From cb078d38eb66c45ca8c90556ed64e4242ee2d9d8 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 13 Oct 2015 09:29:04 +0000
Subject: Retire CVE-2015-5283

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3960 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2015-5283 | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 retired/CVE-2015-5283

(limited to 'retired/CVE-2015-5283')

diff --git a/retired/CVE-2015-5283 b/retired/CVE-2015-5283
new file mode 100644
index 00000000..546062d0
--- /dev/null
+++ b/retired/CVE-2015-5283
@@ -0,0 +1,13 @@
+Description: Creating multiple sockets when SCTP module isn't loaded leads to kernel panic
+References:
+ http://patchwork.ozlabs.org/patch/515996/
+Notes:
+Bugs:
+upstream: released (v4.3-rc3) [8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4]
+3.16-upstream-stable: released (3.16.7-ckt18) [eb084bd187c25f0b63556a4f6c440e3ac96ecaf5]
+3.2-upstream-stable: N/A ("Vulnerable code not present")
+2.6.32-upstream-stable: N/A ("Vulnerable code not present")
+sid: released (4.2.1-2) [bugfix/all/sctp-fix-race-on-protocol-netns-initialization.patch]
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u5) [bugfix/all/sctp-fix-race-on-protocol-netns-initialization.patch]
+3.2-wheezy-security: N/A ("Vulnerable code not present")
+2.6.32-squeeze-security: N/A ("Vulnerable code not present")
-- 
cgit v1.2.3