From 621a69dac879e3b3f0dbd9a4654c6696140c5427 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 17 Aug 2017 18:58:28 +0000 Subject: Retire four CVEs git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5483 e094ebfe-e918-0410-adfb-c712417f3574 --- active/CVE-2014-9940 | 15 --------------- active/CVE-2017-10810 | 12 ------------ active/CVE-2017-7346 | 18 ------------------ active/CVE-2017-9605 | 14 -------------- retired/CVE-2014-9940 | 15 +++++++++++++++ retired/CVE-2017-10810 | 12 ++++++++++++ retired/CVE-2017-7346 | 18 ++++++++++++++++++ retired/CVE-2017-9605 | 14 ++++++++++++++ 8 files changed, 59 insertions(+), 59 deletions(-) delete mode 100644 active/CVE-2014-9940 delete mode 100644 active/CVE-2017-10810 delete mode 100644 active/CVE-2017-7346 delete mode 100644 active/CVE-2017-9605 create mode 100644 retired/CVE-2014-9940 create mode 100644 retired/CVE-2017-10810 create mode 100644 retired/CVE-2017-7346 create mode 100644 retired/CVE-2017-9605 diff --git a/active/CVE-2014-9940 b/active/CVE-2014-9940 deleted file mode 100644 index 488421936..000000000 --- a/active/CVE-2014-9940 +++ /dev/null @@ -1,15 +0,0 @@ -Description: regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing -References: - https://source.android.com/security/bulletin/2017-05-01 -Notes: - bwh> Introduced in 3.10 by commit f19b00da8ed3 "regulator: core: support - bwh> shared enable GPIO concept" -Bugs: -upstream: released (3.19-rc1) [60a2362f769cf549dc466134efe71c8bf9fbaaba] -4.9-upstream-stable: N/A "Fixed before branching point" -3.16-upstream-stable: released (3.16.45) [702f4dd27ccf3bae7915ef1f8790db3af435d211] -3.2-upstream-stable: N/A "Vulnerable code not present" -sid: released (4.0.2-1) -4.9-stretch-security: N/A "Fixed before branching point" -3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/all/regulator-core-Fix-regualtor_ena_gpio_free-not-to-ac.patch] -3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2017-10810 b/active/CVE-2017-10810 deleted file mode 100644 index ebacad6ae..000000000 --- a/active/CVE-2017-10810 +++ /dev/null @@ -1,12 +0,0 @@ -Description: Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c -References: -Notes: -Bugs: -upstream: released (4.12-rc1) [385aee965b4e4c36551c362a334378d2985b722a] -4.9-upstream-stable: released (4.9.37) [366d9207d9e002bf1a6d9da13a7f8f85b8a40c0b] -3.16-upstream-stable: N/A "Vulnerable code not present" -3.2-upstream-stable: N/A "Vulnerable code not present" -sid: released (4.11.11-1) -4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/all/drm-virtio-don-t-leak-bo-on-drm_gem_object_init-fail.patch] -3.16-jessie-security: N/A "Vulnerable code not present" -3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2017-7346 b/active/CVE-2017-7346 deleted file mode 100644 index de77af4fb..000000000 --- a/active/CVE-2017-7346 +++ /dev/null @@ -1,18 +0,0 @@ -Description: drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() -References: - https://lists.freedesktop.org/archives/dri-devel/2017-March/137429.html - https://bugzilla.redhat.com/show_bug.cgi?id=1437431 - https://marc.info/?l=linux-kernel&m=149086968410117&w=2 - https://lists.freedesktop.org/archives/dri-devel/2017-April/138293.html -Notes: - bwh> Introduced by commit a97e21923b42 "drm/vmwgfx: Hook up guest-backed - bwh> surfaces" in 3.14. -Bugs: -upstream: released (4.12-rc5) [ee9c4e681ec4f58e42a83cb0c22a0289ade1aacf] -4.9-upstream-stable: released (4.9.32) [a76ff847013a7f6b1cd328381ca263ddcca12061] -3.16-upstream-stable: released (3.16.45) [7943d19453aa1a1acf93bdb2812e0bef970ec23c] -3.2-upstream-stable: N/A "Vulnerable code not present" -sid: released (4.11.6-1) -4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-limit-the-number-of-mip-levels-in-vmw_gb_.patch] -3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/drm-vmwgfx-limit-the-number-of-mip-levels-in-vmw_gb_.patch] -3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2017-9605 b/active/CVE-2017-9605 deleted file mode 100644 index 9b207a7d9..000000000 --- a/active/CVE-2017-9605 +++ /dev/null @@ -1,14 +0,0 @@ -Description: drm/vmwgfx: 4 byte read of uninitialised kernel memory in vmw_gb_surface_define_ioctl() -References: - http://www.openwall.com/lists/oss-security/2017/06/13/2 -Notes: - bwh> Introduced by commit a97e21923b42 "drm/vmwgfx: Hook up guest-backed surfaces" -Bugs: -upstream: released (4.12-rc5) [07678eca2cf9c9a18584e546c2b2a0d0c9a3150c] -4.9-upstream-stable: released (4.9.32) [7860d0e5e2bf986d4bd06e7b029786747b5dc766] -3.16-upstream-stable: released (3.16.46) [26823129d84c6ca3e12b17af7a8e78c579b3bca5] -3.2-upstream-stable: N/A "Vulnerable code not present" -sid: released (4.11.6-1) -4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch] -3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch] -3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2014-9940 b/retired/CVE-2014-9940 new file mode 100644 index 000000000..488421936 --- /dev/null +++ b/retired/CVE-2014-9940 @@ -0,0 +1,15 @@ +Description: regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing +References: + https://source.android.com/security/bulletin/2017-05-01 +Notes: + bwh> Introduced in 3.10 by commit f19b00da8ed3 "regulator: core: support + bwh> shared enable GPIO concept" +Bugs: +upstream: released (3.19-rc1) [60a2362f769cf549dc466134efe71c8bf9fbaaba] +4.9-upstream-stable: N/A "Fixed before branching point" +3.16-upstream-stable: released (3.16.45) [702f4dd27ccf3bae7915ef1f8790db3af435d211] +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.0.2-1) +4.9-stretch-security: N/A "Fixed before branching point" +3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/all/regulator-core-Fix-regualtor_ena_gpio_free-not-to-ac.patch] +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2017-10810 b/retired/CVE-2017-10810 new file mode 100644 index 000000000..ebacad6ae --- /dev/null +++ b/retired/CVE-2017-10810 @@ -0,0 +1,12 @@ +Description: Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c +References: +Notes: +Bugs: +upstream: released (4.12-rc1) [385aee965b4e4c36551c362a334378d2985b722a] +4.9-upstream-stable: released (4.9.37) [366d9207d9e002bf1a6d9da13a7f8f85b8a40c0b] +3.16-upstream-stable: N/A "Vulnerable code not present" +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.11.11-1) +4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/all/drm-virtio-don-t-leak-bo-on-drm_gem_object_init-fail.patch] +3.16-jessie-security: N/A "Vulnerable code not present" +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2017-7346 b/retired/CVE-2017-7346 new file mode 100644 index 000000000..de77af4fb --- /dev/null +++ b/retired/CVE-2017-7346 @@ -0,0 +1,18 @@ +Description: drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() +References: + https://lists.freedesktop.org/archives/dri-devel/2017-March/137429.html + https://bugzilla.redhat.com/show_bug.cgi?id=1437431 + https://marc.info/?l=linux-kernel&m=149086968410117&w=2 + https://lists.freedesktop.org/archives/dri-devel/2017-April/138293.html +Notes: + bwh> Introduced by commit a97e21923b42 "drm/vmwgfx: Hook up guest-backed + bwh> surfaces" in 3.14. +Bugs: +upstream: released (4.12-rc5) [ee9c4e681ec4f58e42a83cb0c22a0289ade1aacf] +4.9-upstream-stable: released (4.9.32) [a76ff847013a7f6b1cd328381ca263ddcca12061] +3.16-upstream-stable: released (3.16.45) [7943d19453aa1a1acf93bdb2812e0bef970ec23c] +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.11.6-1) +4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-limit-the-number-of-mip-levels-in-vmw_gb_.patch] +3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/drm-vmwgfx-limit-the-number-of-mip-levels-in-vmw_gb_.patch] +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2017-9605 b/retired/CVE-2017-9605 new file mode 100644 index 000000000..9b207a7d9 --- /dev/null +++ b/retired/CVE-2017-9605 @@ -0,0 +1,14 @@ +Description: drm/vmwgfx: 4 byte read of uninitialised kernel memory in vmw_gb_surface_define_ioctl() +References: + http://www.openwall.com/lists/oss-security/2017/06/13/2 +Notes: + bwh> Introduced by commit a97e21923b42 "drm/vmwgfx: Hook up guest-backed surfaces" +Bugs: +upstream: released (4.12-rc5) [07678eca2cf9c9a18584e546c2b2a0d0c9a3150c] +4.9-upstream-stable: released (4.9.32) [7860d0e5e2bf986d4bd06e7b029786747b5dc766] +3.16-upstream-stable: released (3.16.46) [26823129d84c6ca3e12b17af7a8e78c579b3bca5] +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.11.6-1) +4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch] +3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch] +3.2-wheezy-security: N/A "Vulnerable code not present" -- cgit v1.2.3