Retire CVEs fixed everywhere

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5780 e094ebfe-e918-0410-adfb-c712417f3574

20 files changed, 313 insertions, 0 deletions

diff --git a/retired/CVE-2016-10208 b/retired/CVE-2016-10208
new file mode 100644
index 00000000..43f8c78e
--- /dev/null
+++ b/retired/CVE-2016-10208
@@ -0,0 +1,19 @@
+Description: ext4 memory corruption
+References:
+ https://bugzilla.suse.com/show_bug.cgi?id=1023377
+ https://bugzilla.redhat.com/show_bug.cgi?id=1395190
+ http://www.spinics.net/lists/linux-ext4/msg54572.html
+Notes:
+ bwh> Initial upstream fix was too strict, causing a regression; see commit
+ bwh> 2ba3e6e8afc9 ("ext4: fix fencepost in s_first_meta_bg validation").
+ bwh> Bug was introduced in 3.6 by commit 952fc18ef9ec "ext4: fix overhead
+ bwh> calculation used by ext4_statfs()" but that was backported to 3.2.
+Bugs:
+upstream: released (4.10-rc1) [3a4b77cd47bb837b8557595ec7425f281f2ca1fe]
+4.9-upstream-stable: released (4.9.9) [13e6ef99d23b05807e7f8a72f45e3d8260b61570]
+3.16-upstream-stable: released (3.16.41) [cde863587b6809fdf61ea3c5391ecf06884b5516]
+3.2-upstream-stable: released (3.2.96) [dd9bcb2452b4646dd7548ed503bce0c4eb76a4e4]
+sid: released (4.9.10-1)
+4.9-stretch-security: N/A "Fixed before branch point"
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/ext4-validate-s_first_meta_bg-at-mount-time.patch]
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-12190 b/retired/CVE-2017-12190
new file mode 100644
index 00000000..5e5363e8
--- /dev/null
+++ b/retired/CVE-2017-12190
@@ -0,0 +1,20 @@
+Description: block: memory leak when merging small consecutive buffers in SCSI IO vectors
+References:
+ http://www.openwall.com/lists/oss-security/2017/10/10/4
+ https://marc.info/?t=150605752800001&r=1&w=2
+ https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1495884.html
+ https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1495887.html
+ http://www.openwall.com/lists/oss-security/2017/10/18/9
+Notes:
+ bwh> This appears to have been introduced in 2.6.16 by commit 80cfd548eed6
+ bwh> "[BLOCK] bio: check for same page merge possibilities in __bio_add_page()"
+Bugs:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1495089
+upstream: released (4.14-rc5) [95d78c28b5a85bacbc29b8dba7c04babb9b0d467]
+4.9-upstream-stable: released (4.9.57) [5444d8ab9a1406af9f1bc2f00c26838637542480]
+3.16-upstream-stable: released (3.16.50) [3c885aa3b459aabc5fa04251a5fdd88e29b1de70]
+3.2-upstream-stable: released (3.2.95) [9ff5d8fe36745867da8a028b3ea58629f7546155]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-13080 b/retired/CVE-2017-13080
new file mode 100644
index 00000000..34ed87fd
--- /dev/null
+++ b/retired/CVE-2017-13080
@@ -0,0 +1,18 @@
+Description: mac80211 driver also has key reinstallation problem "KRACK"
+References:
+Notes:
+ carnil> "KRACK" also affects the management parts in the kernel,
+ carnil> mac80211 part.
+ bwh> This has presumably been present for ever, i.e. since commit
+ bwh> f0706e828e96 "[MAC80211]: Add mac80211 wireless stack." in 2.6.22
+ carnil> Needs follow-up fixes 2bdd713b92a9cade239d3c7d15205a09f556624d
+ carnil> and cfbb0d90a7abb289edc91833d0905931f8805f12
+Bugs:
+upstream: released (4.14-rc6) [fdf7cb4185b60c68e1a75e61691c4afdc15dea0e]
+4.9-upstream-stable: released (4.9.63) [2586fa0007dc6b7745da14250be7e3aae706b128]
+3.16-upstream-stable: released (3.16.50) [a0a8a11d1630cd648dc1ce86da620b4e240e0315]
+3.2-upstream-stable: released (3.2.95) [ef810e7c3d2a8fb3bbd23726599c487c30ea747e]
+sid: released (4.13.13-1) [bugfix/all/mac80211-accept-key-reinstall-without-changing-anyth.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-14051 b/retired/CVE-2017-14051
new file mode 100644
index 00000000..c33b1a0b
--- /dev/null
+++ b/retired/CVE-2017-14051
@@ -0,0 +1,16 @@
+Description: Integer overflow in qla2xxx sysfs code
+References:
+ https://patchwork.kernel.org/patch/9929625/
+Notes:
+ bwh> Requires CAP_SYS_ADMIN, so not a real vulnerability in the absence
+ bwh> of Lockdown.
+Bugs:
+ https://bugzilla.kernel.org/show_bug.cgi?id=194061
+upstream: released (4.14-rc1) [e6f77540c067b48dee10f1e33678415bfcc89017]
+4.9-upstream-stable: released (4.9.52) [2a913aecc4f746ce15eb1bec98b134aff4190ae2]
+3.16-upstream-stable: released (3.16.51) [71ee8480093a46d245f61e2c2c5cfb0d5a6bc61d]
+3.2-upstream-stable: released (3.2.96) [1714a066d71dc00bc336aa1565ec86551e388704]
+sid: released (4.12.13-1) [bugfix/all/scsi-qla2xxx-Fix-an-integer-overflow-in-sysfs-code.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-15115 b/retired/CVE-2017-15115
new file mode 100644
index 00000000..79366adb
--- /dev/null
+++ b/retired/CVE-2017-15115
@@ -0,0 +1,12 @@
+Description: sctp: use-after-free in sctp_cmp_addr_exact()
+References:
+Notes:
+Bugs:
+upstream: released (4.14-rc6) [df80cd9b28b9ebaa284a41df611dbf3a2d05ca74]
+4.9-upstream-stable: released (4.9.65) [362d2ce0f851653d2eed87fdb8891ab4cfb0c2bf]
+3.16-upstream-stable: released (3.16.51) [7adde0289baa8d51c2bd072d80cb82a278d24363]
+3.2-upstream-stable: released (3.2.96) [sctp-do-not-peel-off-an-assoc-from-one-netns-to-another-one.patch]
+sid: released (4.13.13-1) [16585babafe54375f23f73a8fc323bd51e7955d7]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-15265 b/retired/CVE-2017-15265
new file mode 100644
index 00000000..3186955c
--- /dev/null
+++ b/retired/CVE-2017-15265
@@ -0,0 +1,19 @@
+Description: alsa: use-after-free in /dev/snd/seq
+References:
+ http://www.openwall.com/lists/oss-security/2017/10/11/3
+ https://bugzilla.suse.com/show_bug.cgi?id=1062520
+ http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html
+Notes:
+ bwh> The bug appears to have been introduced in 2.6.9 by "ALSA CVS update
+ bwh> ... Unlock BKL in ioctl callback to avoid the long preempt-disabling."
+ bwh> For !SMP configurations, commit 8009d506a1dd "ALSA: seq: Enable 'use'
+ bwh> locking in all configurations" is also needed.
+Bugs:
+upstream: released (4.14-rc5) [71105998845fb012937332fe2e806d443c09e026]
+4.9-upstream-stable: released (4.9.57) [35b84860667ff081eee56b62f3db2a28ca8a3823]
+3.16-upstream-stable: released (3.16.50) [853c65fe1db498563bdeea5b7e733441db34d330]
+3.2-upstream-stable: released (3.2.95) [c3895a053b2505f9e409e6d6c57dcece714ab486]
+sid: released (4.13.4-2) [bugfix/all/ALSA-seq-Fix-use-after-free-at-creating-a-port.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-15299 b/retired/CVE-2017-15299
new file mode 100644
index 00000000..2079e507
--- /dev/null
+++ b/retired/CVE-2017-15299
@@ -0,0 +1,23 @@
+Description: Incorrect updates of uninstantiated keys crash the kernel
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1498016
+ https://marc.info/?t=150654188100001&r=1&w=2
+ https://marc.info/?t=150783958600011&r=1&w=2
+Notes:
+ carnil> The bug is not restricted to CONFIG_ENCRYPTED_KEYS=y
+ carnil> only, but the impact is different. As noted in the commit
+ carnil> message: "In the case of the "user" and "logon" key types
+ carnil> this causes a memory leak, at best.  Maybe even worse, the
+ carnil> ->update() methods of the "encrypted" and "trusted" key types
+ carnil> actually just dereference a NULL pointer when passed an
+ carnil> uninstantiated key.
+ carnil> For 4.13.x fixed in 4.13.10 with 24a33a0c96f3e976c18e4321ca09f71cb835a9b5
+Bugs:
+upstream: released (4.14-rc6) [60ff5b2f547af3828aebafd54daded44cfb0807a]
+4.9-upstream-stable: released (4.9.59) [da0c7503c0b886784bf8bcb279c7d71c1e50c438]
+3.16-upstream-stable: released (3.16.50) [24832178de3ab7b6fb42f2730d8d675e3d30adb2]
+3.2-upstream-stable: released (3.2.95) [57f94e88bb255bf7b7d267c999aefbe4557307c1]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-15649 b/retired/CVE-2017-15649
new file mode 100644
index 00000000..137b4cfb
--- /dev/null
+++ b/retired/CVE-2017-15649
@@ -0,0 +1,14 @@
+Description: AF_PACKET use-after-free
+References:
+ https://blogs.securiteam.com/index.php/archives/3484
+Notes:
+ carnil> Introduced by dc99f600698dcac69b8f56dda9a8a00d645c5ffc (3.1-rc1)
+Bugs:
+upstream: released (4.14-rc2) [008ba2a13f2d04c947adc536d19debb8fe66f110], (4.14-rc4) [4971613c1639d8e5f102c4e797c3bf8f83a5a69e]
+4.9-upstream-stable: released (4.9.55) [6f7cdd4aa0a45f21edf6cb31236cd9d10c0d7992, 0f22167d3321a028c0b6edc2d5b2ab0e37a2ac53]
+3.16-upstream-stable: released (3.16.50) [4839233c04cd9ffb65fa00bdb473cbdac427d45f, 70abad3796f52ed593d5d31bf9f0b5410a522548]
+3.2-upstream-stable: released (3.2.95) [b2e1f10f138c6cc03a2f5c940b6c4963b07c7296, ca3d015d39f0357889fa3ef6a88028162de17d7d]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16525 b/retired/CVE-2017-16525
new file mode 100644
index 00000000..4b9600b3
--- /dev/null
+++ b/retired/CVE-2017-16525
@@ -0,0 +1,17 @@
+Description: Use-after-free in USB serial console
+References:
+Notes:
+ bwh> There are two parts, introduced in 2.6.18 by commit 73e487fdb75f
+ bwh> "[PATCH] USB console: fix disconnection issues" and in 4.11 by
+ bwh> commit 0e517c93dc02 "USB: serial: console: clean up sanity checks".
+ bwh> The older part seems unlikely to be exploitable, but should be fixed
+ bwh> anyway.
+Bugs:
+upstream: released (4.14-rc5) [299d7572e46f98534033a9e65973f13ad1ce9047, bd998c2e0df0469707503023d50d46cf0b10c787]
+4.9-upstream-stable: released (4.9.57) [063b57d556181c796294b1cdf4d649cebc12678a]
+3.16-upstream-stable: released (3.16.51) [96b62489bc4200803cb77a0ca69aa3d179c7e9f5]
+3.2-upstream-stable: released (3.2.96) [b92072aadd839c9379190979edac63285ae2b790]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16527 b/retired/CVE-2017-16527
new file mode 100644
index 00000000..28a069e0
--- /dev/null
+++ b/retired/CVE-2017-16527
@@ -0,0 +1,14 @@
+Description: ALSA: usb-audio: Kill stray URB at exiting
+References:
+Notes:
+ bwh> Introduced in 2.6.13 by commit 6639b6c2367f "[ALSA] usb-audio - add
+ bwh> mixer control notifications".
+Bugs:
+upstream: released (4.14-rc5) [124751d5e63c823092060074bd0abaae61aaa9c4]
+4.9-upstream-stable: released (4.9.57) [e0c70289a1e334a60b54b54688f18e2ee38396a9]
+3.16-upstream-stable: released (3.16.50) [6a6488e8d231fa1fca2408e59e819f64fecb45f3]
+3.2-upstream-stable: released (3.2.95) [72f4b1c7114c1b34302999d72bc5b16c8c1a1945]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16529 b/retired/CVE-2017-16529
new file mode 100644
index 00000000..37b91449
--- /dev/null
+++ b/retired/CVE-2017-16529
@@ -0,0 +1,14 @@
+Description: ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
+References:
+Notes:
+ bwh> Appears to have been present since usbaudio was added in 2.5.41 by
+ bwh> "PATCH] ALSA update [4/12] - 2002/08/14"
+Bugs:
+upstream: released (4.14-rc4) [bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991]
+4.9-upstream-stable: released (4.9.55) [37b6d898388e78d92a13a8ab50c960d507c968d1]
+3.16-upstream-stable: released (3.16.50) [9992800cfd0b367369407d62a4c228c454c5d0e3]
+3.2-upstream-stable: released (3.2.95) [8a930044f0b100d6b28a94525e9cf62787b3ec3a]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16531 b/retired/CVE-2017-16531
new file mode 100644
index 00000000..c59922f5
--- /dev/null
+++ b/retired/CVE-2017-16531
@@ -0,0 +1,14 @@
+Description: USB: fix out-of-bounds in usb_set_configuration
+References:
+Notes:
+ bwh> Introduced in 2.6.23 by commit 165fe97ed610 "USB: add IAD support to
+ bwh> usbfs and sysfs"
+Bugs:
+upstream: released (4.14-rc4) [bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb]
+4.9-upstream-stable: released (4.9.55) [a6d4ce2e8b653ff7facde0d0051663fa4cf57b78]
+3.16-upstream-stable: released (3.16.50) [cc81fff9d62e32a27b1f16dab1a6172935792ab7]
+3.2-upstream-stable: released (3.2.95) [a0e0a5850211dd09725c819a8915c2cbe9067317]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16532 b/retired/CVE-2017-16532
new file mode 100644
index 00000000..96beb6de
--- /dev/null
+++ b/retired/CVE-2017-16532
@@ -0,0 +1,13 @@
+Description: usb: usbtest: fix NULL pointer dereference
+References:
+Notes:
+ bwh> Introduced in 2.6.3 by "[PATCH] USB: usbtest updates"
+Bugs:
+upstream: released (4.14-rc5) [7c80f9e4a588f1925b07134bb2e3689335f6c6d8]
+4.9-upstream-stable: released (4.9.63) [8cf061d919e2102d0de0379bafea6cce1405d786]
+3.16-upstream-stable: released (3.16.50) [824f2a5ccdd9ddfb53418c13f493aa46ae0c2c00]
+3.2-upstream-stable: released (3.2.95) [f2a780301ae85dbe704499675832487130b8e267]
+sid: released (4.13.13-1) [bugfix/all/usb-usbtest-fix-NULL-pointer-dereference.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16533 b/retired/CVE-2017-16533
new file mode 100644
index 00000000..d199bdb9
--- /dev/null
+++ b/retired/CVE-2017-16533
@@ -0,0 +1,13 @@
+Description: HID: usbhid: fix out-of-bounds bug
+References:
+Notes:
+ bwh> Appears to have been present since usbhid was introduced in 2.3.36pre6
+Bugs:
+upstream: released (4.14-rc5) [f043bfc98c193c284e2cd768fefabe18ac2fed9b]
+4.9-upstream-stable: released (4.9.57) [57265cddde308292af881ce634a5378dd4e25900]
+3.16-upstream-stable: released (3.16.50) [8d675aa967d3927ac100f7af48f2a2af8a041d2d]
+3.2-upstream-stable: released (3.2.95) [99de0781e0de7c866f762b931351c2a501c3074f]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16535 b/retired/CVE-2017-16535
new file mode 100644
index 00000000..41c7d822
--- /dev/null
+++ b/retired/CVE-2017-16535
@@ -0,0 +1,13 @@
+Description: USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
+References:
+Notes:
+ bwh> Introduced in 3.2 by commit 3148bf041d16 "usbcore: get BOS descriptor set"
+Bugs:
+upstream: released (4.14-c6) [1c0edc3633b56000e18d82fc241e3995ca18a69e]
+4.9-upstream-stable: released (4.9.59) [9d13d3e05be29056eeab610d9ad26b04c9231a04]
+3.16-upstream-stable: released (3.16.50) [6514189e83d470af2f35735038c1b096410ab98d]
+3.2-upstream-stable: released (3.2.95) [7c27b82fad16d2804c7c8405316a636f57edeabd]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16536 b/retired/CVE-2017-16536
new file mode 100644
index 00000000..33e1335f
--- /dev/null
+++ b/retired/CVE-2017-16536
@@ -0,0 +1,15 @@
+Description: cx231xx-cards: fix NULL-deref on missing association descriptor
+References:
+ https://patchwork.kernel.org/patch/9963527/
+Notes:
+ bwh> Introduced in 2.6.30 by commit e0d3bafd0258 "V4L/DVB (10954): Add
+ bwh> cx231xx USB driver"
+Bugs:
+upstream: released (4.15-rc1) [6c3b047fa2d2286d5e438bcb470c7b1a49f415f6]
+4.9-upstream-stable: released (4.9.66) [38c043d26c97a04332df960200a389bc4141ff21]
+3.16-upstream-stable: released (3.16.51) [99a3c1bb0ed332c64cfcd53a84fea2468ab9e11e]
+3.2-upstream-stable: released (3.2.96) [59a7195cd497d430d9f76bc9f71cf53ed4102743]
+sid: released (4.13.13-1) [bugfix/all/media-cx231xx-cards-fix-null-deref-on-missing-associ.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16537 b/retired/CVE-2017-16537
new file mode 100644
index 00000000..d842fd8f
--- /dev/null
+++ b/retired/CVE-2017-16537
@@ -0,0 +1,15 @@
+Description: media: imon: Fix null-ptr-deref in imon_probe
+References:
+ https://patchwork.kernel.org/patch/9994017/
+Notes:
+ bwh> Introduced in 2.6.35 by commit 21677cfc562a "V4L/DVB: ir-core: add imon
+ bwh> driver"
+Bugs:
+upstream: released (4.15-rc1) [58fd55e838276a0c13d1dc7c387f90f25063cbf3]
+4.9-upstream-stable: released (4.9.64) [ca98a5c721703de77f7fb8bbafd0673e4a60a841]
+3.16-upstream-stable: released (3.16.51) [7f3ca02c7ed55f7d524fb5c06e2de36ab65f5e20]
+3.2-upstream-stable: released (3.2.96) [0df873c63e8e99a8fb6e068d182b860e6e6e07a9]
+sid: released (4.13.13-1) [bugfix/all/media-imon-fix-null-ptr-deref-in-imon_probe.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16643 b/retired/CVE-2017-16643
new file mode 100644
index 00000000..43f31ced
--- /dev/null
+++ b/retired/CVE-2017-16643
@@ -0,0 +1,14 @@
+Description: Input: gtco - fix potential out-of-bound access
+References:
+Notes:
+ bwh> Introduced in 2.6.21 by commit a19ceb56cbd1 "USB Input: Added kernel
+ bwh> module to support all GTCO CalComp USB InterWrite School products"
+Bugs:
+upstream: released (4.14-rc7) [a50829479f58416a013a4ccca791336af3c584c7]
+4.9-upstream-stable: released (4.9.60) [52f65e35c2b85908fa66cfc265be4e3fd88744a3]
+3.16-upstream-stable: released (3.16.51) [9d399eba105c6e311db9ec78ce62579ffc403c0d]
+3.2-upstream-stable: released (3.2.96) [2de544fd1b16f76f8dd1213d585ce611155ccd34]
+sid: released (4.13.13-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-16649 b/retired/CVE-2017-16649
new file mode 100644
index 00000000..21430294
--- /dev/null
+++ b/retired/CVE-2017-16649
@@ -0,0 +1,15 @@
+Description: net: cdc_ether: fix divide by 0 on bad descriptors 
+References:
+ https://patchwork.ozlabs.org/patch/834771/
+Notes:
+ bwh> Probably introduced in 2.6.19 by commit a99c19492a80 "USB: usbnet - Add
+ bwh> unlink_rx_urbs() call to allow for Jumbo Frames".
+Bugs:
+upstream: released (4.14) [2cb80187ba065d7decad7c6614e35e07aec8a974]
+4.9-upstream-stable: released (4.9.65) [f376621861e3d8a713d6931f4363c4137912330b]
+3.16-upstream-stable: released (3.16.51) [fac4f4657e16d3457963d4c8ee6a356103155141]
+3.2-upstream-stable: released (3.2.96) [d7d24810ac55e2f3fb213d6acf80016a0d337c50]
+sid: released (4.13.13-1) [bugfix/all/net-cdc_ether-fix-divide-by-0-on-bad-descriptors.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
diff --git a/retired/CVE-2017-8831 b/retired/CVE-2017-8831
new file mode 100644
index 00000000..74663643
--- /dev/null
+++ b/retired/CVE-2017-8831
@@ -0,0 +1,15 @@
+Description: Double fetch problem in drivers/media/pci/saa7164/saa7164-bus.c 
+References:
+Notes:
+ bwh> Probably fixed by commit 6fb05e0dd32e "[media] saa7164: fix double fetch
+ bwh> PCIe access condition" in linux-next.
+Bugs:
+ https://bugzilla.kernel.org/show_bug.cgi?id=195559
+upstream: released (4.13-rc1) [6fb05e0dd32e566facb96ea61a48c7488daa5ac3]
+4.9-upstream-stable: released (4.9.42) [12d17d78e3f74b5022f61eee7d6de082e472a401]
+3.16-upstream-stable: released (3.16.49) [f6c711a2f630b15479466f5b25b25850b04a7106]
+3.2-upstream-stable: released (3.2.94) [10c59d27363eba9fece1965293f83d865ba532be]
+sid: released (4.12.6-1)
+4.9-stretch-security: released (4.9.47-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)