Retire several CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4499 e094ebfe-e918-0410-adfb-c712417f3574

30 files changed, 354 insertions, 0 deletions

diff --git a/retired/CVE-2014-9903 b/retired/CVE-2014-9903
new file mode 100644
index 00000000..07225690
--- /dev/null
+++ b/retired/CVE-2014-9903
@@ -0,0 +1,10 @@
+Description:
+References:
+Notes: Introduced in 3.14-rc1 with d50dde5a10f305253cbc3855307f608f8a3c5f73
+Bugs:
+upstream: released (3.14-rc4) [4efbc454ba68def5ef285b26ebfcfdb605b52755]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnreable code not present"
+sid: N/A "Vulnrable code not present"
+3.16-jessie-security: N/A "Vulnreable code not present"
+3.2-wheezy-security: N/A "Vulnreable code not present"
diff --git a/retired/CVE-2015-7515 b/retired/CVE-2015-7515
new file mode 100644
index 00000000..8953a5d4
--- /dev/null
+++ b/retired/CVE-2015-7515
@@ -0,0 +1,13 @@
+Description: aiptek: crash on invalid USB device descriptors 
+References:
+ - https://bugzilla.redhat.com/show_bug.cgi?id=1285326
+ - https://www.spinics.net/lists/linux-input/msg42294.html
+ - https://os-s.net/advisories/OSS-2016-05_aiptek.pdf
+Notes:
+Bugs:
+upstream: released (4.4-rc6) [8e20cf2bce122ce9262d6034ee5d5b76fbb92f96]
+3.16-upstream-stable: released (3.16.7-ckt26) [24b12688c53a46545a723cf084e25afde2ba39f3]
+3.2-upstream-stable: released (3.2.79) [input-aiptek-fix-crash-on-detecting-device-without-endpoints.patch]
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-aiptek-fix-crash-on-detecting-device-without-e.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-0821 b/retired/CVE-2016-0821
new file mode 100644
index 00000000..eea9bfc9
--- /dev/null
+++ b/retired/CVE-2016-0821
@@ -0,0 +1,10 @@
+Description: Too big poison pointer space
+References:
+Notes:
+Bugs:
+upstream: released (4.3-rc1) [8a5e5e02fc83aaf67053ab53b359af08c6c49aaf]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.79) [include-linux-poison.h-fix-list_poison-1-2-offset.patch]
+sid: released (4.3.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/include-linux-poison.h-fix-list_poison-1-2-offset.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-2117 b/retired/CVE-2016-2117
new file mode 100644
index 00000000..656b9804
--- /dev/null
+++ b/retired/CVE-2016-2117
@@ -0,0 +1,13 @@
+Description: memory disclosure into ethernet frames due to incorrect driver handling of scatter/gather IO
+References:
+ http://www.openwall.com/lists/oss-security/2016/03/16/7
+ https://bugzilla.novell.com/show_bug.cgi?id=968697
+ http://mid.gmane.org/0160420222308.GJ3348@decadent.org.uk
+Notes:
+Bugs:
+upstream: released (4.6-rc5) [f43bfaeddc79effbf3d0fcb53ca477cca66f3db8]
+3.16-upstream-stable: released (3.16.36) [atl2-disable-unimplemented-scatter-gather-feature.patch]
+3.2-upstream-stable: N/A ("scatter/gather cannot be enabled")
+sid: released (4.5.2-1) [bugfix/all/atl2-disable-unimplemented-scatter-gather-feature.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/atl2-disable-unimplemented-scatter-gather-feature.patch]
+3.2-wheezy-security: N/A ("scatter/gather cannot be enabled")
diff --git a/retired/CVE-2016-2143 b/retired/CVE-2016-2143
new file mode 100644
index 00000000..8ce0b1f1
--- /dev/null
+++ b/retired/CVE-2016-2143
@@ -0,0 +1,11 @@
+Description: s390/mm: page table corruption
+References:
+Notes:
+ Introduced since 6252d702c5311ce916caf75ed82e5c8245171c92 (v2.6.25-rc1)
+Bugs:
+upstream: released (4.5) [3446c13b268af86391d06611327006b059b8bab1]
+3.16-upstream-stable: released (3.16.35) [s390-mm-four-page-table-levels-vs.-fork.patch]
+3.2-upstream-stable: released (3.2.79) [s390-mm-four-page-table-levels-vs.-fork.patch]
+sid: released (4.4.6-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/s390/s390-mm-four-page-table-levels-vs.-fork.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-2184 b/retired/CVE-2016-2184
new file mode 100644
index 00000000..1855fb8b
--- /dev/null
+++ b/retired/CVE-2016-2184
@@ -0,0 +1,13 @@
+Description: Kernel panic on invalid USB device descriptor (snd_usb_audio driver)
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1317012
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283355
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283358
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [0f886ca12765d20124bd06291c82951fd49a33be, 447d6275f0c21f6cc97a88b3a0c601436a4cdf2a]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [alsa-usb-audio-fix-null-dereference-in-create_fixed_stream_quirk.patch, alsa-usb-audio-add-sanity-checks-for-endpoint-accesses.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/alsa-usb-audio-fix-null-dereference-in-create_fixed_.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-2185 b/retired/CVE-2016-2185
new file mode 100644
index 00000000..941c4795
--- /dev/null
+++ b/retired/CVE-2016-2185
@@ -0,0 +1,13 @@
+Description: Kernel panic on invalid USB device descriptor (ati_remote2 driver)
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1317014
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283362
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283363
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [input-ati_remote2-fix-crashes-on-detecting-device-with-invalid.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-ati_remote2-fix-crashes-on-detecting-device-wi.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-2186 b/retired/CVE-2016-2186
new file mode 100644
index 00000000..1ca0ce13
--- /dev/null
+++ b/retired/CVE-2016-2186
@@ -0,0 +1,13 @@
+Description: Kernel panic on invalid USB device descriptor (powermate driver)
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1317015
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283384
+ http://marc.info/?l=linux-usb&m=145796479528669&w=2
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [9c6ba456711687b794dcf285856fc14e2c76074f]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [input-powermate-fix-oops-with-malicious-usb-descriptors.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-powermate-fix-oops-with-malicious-usb-descript.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-2187 b/retired/CVE-2016-2187
new file mode 100644
index 00000000..8e276efd
--- /dev/null
+++ b/retired/CVE-2016-2187
@@ -0,0 +1,11 @@
+Description: Kernel panic on invalid USB device descriptor (gtco driver)
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1317017
+Notes:
+Bugs:
+upstream: released (4.6-rc5) [162f98dea487206d9ab79fc12ed64700667a894d]
+3.16-upstream-stable: released (3.16.36) [input-gtco-fix-crash-on-detecting-device-without-endpoints.patch]
+3.2-upstream-stable: released (3.2.81) [input-gtco-fix-crash-on-detecting-device-without-endpoints.patch]
+sid: released (4.5.2-1) [bugfix/all/input-gtco-fix-crash-on-detecting-device-without-end.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-gtco-fix-crash-on-detecting-device-without-end.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3070 b/retired/CVE-2016-3070
new file mode 100644
index 00000000..bb919933
--- /dev/null
+++ b/retired/CVE-2016-3070
@@ -0,0 +1,14 @@
+Description: Null pointer dereference in trace_writeback_dirty_page() 
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1306851 (not yet public)
+Notes:
+ bwh> Problematic call sequence removed by upstream commit appears to be:
+ bwh> migrate_page_copy() -> __set_page_dirty_nobuffers()
+ bwh> -> account_page_dirtied() -> trace_writeback_dirty_page()
+Bugs:
+upstream: released (4.4-rc1) [42cb14b110a5698ccf26ce59c4441722605a3743]
+3.16-upstream-stable: released (3.16.36) [mm-migrate-dirty-page-without-clear_page_dirty_for_io-etc.patch]
+3.2-upstream-stable: N/A ("Vulnerable code not present")
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/mm-migrate-dirty-page-without-clear_page_dirty_for_io-etc.patch]
+3.2-wheezy-security: N/A ("Vulnerable code not present")
diff --git a/retired/CVE-2016-3134 b/retired/CVE-2016-3134
new file mode 100644
index 00000000..381ac247
--- /dev/null
+++ b/retired/CVE-2016-3134
@@ -0,0 +1,19 @@
+Description: netfilter IPT_SO_SET_REPLACE memory corruption
+References:
+ https://code.google.com/p/google-security-research/issues/detail?id=758
+ https://patchwork.ozlabs.org/patch/595575/
+ https://patchwork.ozlabs.org/patch/599721/
+ http://marc.info/?l=netfilter-devel&m=145757134822741&w=2
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=bdf533de6968e9686df777dc178486f600c6e617
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
+Notes:
+ carnil> Can be triggered by an unprivileged user on PF_INET sockets when
+ carnil> unprivileged user namespaces are available (CONFIG_USER_NS=y)
+ bwh> The upstream fixes (in davem/net.git) are the last two listed above
+Bugs:
+upstream: released (4.6-rc2) [bdf533de6968e9686df777dc178486f600c6e617, 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91]
+3.16-upstream-stable: released (3.16.35) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+3.2-upstream-stable: released (3.2.80) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+sid: released (4.5.1-1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3136 b/retired/CVE-2016-3136
new file mode 100644
index 00000000..3fbe04e9
--- /dev/null
+++ b/retired/CVE-2016-3136
@@ -0,0 +1,12 @@
+Description: crash on invalid USB device descriptors (mct_u232 driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/57
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283370
+Notes:
+Bugs:
+upstream: released (4.6-rc3) [4e9a0b05257f29cf4b75f3209243ed71614d062e]
+3.16-upstream-stable: released (3.16.35) [usb-mct_u232-add-sanity-checking-in-probe.patch]
+3.2-upstream-stable: released (3.2.80) [usb-mct_u232-add-sanity-checking-in-probe.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-mct_u232-add-sanity-checking-in-probe.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3137 b/retired/CVE-2016-3137
new file mode 100644
index 00000000..4f63ceed
--- /dev/null
+++ b/retired/CVE-2016-3137
@@ -0,0 +1,12 @@
+Description: crash on invalid USB device descriptors (cypress_m8 driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/55
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283368
+Notes:
+Bugs:
+upstream: released (4.6-rc3) [c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754]
+3.16-upstream-stable: released (3.16.35) [usb-cypress_m8-add-endpoint-sanity-check.patch]
+3.2-upstream-stable: released (3.2.80) [usb-cypress_m8-add-endpoint-sanity-check.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-cypress_m8-add-endpoint-sanity-check.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3138 b/retired/CVE-2016-3138
new file mode 100644
index 00000000..2aafc05c
--- /dev/null
+++ b/retired/CVE-2016-3138
@@ -0,0 +1,12 @@
+Description: crash on invalid USB device descriptors (cdc_acm driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/54
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283366
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [8835ba4a39cf53f705417b3b3a94eb067673f2c9]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [usb-cdc-acm-more-sanity-checking.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-cdc-acm-more-sanity-checking.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3140 b/retired/CVE-2016-3140
new file mode 100644
index 00000000..a5b99550
--- /dev/null
+++ b/retired/CVE-2016-3140
@@ -0,0 +1,13 @@
+Description: crash on invalid USB device descriptors (digi_acceleport driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/61
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283378
+Notes:
+ Proposed patch: http://marc.info/?l=linux-usb&m=145796765030590&w=2
+Bugs:
+upstream: released (4.6-rc3) [5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f]
+3.16-upstream-stable: released (3.16.35) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
+3.2-upstream-stable: released (3.2.80) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-digi_acceleport-do-sanity-checking-for-the-numbe.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3156 b/retired/CVE-2016-3156
new file mode 100644
index 00000000..f01d0780
--- /dev/null
+++ b/retired/CVE-2016-3156
@@ -0,0 +1,10 @@
+Description: ipv4: Don't do expensive useless work during inetdev destroy
+References:
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [fbd40ea0180a2d328c5adc61414dc8bab9335ce2]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: N/A "Not a security issue since containers are not supported"
+sid: released (4.5.1-1) [bugfix/all/ipv4-don-t-do-expensive-useless-work-during-inetdev-.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ipv4-don-t-do-expensive-useless-work-during-inetdev-.patch]
+3.2-wheezy-security: N/A "Not a security issue since containers are not supported"
diff --git a/retired/CVE-2016-3157 b/retired/CVE-2016-3157
new file mode 100644
index 00000000..fe57309a
--- /dev/null
+++ b/retired/CVE-2016-3157
@@ -0,0 +1,11 @@
+Description: I/O port access privilege escalation in x86-64 Linux under Xen
+References:
+ http://xenbits.xen.org/xsa/advisory-171.html
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [b7a584598aea7ca73140cb87b40319944dd3393f]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3672 b/retired/CVE-2016-3672
new file mode 100644
index 00000000..b9a143c8
--- /dev/null
+++ b/retired/CVE-2016-3672
@@ -0,0 +1,14 @@
+Description: Unlimiting the stack disables ASLR on i386
+References:
+ http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html
+Notes:
+ bwh> This problem has been known for a long time; I don't know why it got
+ bwh> a 2016 CVE ID.  There is some risk of regression so we should
+ bwh> probably wait a while before backporting.
+Bugs:
+upstream: released (4.6-rc1) [8b8addf891de8a00e4d39fc32f93f7c5eb8feceb]
+3.16-upstream-stable: released (3.16.35) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
+3.2-upstream-stable: released (3.2.80) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
+sid: released (4.5.1-1) [bugfix/all/x86-mm-32-enable-full-randomization-on-i386-and-x86_.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-standardize-mmap_rnd-usage.patch, bugfix/x86/x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3951 b/retired/CVE-2016-3951
new file mode 100644
index 00000000..b57c75b6
--- /dev/null
+++ b/retired/CVE-2016-3951
@@ -0,0 +1,11 @@
+Description: usbnet: memory corruption triggered by invalid USB descriptor
+References:
+Notes:
+ bwh> First part was included in 3.16.7-ckt26 and doesn't seem to be needed for 3.2
+Bugs:
+upstream: released (4.5) [4d06dd537f95683aba3651098ae288b7cbff8274, 1666984c8625b3db19a9abc298931d35ab7bc64b]
+3.16-upstream-stable: released (3.16.35) [usbnet-cleanup-after-bind-in-probe.patch]
+3.2-upstream-stable: released (3.2.80) [usbnet-cleanup-after-bind-in-probe.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/cdc_ncm-do-not-call-usbnet_link_change-from-cdc_ncm_.patch, bugfix/all/usbnet-cleanup-after-bind-in-probe.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3955 b/retired/CVE-2016-3955
new file mode 100644
index 00000000..697d1dda
--- /dev/null
+++ b/retired/CVE-2016-3955
@@ -0,0 +1,10 @@
+Description: remote buffer overflow in usbip
+References:
+Notes:
+Bugs:
+upstream: released (4.6-rc3) [b348d7dddb6c4fbfc810b7a0626e8ec9e29f7cbb]
+3.16-upstream-stable: released (3.16.35) [usb-usbip-fix-potential-out-of-bounds-write.patch]
+3.2-upstream-stable: released (3.2.80) [usb-usbip-fix-potential-out-of-bounds-write.patch]
+sid: released (4.5.2-1) [bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-3961 b/retired/CVE-2016-3961
new file mode 100644
index 00000000..526844f4
--- /dev/null
+++ b/retired/CVE-2016-3961
@@ -0,0 +1,11 @@
+Description: XSA-174: hugetlbfs use may crash PV Linux guests
+References:
+ http://xenbits.xen.org/xsa/advisory-174.html
+Notes:
+Bugs:
+upstream: released (4.6-rc5) [103f6112f253017d7062cd74d17f4a514ed4485c]
+3.16-upstream-stable: released (3.16.36) [mm-hugetlb-allow-hugepages_supported-to-be-architecture-specific.patch, x86-mm-xen-suppress-hugetlbfs-in-pv-guests.patch]
+3.2-upstream-stable: released (3.2.81) [hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, mm-hugetlb-allow-hugepages_supported-to-be-architecture-specific.patch, x86-mm-xen-suppress-hugetlbfs-in-pv-guests.patch]
+sid: released (4.5.2-1) [bugfix/x86/x86-xen-suppress-hugetlbfs-in-PV-guests.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]
diff --git a/retired/CVE-2016-4485 b/retired/CVE-2016-4485
new file mode 100644
index 00000000..4a3c007c
--- /dev/null
+++ b/retired/CVE-2016-4485
@@ -0,0 +1,10 @@
+Description: information leak vulnerability in llc module
+References:
+Notes:
+Bugs:
+upstream: released (4.6) [b8670c09f37bdf2847cc44f36511a53afc6161fd]
+3.16-upstream-stable: released (3.16.36) [net-fix-infoleak-in-llc.patch]
+3.2-upstream-stable: released (3.2.81) [net-fix-infoleak-in-llc.patch]
+sid: released (4.5.4-1) [bugfix/all/net-fix-infoleak-in-llc.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-infoleak-in-llc.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-4486 b/retired/CVE-2016-4486
new file mode 100644
index 00000000..61f9dc5a
--- /dev/null
+++ b/retired/CVE-2016-4486
@@ -0,0 +1,10 @@
+Description: information leak vulnerability in rtnetlink
+References:
+Notes:
+Bugs:
+upstream: released (4.6) [5f8e44741f9f216e33736ea4ec65ca9ac03036e6]
+3.16-upstream-stable: released (3.16.36) [net-fix-infoleak-in-rtnetlink.patch]
+3.2-upstream-stable: released (3.2.81) [net-fix-infoleak-in-rtnetlink.patch]
+sid: released (4.5.4-1) [bugfix/all/net-fix-infoleak-in-rtnetlink.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-infoleak-in-rtnetlink.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-4565 b/retired/CVE-2016-4565
new file mode 100644
index 00000000..db8b2261
--- /dev/null
+++ b/retired/CVE-2016-4565
@@ -0,0 +1,10 @@
+Description: Privilege escalation through misuse of write() in RDMA APIs
+References:
+Notes:
+Bugs:
+upstream: released (4.6-rc6) [e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3]
+3.16-upstream-stable: released (3.16.36) [ib-security-restrict-use-of-the-write-interface.patch]
+3.2-upstream-stable: released (3.2.81) [ib-security-restrict-use-of-the-write-interface.patch]
+sid: released (4.5.3-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ib-security-restrict-use-of-the-write-interface.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-4580 b/retired/CVE-2016-4580
new file mode 100644
index 00000000..a2963397
--- /dev/null
+++ b/retired/CVE-2016-4580
@@ -0,0 +1,11 @@
+Description: net: fix a kernel infoleak in x25 module
+References:
+Notes:
+ For 4.5.x fixed in f7ee286fab0b55bf5908978c94e50d52e627b3ac
+Bugs:
+upstream: released (4.6) [79e48650320e6fba48369fccf13fd045315b19b8]
+3.16-upstream-stable: released (3.16.36) [net-fix-a-kernel-infoleak-in-x25-module.patch]
+3.2-upstream-stable: released (3.2.81) [net-fix-a-kernel-infoleak-in-x25-module.patch]
+sid: released (4.5.5-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-a-kernel-infoleak-in-x25-module.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-4581 b/retired/CVE-2016-4581
new file mode 100644
index 00000000..0b07225e
--- /dev/null
+++ b/retired/CVE-2016-4581
@@ -0,0 +1,10 @@
+Description:
+References:
+Notes:
+Bugs:
+upstream: released (4.6-rc7) [5ec0811d30378ae104f250bfc9b3640242d81e3f]
+3.16-upstream-stable: released (3.16.36) [fs-pnode.c-treat-zero-mnt_group_id-s-as-unequal.patch, propogate_mnt-handle-the-first-propogated-copy-being-a-slave.patch]
+3.2-upstream-stable: N/A "Vulnerable code introduced with f2ebb3a921c1ca1e2ddd9242e95a1989a50c4c68 (3.15-rc1)"
+sid: released (4.5.4-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/fs-pnode.c-treat-zero-mnt_group_id-s-as-unequal.patch, bugfix/all/propogate_mnt-Handle-the-first-propogated-copy-being.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2016-4794 b/retired/CVE-2016-4794
new file mode 100644
index 00000000..36afdcbd
--- /dev/null
+++ b/retired/CVE-2016-4794
@@ -0,0 +1,16 @@
+Description: Use-after-free in pcpu_extend_area_map, triggered by bpf()
+References:
+ Reproducer: http://www.openwall.com/lists/oss-security/2016/05/12/6
+ http://thread.gmane.org/gmane.linux.network/408459/
+ http://article.gmane.org/gmane.linux.kernel/2227891
+ http://article.gmane.org/gmane.linux.kernel/2227892
+Notes:
+ bwh> It's not clear whether this is specific to bpf() or an existing bug
+ bwh> that's now easier to hit (and exploit).
+Bugs:
+upstream: released (4.7-rc4) [4f996e234dad488e5d9ba0858bc1bae12eff82c3, 6710e594f71ccaad8101bc64321152af7cd9ea28]
+3.16-upstream-stable: N/A "Introduced with 1a4d76076cda and 9c824b6a172c in 3.18-rc1"
+3.2-upstream-stable: N/A "Introduced with 1a4d76076cda and 9c824b6a172c in 3.18-rc1"
+sid: released (4.6.2-2) [bugfix/all/percpu-fix-synchronization-between-chunk-map_extend_.patch, bugfix/all/percpu-fix-synchronization-between-synchronous-map-e.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2016-4805 b/retired/CVE-2016-4805
new file mode 100644
index 00000000..ea1cb126
--- /dev/null
+++ b/retired/CVE-2016-4805
@@ -0,0 +1,10 @@
+Description: use-after-free issue for ppp channel
+References:
+Notes: For 4.5.x in d1d87a48fa9731247424675f6abc5daba74ec3f8
+Bugs:
+upstream: released (4.6-rc1) [1f461dcdd296eecedaffffc6bae2bfa90bd7eb89]
+3.16-upstream-stable: released (3.16.35) [6ab3a4331a1de5a20c3dc97f5211d00f1b35ce50]
+3.2-upstream-stable: released (3.2.80) [7fda126c5155acc3e61596ce4c5dcf3859e22444]
+sid: released (4.5.2-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ppp-take-reference-on-channels-netns.patch]
+3.2-wheezy-security: released (3.2.81-1)
diff --git a/retired/CVE-2016-4913 b/retired/CVE-2016-4913
new file mode 100644
index 00000000..0cbc48e5
--- /dev/null
+++ b/retired/CVE-2016-4913
@@ -0,0 +1,10 @@
+Description: information leak in Rock Ridge Extensions to iso9660
+References:
+Notes:
+Bugs:
+upstream: released (4.6) [99d825822eade8d827a1817357cbf3f889a552d6]
+3.16-upstream-stable: released (3.16.36) [get_rock_ridge_filename-handle-malformed-nm-entries.patch]
+3.2-upstream-stable: released (3.2.81) [get_rock_ridge_filename-handle-malformed-nm-entries.patch]
+sid: released (4.5.4-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-nm-entries.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]
diff --git a/retired/CVE-2016-partial-SMAP-bypass b/retired/CVE-2016-partial-SMAP-bypass
new file mode 100644
index 00000000..487b26b0
--- /dev/null
+++ b/retired/CVE-2016-partial-SMAP-bypass
@@ -0,0 +1,11 @@
+Description: Partial SMAP bypass on 64-bit Linux kernels
+References:
+ http://www.openwall.com/lists/oss-security/2016/02/26/6
+Notes:
+Bugs:
+upstream: released (4.5-rc6) [3d44d51bd339766f0178f0cf2e8d048b4a4872aa]
+3.16-upstream-stable: released (3.16.7-ckt26) [a39881d103f27702f8057051f59196375b905f6a]
+3.2-upstream-stable: N/A "Vulnerable code not present, introduced in 63bcff2a307b9bcc712a8251eb27df8b2e117967 (v3.10-rc1)" 
+sid: released (4.4.4-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-entry-compat-add-missing-clac-to-entry_int80_32.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"