From c4ceda8a1c8f40021b2eb330318a4c1f096c3d38 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 17 Nov 2016 05:52:31 +0000
Subject: Retire CVE-2015-8961

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4716 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2015-8961 | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 retired/CVE-2015-8961

(limited to 'retired/CVE-2015-8961')

diff --git a/retired/CVE-2015-8961 b/retired/CVE-2015-8961
new file mode 100644
index 00000000..52d1bf05
--- /dev/null
+++ b/retired/CVE-2015-8961
@@ -0,0 +1,12 @@
+Description: potential use after free in __ext4_journal_stop
+References:
+Notes:
+ carnil> Introduced in v4.2-rc2 with 9705acd63b125dee8b15c705216d7186daea4625
+ carnil> but the fixes seem to have been backported to older releases
+Bugs:
+upstream: released (4.4-rc5) [6934da9238da947628be83635e365df41064b09b]
+3.16-upstream-stable: released (3.16.7-ckt21) [13ea5f86d55974aa24931d3f9acf56e822b31dc6]
+3.2-upstream-stable: N/A "Vulnerable code not introduced later"
+sid: released (4.3.3-1)
+3.16-jessie-security: released (3.16.7-ckt25-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3