retire

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3779 e094ebfe-e918-0410-adfb-c712417f3574

4 files changed, 56 insertions, 0 deletions

diff --git a/retired/CVE-2014-9715 b/retired/CVE-2014-9715
new file mode 100644
index 00000000..d8e8af2f
--- /dev/null
+++ b/retired/CVE-2014-9715
@@ -0,0 +1,15 @@
+Description: nf_conntrack: reserve two bytes for nf_ct_ext->len
+References:
+Notes:
+ The issue was introduced in 3.6 but as well backported to 3.2
+ Introduced by (v3.6-rc5) [5b423f6a40a0327f9d40bc8b97ce9b]
+ In 3.2. introduced by (v3.2.33) [cc1b75d796ad050c83c95733c4220aaa04fa1304]
+Bugs: https://bugs.debian.org/741667
+upstream: released (v3.15-rc1) [223b02d923ecd7c84cf9780bb3686f455d279279]
+2.6.32-upstream-stable: N/A "Introduced in 3.6"
+sid: released (3.14.5-1)
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_e.patch]
+2.6.32-squeeze-security: N/A "Introduced in 3.6"
+3.16-upstream-stable: N/A "Fixed already in v3.15-rc1"
+3.2-upstream-stable: released (3.2.69) [netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_ext-len.patch]
diff --git a/retired/CVE-2015-1593 b/retired/CVE-2015-1593
new file mode 100644
index 00000000..0b16fc32
--- /dev/null
+++ b/retired/CVE-2015-1593
@@ -0,0 +1,15 @@
+Description: Linux stack ASLR implementation integer overflow
+References:
+ http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
+ https://lkml.org/lkml/2015/1/7/811
+ http://article.gmane.org/gmane.linux.kernel/1888210
+Notes:
+Bugs:
+upstream: released (4.0-rc1) [4e7c22d447bb6d7e37bfe39ff658486ae78e8d77]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt7-1) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
+3.16-upstream-stable: released (3.16.7-ckt8)
+3.2-upstream-stable: released (3.2.69) [x86-mm-aslr-fix-stack-randomization-on-64-bit-systems.patch]
diff --git a/retired/CVE-2015-2150 b/retired/CVE-2015-2150
new file mode 100644
index 00000000..3fd0c9ba
--- /dev/null
+++ b/retired/CVE-2015-2150
@@ -0,0 +1,13 @@
+Description: Xen: Non-maskable interrupts triggerable by guests
+References:
+ http://xenbits.xen.org/xsa/advisory-120.html
+Notes:
+Bugs:
+upstream: released (4.0-rc4) [af6fc858a35b90e89ea7a7ee58e66628c55c776b]
+2.6.32-upstream-stable: N/A "xen-pciback introduced in 3.1"
+sid: released (3.16.7-ckt9-1)
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/xen-pciback-limit-guest-control-of-command-register.patch]
+2.6.32-squeeze-security: N/A "xen-pciback introduced in 3.1"
+3.16-upstream-stable: released (3.16.7-ckt9)
+3.2-upstream-stable: released (3.2.69) [xen-pciback-limit-guest-control-of-command-register.patch]
diff --git a/retired/CVE-2015-3331 b/retired/CVE-2015-3331
new file mode 100644
index 00000000..87333610
--- /dev/null
+++ b/retired/CVE-2015-3331
@@ -0,0 +1,13 @@
+Description: Buffer overruns in Linux kernel RFC4106 implementation using AESNI
+References:
+Notes:
+Bugs:
+ - https://bugs.debian.org/782561
+upstream: released (v4.0-rc5) [ccfe8c3f7e52ae83155cb038753f4c75b774ca8a]
+2.6.32-upstream-stable: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
+sid: released (3.16.7-ckt9-3) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
+3.16-jessie-security: released (3.16.7-ckt9-3~deb8u1) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
+3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
+2.6.32-squeeze-security: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
+3.16-upstream-stable: released (3.16.7-ckt10)
+3.2-upstream-stable: released (3.2.69) [crypto-aesni-fix-memory-usage-in-gcm-decryption.patch]