09f0bd9c1fa8c (diff) | |
retire
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3593 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
| -rw-r--r-- | retired/CVE-2010-5313 | 13 | ||||
| -rw-r--r-- | retired/CVE-2014-3183 | 12 | ||||
| -rw-r--r-- | retired/CVE-2014-3535 | 11 | ||||
| -rw-r--r-- | retired/CVE-2014-3610 | 11 | ||||
| -rw-r--r-- | retired/CVE-2014-3611 | 11 | ||||
| -rw-r--r-- | retired/CVE-2014-3645 | 11 | ||||
| -rw-r--r-- | retired/CVE-2014-3647 | 11 | ||||
| -rw-r--r-- | retired/CVE-2014-3690 | 12 | ||||
| -rw-r--r-- | retired/CVE-2014-7842 | 13 |
9 files changed, 105 insertions, 0 deletions
diff --git a/retired/CVE-2010-5313 b/retired/CVE-2010-5313 new file mode 100644 index 00000000..07c99d6c --- /dev/null +++ b/retired/CVE-2010-5313 @@ -0,0 +1,13 @@ +Description: kvm: reporting emulation failures to userspace +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1163762 +Notes: + relaed to CVE-2014-7842 +Bugs: +upstream: released (2.6.38) [fc3a9157d3148ab91039c75423da8ef97be3e105] +2.6.32-upstream-stable: ignored +sid: released (2.6.38-1) +3.2-wheezy-security: N/A +2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS" +3.16-upstream-stable: released (3.16.7-ckt2) +3.2-upstream-stable: N/A diff --git a/retired/CVE-2014-3183 b/retired/CVE-2014-3183 new file mode 100644 index 00000000..b7d7d840 --- /dev/null +++ b/retired/CVE-2014-3183 @@ -0,0 +1,12 @@ +Description: +References: + https://code.google.com/p/google-security-research/issues/detail?id=90 +Notes: +Bugs: +upstream: released (3.17-rc2) [6817ae225cd650fb1c3295d769298c38b1eba818] +2.6.32-upstream-stable: N/A "Vulnerable code not present" +sid: released (3.16.2-2) +3.2-wheezy-security: released (3.2.63-1) +2.6.32-squeeze-security: N/A "Vulnerable code not present" +3.16-upstream-stable: released (3.16.2) +3.2-upstream-stable: released (3.2.63) diff --git a/retired/CVE-2014-3535 b/retired/CVE-2014-3535 new file mode 100644 index 00000000..aa803738 --- /dev/null +++ b/retired/CVE-2014-3535 @@ -0,0 +1,11 @@ +Description: NULL deref in logging VxLAN packets +References: +Notes: +Bugs: +upstream: released (2.6.36) [256df2f3879efdb2e9808bdb1b54b16fbb11fa38] +2.6.32-upstream-stable: N/A "Introduced in 2.6.34 with b3d95c5c93d4b57eaea0ad3f582b08a6b5fb3eb1" +sid: released (2.6.36-1) +3.2-wheezy-security: N/A +3.16-upstream-stable: N/A +2.6.32-squeeze-security: N/A "Introduced in 2.6.34 with b3d95c5c93d4b57eaea0ad3f582b08a6b5fb3eb1" +3.2-upstream-stable: N/A diff --git a/retired/CVE-2014-3610 b/retired/CVE-2014-3610 new file mode 100644 index 00000000..f7806e4d --- /dev/null +++ b/retired/CVE-2014-3610 @@ -0,0 +1,11 @@ +Description: +References: +Notes: +Bugs: +upstream: released (3.18-rc2) [854e8bb1aa06c578c2c9145fa6bfe3680ef63b23, 8b3c3104c3f4f706e99365c3e0d2aa61b95f969f] +2.6.32-upstream-stable: ignored +sid: released (3.16.7-1) [bugfix/x86/KVM-x86-Check-non-canonical-addresses-upon-WRMSR.patch, bugfix/x86/KVM-x86-Prevent-host-from-panicking-on-shared-MSR-wr.patch] +3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/KVM-x86-Check-non-canonical-addresses-upon-WRMSR.patch] +2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS" +3.16-upstream-stable: released (3.16.7-ckt1) +3.2-upstream-stable: released (3.2.64) diff --git a/retired/CVE-2014-3611 b/retired/CVE-2014-3611 new file mode 100644 index 00000000..88502264 --- /dev/null +++ b/retired/CVE-2014-3611 @@ -0,0 +1,11 @@ +Description: +References: +Notes: +Bugs: +upstream: released (3.18-rc2) [2febc839133280d5a5e8e1179c94ea674489dae2] +2.6.32-upstream-stable: ignored +sid: released (3.16.7-1) [bugfix/x86/KVM-x86-Improve-thread-safety-in-pit.patch] +3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/KVM-x86-Improve-thread-safety-in-pit.patch] +2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS" +3.16-upstream-stable: released (3.16.7-ckt1) +3.2-upstream-stable: released (3.2.64) diff --git a/retired/CVE-2014-3645 b/retired/CVE-2014-3645 new file mode 100644 index 00000000..17255a0a --- /dev/null +++ b/retired/CVE-2014-3645 @@ -0,0 +1,11 @@ +Description: +References: +Notes: +Bugs: +upstream: released (3.12) [bfd0a56b90005f8c8a004baf407ad90045c2b11e] +2.6.32-upstream-stable: ignored +sid: released (3.12-1) +3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/nEPT-Nested-INVEPT.patch] +2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS" +3.16-upstream-stable: N/A +3.2-upstream-stable: released (3.2.64) diff --git a/retired/CVE-2014-3647 b/retired/CVE-2014-3647 new file mode 100644 index 00000000..abfdd23b --- /dev/null +++ b/retired/CVE-2014-3647 @@ -0,0 +1,11 @@ +Description: +References: +Notes: +Bugs: +upstream: released (3.18-rc2) [234f3ce485d54017f15cf5e0699cff4100121601, d1442d85cc30ea75f7d399474ca738e0bc96f715] +2.6.32-upstream-stable: ignored +sid: released (3.16.7-1) [bugfix/x86/KVM-x86-Fix-wrong-masking-on-relative-jump-call.patch, bugfix/x86/KVM-x86-Emulator-fixes-for-eip-canonical-checks-on-n.patch, bugfix/x86/KVM-x86-Handle-errors-when-RIP-is-set-during-far-jum.patch] +3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/KVM-x86-emulator-Use-opcode-execute-for-CALL.patch, bugfix/x86/KVM-x86-Fix-wrong-masking-on-relative-jump-call.patch, bugfix/x86/KVM-x86-Emulator-fixes-for-eip-canonical-checks-on-n.patch, bugfix/x86/KVM-x86-use-new-CS.RPL-as-CPL-during-task-switch.patch, bugfix/x86/KVM-x86-Handle-errors-when-RIP-is-set-during-far-jum.patch] +2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS" +3.16-upstream-stable: released (3.16.7-ckt1) +3.2-upstream-stable: released (3.2.64) diff --git a/retired/CVE-2014-3690 b/retired/CVE-2014-3690 new file mode 100644 index 00000000..c64f96c3 --- /dev/null +++ b/retired/CVE-2014-3690 @@ -0,0 +1,12 @@ +Description: [kvm DoS] +References: + http://seclists.org/oss-sec/2014/q4/416 +Notes: +Bugs: +upstream: released (3.18-rc1) [d974baa398f34393db76be45f7d4d04fbdbb4a0a] +2.6.32-upstream-stable: ignored +sid: released (3.16.7-1) +3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/x86-kvm-vmx-Preserve-CR4-across-VM-entry.patch] +2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS" +3.16-upstream-stable: released (3.16.7) +3.2-upstream-stable: released (3.2.64) diff --git a/retired/CVE-2014-7842 b/retired/CVE-2014-7842 new file mode 100644 index 00000000..d1e6f9fd --- /dev/null +++ b/retired/CVE-2014-7842 @@ -0,0 +1,13 @@ +Description: kvm: reporting emulation failures to userspace +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1163762 +Notes: + related to CVE-2010-5313 +Bugs: +upstream: released (3.18-rc1) [a2b9e6c1a35afcc0973acb72e591c714e78885ff] +2.6.32-upstream-stable: ignored +sid: needed +3.2-wheezy-security: +2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS" +3.16-upstream-stable: released (3.16.7-ckt2) +3.2-upstream-stable: |