From 9a53b9c6d958966fc78a6511fbe0f7926448251a Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 24 Dec 2017 07:36:56 +0000
Subject: Retire several CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5834 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2017-15126 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 retired/CVE-2017-15126

(limited to 'retired/CVE-2017-15126')

diff --git a/retired/CVE-2017-15126 b/retired/CVE-2017-15126
new file mode 100644
index 00000000..ff7cd85f
--- /dev/null
+++ b/retired/CVE-2017-15126
@@ -0,0 +1,15 @@
+Description: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1523481
+Notes:
+ bwh> Introduced in 4.11 by commit 893e26e61d04 "userfaultfd: non-cooperative:
+ bwh> Add fork() event".
+Bugs:
+upstream: released (4.14-rc4) [384632e67e0829deb8015ee6ad916b180049d252]
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.10-1)
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3