diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2014-05-02 07:15:17 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2014-05-02 07:15:17 +0000 |
commit | b71a962277e62b0170e9356163b81052a4c24a38 (patch) | |
tree | 1a66e64e46bd58b17ac9813ec9214a6e3dc8cc68 /retired | |
parent | 1a9948523b172edbe867656861655a15883ea36e (diff) |
retire
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3337 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2014-0055 | 12 | ||||
-rw-r--r-- | retired/CVE-2014-0077 | 11 | ||||
-rw-r--r-- | retired/CVE-2014-1446 | 10 | ||||
-rw-r--r-- | retired/CVE-2014-1874 | 12 | ||||
-rw-r--r-- | retired/CVE-2014-2039 | 10 | ||||
-rw-r--r-- | retired/CVE-2014-2309 | 11 | ||||
-rw-r--r-- | retired/CVE-2014-2523 | 10 |
7 files changed, 76 insertions, 0 deletions
diff --git a/retired/CVE-2014-0055 b/retired/CVE-2014-0055 new file mode 100644 index 00000000..13adeba8 --- /dev/null +++ b/retired/CVE-2014-0055 @@ -0,0 +1,12 @@ +Description: vhost-net: insufficient handling of error conditions in get_rx_bufs() +References: + https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0055 + http://rhn.redhat.com/errata/RHSA-2014-0328.html +Notes: +Bugs: +upstream: released (3.14) [a39ee449f96a2cd44ce056d8a0a112211a9b1a1f] +2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33" +sid: released (3.13.10-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch] +3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch] +2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33" +3.2-upstream-stable: released (3.2.58) [vhost-validate-vhost_get_vq_desc-return-value.patch] diff --git a/retired/CVE-2014-0077 b/retired/CVE-2014-0077 new file mode 100644 index 00000000..315ed2df --- /dev/null +++ b/retired/CVE-2014-0077 @@ -0,0 +1,11 @@ +Description: vhost-net: insufficiency in handling of big packets in handle_rx() +References: + http://article.gmane.org/gmane.linux.network/311012 +Notes: +Bugs: +upstream: released (3.14) [d8316f3991d207fe32881a9ac20241be8fa2bad0] +2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33" +sid: released (3.13.10-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch] +3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch] +2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33" +3.2-upstream-stable: released (3.2.58) [vhost-fix-total-length-when-packets-are-too-short.patch] diff --git a/retired/CVE-2014-1446 b/retired/CVE-2014-1446 new file mode 100644 index 00000000..9c6ab384 --- /dev/null +++ b/retired/CVE-2014-1446 @@ -0,0 +1,10 @@ +Description: hamradio/yam: fix info leak in ioctl +References: +Notes: +Bugs: +upstream: released (3.13-rc7) [8e3fbf870481eb53b2d3a322d1fc395ad8b367ed] +2.6.32-upstream-stable: pending +sid: released (3.12.8-1) +3.2-wheezy-security: released (3.2.54-1) [bugfix/all/hamradio-yam-fix-info-leak-in-ioctl.patch] +2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hamradio-yam-fix-info-leak-in-ioctl.patch] +3.2-upstream-stable: released (3.2.55) diff --git a/retired/CVE-2014-1874 b/retired/CVE-2014-1874 new file mode 100644 index 00000000..8f2c4b9d --- /dev/null +++ b/retired/CVE-2014-1874 @@ -0,0 +1,12 @@ +Description: SeLinux local DoS +References: + http://marc.info/?l=selinux&m=139110025203759&w=2 +Notes: + Only triggerable with CAP_MAC_ADMIN +Bugs: +upstream: released (3.14-rc2) [2172fa709ab32ca60e86179dc67d0857be8e2c98] +2.6.32-upstream-stable: pending +sid: released (3.13.4-1) +3.2-wheezy-security: released (3.2.56-1) +2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/SELinux-Fix-kernel-BUG-on-empty-security-contexts.patch] +3.2-upstream-stable: released (3.2.56) diff --git a/retired/CVE-2014-2039 b/retired/CVE-2014-2039 new file mode 100644 index 00000000..e4a7c45b --- /dev/null +++ b/retired/CVE-2014-2039 @@ -0,0 +1,10 @@ +Description: s390: fix kernel crash due to linkage stack instructions +References: +Notes: +Bugs: +upstream: released (3.14-rc2) [8d7f6690cedb83456edd41c9bd583783f0703bf0] +2.6.32-upstream-stable: pending +sid: released (3.13.5-1) +3.2-wheezy-security: released (3.2.57-1) +2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/s390/fix-kernel-crash-due-to-linkage-stack-instructi.patch] +3.2-upstream-stable: released (3.2.57) [s390-fix-kernel-crash-due-to-linkage-stack-instructions.patch] diff --git a/retired/CVE-2014-2309 b/retired/CVE-2014-2309 new file mode 100644 index 00000000..34474369 --- /dev/null +++ b/retired/CVE-2014-2309 @@ -0,0 +1,11 @@ +Description: ipv6: don't set DST_NOCOUNT for remotely added routes +References: + https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39 +Notes: +Bugs: +upstream: released (3.14-rc4) [c88507fbad8055297c1d1e21e599f46960cbee39] +2.6.32-upstream-stable: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0" +sid: released (3.13.6-1) [bugfix/all/ipv6-don-t-set-DST_NOCOUNT-for-remotely-added-routes.patch] +3.2-wheezy-security: released (3.2.57-1) [bugfix/all/ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch] +2.6.32-squeeze-security: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0" +3.2-upstream-stable: released (3.2.58) [ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch] diff --git a/retired/CVE-2014-2523 b/retired/CVE-2014-2523 new file mode 100644 index 00000000..f3d930b6 --- /dev/null +++ b/retired/CVE-2014-2523 @@ -0,0 +1,10 @@ +Description: netfilter: remote memory corruption in nf_conntrack_proto_dccp +References: +Notes: +Bugs: +upstream: released (3.14-rc1) [b22f5126a24b3b2f15448c3f2a254fc10cbc2b92] +2.6.32-upstream-stable: pending +sid: released (3.13.10-1) +3.2-wheezy-security: released (3.2.57-1) +2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/netfilter-nf_conntrack_dccp-fix-skb_header_pointer-A.patch] +3.2-upstream-stable: released (3.2.57) [netfilter-nf_conntrack_dccp-fix-skb_header_pointer-api-usages.patch] |