From 5995bb05fadb43acd248258147490c1c08ae951a Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 28 Jun 2016 08:34:54 +0000
Subject: Retire several CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4499 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2016-3134 | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 retired/CVE-2016-3134

(limited to 'retired/CVE-2016-3134')

diff --git a/retired/CVE-2016-3134 b/retired/CVE-2016-3134
new file mode 100644
index 00000000..381ac247
--- /dev/null
+++ b/retired/CVE-2016-3134
@@ -0,0 +1,19 @@
+Description: netfilter IPT_SO_SET_REPLACE memory corruption
+References:
+ https://code.google.com/p/google-security-research/issues/detail?id=758
+ https://patchwork.ozlabs.org/patch/595575/
+ https://patchwork.ozlabs.org/patch/599721/
+ http://marc.info/?l=netfilter-devel&m=145757134822741&w=2
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=bdf533de6968e9686df777dc178486f600c6e617
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
+Notes:
+ carnil> Can be triggered by an unprivileged user on PF_INET sockets when
+ carnil> unprivileged user namespaces are available (CONFIG_USER_NS=y)
+ bwh> The upstream fixes (in davem/net.git) are the last two listed above
+Bugs:
+upstream: released (4.6-rc2) [bdf533de6968e9686df777dc178486f600c6e617, 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91]
+3.16-upstream-stable: released (3.16.35) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+3.2-upstream-stable: released (3.2.80) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+sid: released (4.5.1-1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+3.2-wheezy-security: released (3.2.81-1)
-- 
cgit v1.2.3