diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2014-12-22 07:28:31 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2014-12-22 07:28:31 +0000 |
commit | 8ee9031d1e75307b7a8a452577799c2cbd3ff746 (patch) | |
tree | 80d79fab895490b0a5732e81a5f9277c6a8a3a70 /retired | |
parent | 7e3993994ec48e7cc71b998f824e6cb80c0b8f12 (diff) |
retire
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3627 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2014-9090 | 13 | ||||
-rw-r--r-- | retired/CVE-2014-9322 | 12 |
2 files changed, 25 insertions, 0 deletions
diff --git a/retired/CVE-2014-9090 b/retired/CVE-2014-9090 new file mode 100644 index 00000000..d867eeb5 --- /dev/null +++ b/retired/CVE-2014-9090 @@ -0,0 +1,13 @@ +Description: espfix64 is designed to double-fault and recover on failures. This worked great for #GP and #NP, but it didn't work for #SS. +References: + http://seclists.org/oss-sec/2014/q4/777 +Notes: + willy has made backports for 2.6.32, pending upstream review +Bugs: +upstream: released (3.18-rc6) [6f442be2fb22be02cafa606f1769fa1e6f894441] +2.6.32-upstream-stable: released (2.6.32.65) +sid: released (3.16.7-ckt2-1) [bugfix/x86/x86_64-traps-Stop-using-IST-for-SS.patch] +3.2-wheezy-security: released (3.2.63-2+deb7u2) [bugfix/x86/x86_64-traps-Stop-using-IST-for-SS.patch] +2.6.32-squeeze-security: released (2.6.32-48squeeze9) +3.16-upstream-stable: released (3.16.7-ckt3) +3.2-upstream-stable: released (3.2.65) diff --git a/retired/CVE-2014-9322 b/retired/CVE-2014-9322 new file mode 100644 index 00000000..2dc4f8c8 --- /dev/null +++ b/retired/CVE-2014-9322 @@ -0,0 +1,12 @@ +Description: x86: local privesc due to bad_iret and paranoid entry incompatibility +References: + http://www.openwall.com/lists/oss-security/2014/12/15/6 +Notes: +Bugs: +upstream: released (3.18-rc6) [6f442be2fb22be02cafa606f1769fa1e6f894441] +2.6.32-upstream-stable: released (2.6.32.65) +sid: released (3.16.7-ckt2-1) +3.2-wheezy-security: released (3.2.63-2+deb7u2) +2.6.32-squeeze-security: released (2.6.32-48squeeze9) +3.16-upstream-stable: released (3.16.7-ckt3) +3.2-upstream-stable: released (3.2.65) |