diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-04-23 10:23:24 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-04-23 10:23:24 +0000 |
commit | 816a5c9ee308eaa9d89e64aa5bc3fbe16fcc9b9a (patch) | |
tree | ca6c784d51ff82b3ed088adb83b8351ad014a5a5 /retired | |
parent | f6b2b34855d52bd7e681ac586783eea087ff7965 (diff) |
Retire four CVEs
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5207 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2017-2596 | 15 | ||||
-rw-r--r-- | retired/CVE-2017-8066 | 11 | ||||
-rw-r--r-- | retired/CVE-2017-8071 | 11 | ||||
-rw-r--r-- | retired/CVE-2017-8072 | 12 |
4 files changed, 49 insertions, 0 deletions
diff --git a/retired/CVE-2017-2596 b/retired/CVE-2017-2596 new file mode 100644 index 00000000..af79b633 --- /dev/null +++ b/retired/CVE-2017-2596 @@ -0,0 +1,15 @@ +Description: kvm: page reference leakage in handle_vmon +References: + https://www.spinics.net/lists/kvm/msg144319.html +Notes: + bwh> Introduced in 3.16 by 3573e22cfeca "KVM: nVMX: additional checks on vmxon + bwh> region" +Bugs: + https://bugzilla.redhat.com/show_bug.cgi?id=1417812 +upstream: released (4.11-rc1) [06ce521af9558814b8606c0476c54497cf83a653] +4.9-upstream-stable: released (4.9.24) [75465e71ec3139b958d06d48dfc85720aed69b6a] +3.16-upstream-stable: released (3.16.42) [591fc80b6369a886a1d21cacf11f91b455781df3] +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.9.13-1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch] +3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch] +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2017-8066 b/retired/CVE-2017-8066 new file mode 100644 index 00000000..afb1ce57 --- /dev/null +++ b/retired/CVE-2017-8066 @@ -0,0 +1,11 @@ +Description: can: gs_usb: Don't use stack memory for USB transfers +References: +Notes: +Bugs: +upstream: released (4.11-rc1) [c919a3069c775c1c876bec55e00b2305d5125caa] +4.9-upstream-stable: released (4.9.14) [cec7abd27e878e3c83dc9af41ee87a2e9d483ac0] +3.16-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 05ca5270005c" +3.2-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 05ca5270005c" +sid: released (4.9.16-1) +3.16-jessie-security: N/A "Vulnerable code not present" +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2017-8071 b/retired/CVE-2017-8071 new file mode 100644 index 00000000..8a83a728 --- /dev/null +++ b/retired/CVE-2017-8071 @@ -0,0 +1,11 @@ +Description: HID: cp2112: fix sleep-while-atomic +References: +Notes: +Bugs: +upstream: released (4.10-rc7) [7a7b5df84b6b4e5d599c7289526eed96541a0654] +4.9-upstream-stable: released (4.9.9) [a18c4584a48931e8048508469bcdb53c6082221a] +3.16-upstream-stable: N/A "Introduced in 4.9-rc7 with 1ffb3c40ffb5" +3.2-upstream-stable: N/A "Introduced in 4.9-rc7 with 1ffb3c40ffb5" +sid: released (4.9.10-1) +3.16-jessie-security: N/A "Vulnerable code not present" +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2017-8072 b/retired/CVE-2017-8072 new file mode 100644 index 00000000..5e144792 --- /dev/null +++ b/retired/CVE-2017-8072 @@ -0,0 +1,12 @@ +Description: HID: cp2112: fix gpio-callback error handling +References: +Notes: + Introduced with 4.9-rc7 with 1ffb3c40ffb5 +Bugs: +upstream: released (4.10-rc7) [8e9faa15469ed7c7467423db4c62aeed3ff4cae3] +4.9-upstream-stable: released (4.9.9) [7396685a1bca323b96fd79b836ae22b7569d7068] +3.16-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9" +3.2-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9" +sid: released (4.9.10-1) +3.16-jessie-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9" +3.2-wheezy-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9" |