diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-10 05:37:16 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-10 05:37:16 +0000 |
commit | 4f4de25a7b32551359a35554b6d277215d24a486 (patch) | |
tree | 4d13a00969ab2d336ea72b4ae6593860466349b9 /retired | |
parent | 36da718870f5f51019d735ff35b4d9bf6e5e69ed (diff) |
Retire CVEs fixed everywhere
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5780 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2016-10208 | 19 | ||||
-rw-r--r-- | retired/CVE-2017-12190 | 20 | ||||
-rw-r--r-- | retired/CVE-2017-13080 | 18 | ||||
-rw-r--r-- | retired/CVE-2017-14051 | 16 | ||||
-rw-r--r-- | retired/CVE-2017-15115 | 12 | ||||
-rw-r--r-- | retired/CVE-2017-15265 | 19 | ||||
-rw-r--r-- | retired/CVE-2017-15299 | 23 | ||||
-rw-r--r-- | retired/CVE-2017-15649 | 14 | ||||
-rw-r--r-- | retired/CVE-2017-16525 | 17 | ||||
-rw-r--r-- | retired/CVE-2017-16527 | 14 | ||||
-rw-r--r-- | retired/CVE-2017-16529 | 14 | ||||
-rw-r--r-- | retired/CVE-2017-16531 | 14 | ||||
-rw-r--r-- | retired/CVE-2017-16532 | 13 | ||||
-rw-r--r-- | retired/CVE-2017-16533 | 13 | ||||
-rw-r--r-- | retired/CVE-2017-16535 | 13 | ||||
-rw-r--r-- | retired/CVE-2017-16536 | 15 | ||||
-rw-r--r-- | retired/CVE-2017-16537 | 15 | ||||
-rw-r--r-- | retired/CVE-2017-16643 | 14 | ||||
-rw-r--r-- | retired/CVE-2017-16649 | 15 | ||||
-rw-r--r-- | retired/CVE-2017-8831 | 15 |
20 files changed, 313 insertions, 0 deletions
diff --git a/retired/CVE-2016-10208 b/retired/CVE-2016-10208 new file mode 100644 index 00000000..43f8c78e --- /dev/null +++ b/retired/CVE-2016-10208 @@ -0,0 +1,19 @@ +Description: ext4 memory corruption +References: + https://bugzilla.suse.com/show_bug.cgi?id=1023377 + https://bugzilla.redhat.com/show_bug.cgi?id=1395190 + http://www.spinics.net/lists/linux-ext4/msg54572.html +Notes: + bwh> Initial upstream fix was too strict, causing a regression; see commit + bwh> 2ba3e6e8afc9 ("ext4: fix fencepost in s_first_meta_bg validation"). + bwh> Bug was introduced in 3.6 by commit 952fc18ef9ec "ext4: fix overhead + bwh> calculation used by ext4_statfs()" but that was backported to 3.2. +Bugs: +upstream: released (4.10-rc1) [3a4b77cd47bb837b8557595ec7425f281f2ca1fe] +4.9-upstream-stable: released (4.9.9) [13e6ef99d23b05807e7f8a72f45e3d8260b61570] +3.16-upstream-stable: released (3.16.41) [cde863587b6809fdf61ea3c5391ecf06884b5516] +3.2-upstream-stable: released (3.2.96) [dd9bcb2452b4646dd7548ed503bce0c4eb76a4e4] +sid: released (4.9.10-1) +4.9-stretch-security: N/A "Fixed before branch point" +3.16-jessie-security: released (3.16.43-1) [bugfix/all/ext4-validate-s_first_meta_bg-at-mount-time.patch] +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-12190 b/retired/CVE-2017-12190 new file mode 100644 index 00000000..5e5363e8 --- /dev/null +++ b/retired/CVE-2017-12190 @@ -0,0 +1,20 @@ +Description: block: memory leak when merging small consecutive buffers in SCSI IO vectors +References: + http://www.openwall.com/lists/oss-security/2017/10/10/4 + https://marc.info/?t=150605752800001&r=1&w=2 + https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1495884.html + https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1495887.html + http://www.openwall.com/lists/oss-security/2017/10/18/9 +Notes: + bwh> This appears to have been introduced in 2.6.16 by commit 80cfd548eed6 + bwh> "[BLOCK] bio: check for same page merge possibilities in __bio_add_page()" +Bugs: + https://bugzilla.redhat.com/show_bug.cgi?id=1495089 +upstream: released (4.14-rc5) [95d78c28b5a85bacbc29b8dba7c04babb9b0d467] +4.9-upstream-stable: released (4.9.57) [5444d8ab9a1406af9f1bc2f00c26838637542480] +3.16-upstream-stable: released (3.16.50) [3c885aa3b459aabc5fa04251a5fdd88e29b1de70] +3.2-upstream-stable: released (3.2.95) [9ff5d8fe36745867da8a028b3ea58629f7546155] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-13080 b/retired/CVE-2017-13080 new file mode 100644 index 00000000..34ed87fd --- /dev/null +++ b/retired/CVE-2017-13080 @@ -0,0 +1,18 @@ +Description: mac80211 driver also has key reinstallation problem "KRACK" +References: +Notes: + carnil> "KRACK" also affects the management parts in the kernel, + carnil> mac80211 part. + bwh> This has presumably been present for ever, i.e. since commit + bwh> f0706e828e96 "[MAC80211]: Add mac80211 wireless stack." in 2.6.22 + carnil> Needs follow-up fixes 2bdd713b92a9cade239d3c7d15205a09f556624d + carnil> and cfbb0d90a7abb289edc91833d0905931f8805f12 +Bugs: +upstream: released (4.14-rc6) [fdf7cb4185b60c68e1a75e61691c4afdc15dea0e] +4.9-upstream-stable: released (4.9.63) [2586fa0007dc6b7745da14250be7e3aae706b128] +3.16-upstream-stable: released (3.16.50) [a0a8a11d1630cd648dc1ce86da620b4e240e0315] +3.2-upstream-stable: released (3.2.95) [ef810e7c3d2a8fb3bbd23726599c487c30ea747e] +sid: released (4.13.13-1) [bugfix/all/mac80211-accept-key-reinstall-without-changing-anyth.patch] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-14051 b/retired/CVE-2017-14051 new file mode 100644 index 00000000..c33b1a0b --- /dev/null +++ b/retired/CVE-2017-14051 @@ -0,0 +1,16 @@ +Description: Integer overflow in qla2xxx sysfs code +References: + https://patchwork.kernel.org/patch/9929625/ +Notes: + bwh> Requires CAP_SYS_ADMIN, so not a real vulnerability in the absence + bwh> of Lockdown. +Bugs: + https://bugzilla.kernel.org/show_bug.cgi?id=194061 +upstream: released (4.14-rc1) [e6f77540c067b48dee10f1e33678415bfcc89017] +4.9-upstream-stable: released (4.9.52) [2a913aecc4f746ce15eb1bec98b134aff4190ae2] +3.16-upstream-stable: released (3.16.51) [71ee8480093a46d245f61e2c2c5cfb0d5a6bc61d] +3.2-upstream-stable: released (3.2.96) [1714a066d71dc00bc336aa1565ec86551e388704] +sid: released (4.12.13-1) [bugfix/all/scsi-qla2xxx-Fix-an-integer-overflow-in-sysfs-code.patch] +4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch] +3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch] +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-15115 b/retired/CVE-2017-15115 new file mode 100644 index 00000000..79366adb --- /dev/null +++ b/retired/CVE-2017-15115 @@ -0,0 +1,12 @@ +Description: sctp: use-after-free in sctp_cmp_addr_exact() +References: +Notes: +Bugs: +upstream: released (4.14-rc6) [df80cd9b28b9ebaa284a41df611dbf3a2d05ca74] +4.9-upstream-stable: released (4.9.65) [362d2ce0f851653d2eed87fdb8891ab4cfb0c2bf] +3.16-upstream-stable: released (3.16.51) [7adde0289baa8d51c2bd072d80cb82a278d24363] +3.2-upstream-stable: released (3.2.96) [sctp-do-not-peel-off-an-assoc-from-one-netns-to-another-one.patch] +sid: released (4.13.13-1) [16585babafe54375f23f73a8fc323bd51e7955d7] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-15265 b/retired/CVE-2017-15265 new file mode 100644 index 00000000..3186955c --- /dev/null +++ b/retired/CVE-2017-15265 @@ -0,0 +1,19 @@ +Description: alsa: use-after-free in /dev/snd/seq +References: + http://www.openwall.com/lists/oss-security/2017/10/11/3 + https://bugzilla.suse.com/show_bug.cgi?id=1062520 + http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html +Notes: + bwh> The bug appears to have been introduced in 2.6.9 by "ALSA CVS update + bwh> ... Unlock BKL in ioctl callback to avoid the long preempt-disabling." + bwh> For !SMP configurations, commit 8009d506a1dd "ALSA: seq: Enable 'use' + bwh> locking in all configurations" is also needed. +Bugs: +upstream: released (4.14-rc5) [71105998845fb012937332fe2e806d443c09e026] +4.9-upstream-stable: released (4.9.57) [35b84860667ff081eee56b62f3db2a28ca8a3823] +3.16-upstream-stable: released (3.16.50) [853c65fe1db498563bdeea5b7e733441db34d330] +3.2-upstream-stable: released (3.2.95) [c3895a053b2505f9e409e6d6c57dcece714ab486] +sid: released (4.13.4-2) [bugfix/all/ALSA-seq-Fix-use-after-free-at-creating-a-port.patch] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-15299 b/retired/CVE-2017-15299 new file mode 100644 index 00000000..2079e507 --- /dev/null +++ b/retired/CVE-2017-15299 @@ -0,0 +1,23 @@ +Description: Incorrect updates of uninstantiated keys crash the kernel +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1498016 + https://marc.info/?t=150654188100001&r=1&w=2 + https://marc.info/?t=150783958600011&r=1&w=2 +Notes: + carnil> The bug is not restricted to CONFIG_ENCRYPTED_KEYS=y + carnil> only, but the impact is different. As noted in the commit + carnil> message: "In the case of the "user" and "logon" key types + carnil> this causes a memory leak, at best. Maybe even worse, the + carnil> ->update() methods of the "encrypted" and "trusted" key types + carnil> actually just dereference a NULL pointer when passed an + carnil> uninstantiated key. + carnil> For 4.13.x fixed in 4.13.10 with 24a33a0c96f3e976c18e4321ca09f71cb835a9b5 +Bugs: +upstream: released (4.14-rc6) [60ff5b2f547af3828aebafd54daded44cfb0807a] +4.9-upstream-stable: released (4.9.59) [da0c7503c0b886784bf8bcb279c7d71c1e50c438] +3.16-upstream-stable: released (3.16.50) [24832178de3ab7b6fb42f2730d8d675e3d30adb2] +3.2-upstream-stable: released (3.2.95) [57f94e88bb255bf7b7d267c999aefbe4557307c1] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-15649 b/retired/CVE-2017-15649 new file mode 100644 index 00000000..137b4cfb --- /dev/null +++ b/retired/CVE-2017-15649 @@ -0,0 +1,14 @@ +Description: AF_PACKET use-after-free +References: + https://blogs.securiteam.com/index.php/archives/3484 +Notes: + carnil> Introduced by dc99f600698dcac69b8f56dda9a8a00d645c5ffc (3.1-rc1) +Bugs: +upstream: released (4.14-rc2) [008ba2a13f2d04c947adc536d19debb8fe66f110], (4.14-rc4) [4971613c1639d8e5f102c4e797c3bf8f83a5a69e] +4.9-upstream-stable: released (4.9.55) [6f7cdd4aa0a45f21edf6cb31236cd9d10c0d7992, 0f22167d3321a028c0b6edc2d5b2ab0e37a2ac53] +3.16-upstream-stable: released (3.16.50) [4839233c04cd9ffb65fa00bdb473cbdac427d45f, 70abad3796f52ed593d5d31bf9f0b5410a522548] +3.2-upstream-stable: released (3.2.95) [b2e1f10f138c6cc03a2f5c940b6c4963b07c7296, ca3d015d39f0357889fa3ef6a88028162de17d7d] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16525 b/retired/CVE-2017-16525 new file mode 100644 index 00000000..4b9600b3 --- /dev/null +++ b/retired/CVE-2017-16525 @@ -0,0 +1,17 @@ +Description: Use-after-free in USB serial console +References: +Notes: + bwh> There are two parts, introduced in 2.6.18 by commit 73e487fdb75f + bwh> "[PATCH] USB console: fix disconnection issues" and in 4.11 by + bwh> commit 0e517c93dc02 "USB: serial: console: clean up sanity checks". + bwh> The older part seems unlikely to be exploitable, but should be fixed + bwh> anyway. +Bugs: +upstream: released (4.14-rc5) [299d7572e46f98534033a9e65973f13ad1ce9047, bd998c2e0df0469707503023d50d46cf0b10c787] +4.9-upstream-stable: released (4.9.57) [063b57d556181c796294b1cdf4d649cebc12678a] +3.16-upstream-stable: released (3.16.51) [96b62489bc4200803cb77a0ca69aa3d179c7e9f5] +3.2-upstream-stable: released (3.2.96) [b92072aadd839c9379190979edac63285ae2b790] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16527 b/retired/CVE-2017-16527 new file mode 100644 index 00000000..28a069e0 --- /dev/null +++ b/retired/CVE-2017-16527 @@ -0,0 +1,14 @@ +Description: ALSA: usb-audio: Kill stray URB at exiting +References: +Notes: + bwh> Introduced in 2.6.13 by commit 6639b6c2367f "[ALSA] usb-audio - add + bwh> mixer control notifications". +Bugs: +upstream: released (4.14-rc5) [124751d5e63c823092060074bd0abaae61aaa9c4] +4.9-upstream-stable: released (4.9.57) [e0c70289a1e334a60b54b54688f18e2ee38396a9] +3.16-upstream-stable: released (3.16.50) [6a6488e8d231fa1fca2408e59e819f64fecb45f3] +3.2-upstream-stable: released (3.2.95) [72f4b1c7114c1b34302999d72bc5b16c8c1a1945] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16529 b/retired/CVE-2017-16529 new file mode 100644 index 00000000..37b91449 --- /dev/null +++ b/retired/CVE-2017-16529 @@ -0,0 +1,14 @@ +Description: ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor +References: +Notes: + bwh> Appears to have been present since usbaudio was added in 2.5.41 by + bwh> "PATCH] ALSA update [4/12] - 2002/08/14" +Bugs: +upstream: released (4.14-rc4) [bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991] +4.9-upstream-stable: released (4.9.55) [37b6d898388e78d92a13a8ab50c960d507c968d1] +3.16-upstream-stable: released (3.16.50) [9992800cfd0b367369407d62a4c228c454c5d0e3] +3.2-upstream-stable: released (3.2.95) [8a930044f0b100d6b28a94525e9cf62787b3ec3a] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16531 b/retired/CVE-2017-16531 new file mode 100644 index 00000000..c59922f5 --- /dev/null +++ b/retired/CVE-2017-16531 @@ -0,0 +1,14 @@ +Description: USB: fix out-of-bounds in usb_set_configuration +References: +Notes: + bwh> Introduced in 2.6.23 by commit 165fe97ed610 "USB: add IAD support to + bwh> usbfs and sysfs" +Bugs: +upstream: released (4.14-rc4) [bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb] +4.9-upstream-stable: released (4.9.55) [a6d4ce2e8b653ff7facde0d0051663fa4cf57b78] +3.16-upstream-stable: released (3.16.50) [cc81fff9d62e32a27b1f16dab1a6172935792ab7] +3.2-upstream-stable: released (3.2.95) [a0e0a5850211dd09725c819a8915c2cbe9067317] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16532 b/retired/CVE-2017-16532 new file mode 100644 index 00000000..96beb6de --- /dev/null +++ b/retired/CVE-2017-16532 @@ -0,0 +1,13 @@ +Description: usb: usbtest: fix NULL pointer dereference +References: +Notes: + bwh> Introduced in 2.6.3 by "[PATCH] USB: usbtest updates" +Bugs: +upstream: released (4.14-rc5) [7c80f9e4a588f1925b07134bb2e3689335f6c6d8] +4.9-upstream-stable: released (4.9.63) [8cf061d919e2102d0de0379bafea6cce1405d786] +3.16-upstream-stable: released (3.16.50) [824f2a5ccdd9ddfb53418c13f493aa46ae0c2c00] +3.2-upstream-stable: released (3.2.95) [f2a780301ae85dbe704499675832487130b8e267] +sid: released (4.13.13-1) [bugfix/all/usb-usbtest-fix-NULL-pointer-dereference.patch] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16533 b/retired/CVE-2017-16533 new file mode 100644 index 00000000..d199bdb9 --- /dev/null +++ b/retired/CVE-2017-16533 @@ -0,0 +1,13 @@ +Description: HID: usbhid: fix out-of-bounds bug +References: +Notes: + bwh> Appears to have been present since usbhid was introduced in 2.3.36pre6 +Bugs: +upstream: released (4.14-rc5) [f043bfc98c193c284e2cd768fefabe18ac2fed9b] +4.9-upstream-stable: released (4.9.57) [57265cddde308292af881ce634a5378dd4e25900] +3.16-upstream-stable: released (3.16.50) [8d675aa967d3927ac100f7af48f2a2af8a041d2d] +3.2-upstream-stable: released (3.2.95) [99de0781e0de7c866f762b931351c2a501c3074f] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16535 b/retired/CVE-2017-16535 new file mode 100644 index 00000000..41c7d822 --- /dev/null +++ b/retired/CVE-2017-16535 @@ -0,0 +1,13 @@ +Description: USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor() +References: +Notes: + bwh> Introduced in 3.2 by commit 3148bf041d16 "usbcore: get BOS descriptor set" +Bugs: +upstream: released (4.14-c6) [1c0edc3633b56000e18d82fc241e3995ca18a69e] +4.9-upstream-stable: released (4.9.59) [9d13d3e05be29056eeab610d9ad26b04c9231a04] +3.16-upstream-stable: released (3.16.50) [6514189e83d470af2f35735038c1b096410ab98d] +3.2-upstream-stable: released (3.2.95) [7c27b82fad16d2804c7c8405316a636f57edeabd] +sid: released (4.13.10-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16536 b/retired/CVE-2017-16536 new file mode 100644 index 00000000..33e1335f --- /dev/null +++ b/retired/CVE-2017-16536 @@ -0,0 +1,15 @@ +Description: cx231xx-cards: fix NULL-deref on missing association descriptor +References: + https://patchwork.kernel.org/patch/9963527/ +Notes: + bwh> Introduced in 2.6.30 by commit e0d3bafd0258 "V4L/DVB (10954): Add + bwh> cx231xx USB driver" +Bugs: +upstream: released (4.15-rc1) [6c3b047fa2d2286d5e438bcb470c7b1a49f415f6] +4.9-upstream-stable: released (4.9.66) [38c043d26c97a04332df960200a389bc4141ff21] +3.16-upstream-stable: released (3.16.51) [99a3c1bb0ed332c64cfcd53a84fea2468ab9e11e] +3.2-upstream-stable: released (3.2.96) [59a7195cd497d430d9f76bc9f71cf53ed4102743] +sid: released (4.13.13-1) [bugfix/all/media-cx231xx-cards-fix-null-deref-on-missing-associ.patch] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16537 b/retired/CVE-2017-16537 new file mode 100644 index 00000000..d842fd8f --- /dev/null +++ b/retired/CVE-2017-16537 @@ -0,0 +1,15 @@ +Description: media: imon: Fix null-ptr-deref in imon_probe +References: + https://patchwork.kernel.org/patch/9994017/ +Notes: + bwh> Introduced in 2.6.35 by commit 21677cfc562a "V4L/DVB: ir-core: add imon + bwh> driver" +Bugs: +upstream: released (4.15-rc1) [58fd55e838276a0c13d1dc7c387f90f25063cbf3] +4.9-upstream-stable: released (4.9.64) [ca98a5c721703de77f7fb8bbafd0673e4a60a841] +3.16-upstream-stable: released (3.16.51) [7f3ca02c7ed55f7d524fb5c06e2de36ab65f5e20] +3.2-upstream-stable: released (3.2.96) [0df873c63e8e99a8fb6e068d182b860e6e6e07a9] +sid: released (4.13.13-1) [bugfix/all/media-imon-fix-null-ptr-deref-in-imon_probe.patch] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16643 b/retired/CVE-2017-16643 new file mode 100644 index 00000000..43f31ced --- /dev/null +++ b/retired/CVE-2017-16643 @@ -0,0 +1,14 @@ +Description: Input: gtco - fix potential out-of-bound access +References: +Notes: + bwh> Introduced in 2.6.21 by commit a19ceb56cbd1 "USB Input: Added kernel + bwh> module to support all GTCO CalComp USB InterWrite School products" +Bugs: +upstream: released (4.14-rc7) [a50829479f58416a013a4ccca791336af3c584c7] +4.9-upstream-stable: released (4.9.60) [52f65e35c2b85908fa66cfc265be4e3fd88744a3] +3.16-upstream-stable: released (3.16.51) [9d399eba105c6e311db9ec78ce62579ffc403c0d] +3.2-upstream-stable: released (3.2.96) [2de544fd1b16f76f8dd1213d585ce611155ccd34] +sid: released (4.13.13-1) +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-16649 b/retired/CVE-2017-16649 new file mode 100644 index 00000000..21430294 --- /dev/null +++ b/retired/CVE-2017-16649 @@ -0,0 +1,15 @@ +Description: net: cdc_ether: fix divide by 0 on bad descriptors +References: + https://patchwork.ozlabs.org/patch/834771/ +Notes: + bwh> Probably introduced in 2.6.19 by commit a99c19492a80 "USB: usbnet - Add + bwh> unlink_rx_urbs() call to allow for Jumbo Frames". +Bugs: +upstream: released (4.14) [2cb80187ba065d7decad7c6614e35e07aec8a974] +4.9-upstream-stable: released (4.9.65) [f376621861e3d8a713d6931f4363c4137912330b] +3.16-upstream-stable: released (3.16.51) [fac4f4657e16d3457963d4c8ee6a356103155141] +3.2-upstream-stable: released (3.2.96) [d7d24810ac55e2f3fb213d6acf80016a0d337c50] +sid: released (4.13.13-1) [bugfix/all/net-cdc_ether-fix-divide-by-0-on-bad-descriptors.patch] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) diff --git a/retired/CVE-2017-8831 b/retired/CVE-2017-8831 new file mode 100644 index 00000000..74663643 --- /dev/null +++ b/retired/CVE-2017-8831 @@ -0,0 +1,15 @@ +Description: Double fetch problem in drivers/media/pci/saa7164/saa7164-bus.c +References: +Notes: + bwh> Probably fixed by commit 6fb05e0dd32e "[media] saa7164: fix double fetch + bwh> PCIe access condition" in linux-next. +Bugs: + https://bugzilla.kernel.org/show_bug.cgi?id=195559 +upstream: released (4.13-rc1) [6fb05e0dd32e566facb96ea61a48c7488daa5ac3] +4.9-upstream-stable: released (4.9.42) [12d17d78e3f74b5022f61eee7d6de082e472a401] +3.16-upstream-stable: released (3.16.49) [f6c711a2f630b15479466f5b25b25850b04a7106] +3.2-upstream-stable: released (3.2.94) [10c59d27363eba9fece1965293f83d865ba532be] +sid: released (4.12.6-1) +4.9-stretch-security: released (4.9.47-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: released (3.2.96-1) |