From cd51c46f0037e54d1e4eab1a24921b413ed996fb Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 20 Jan 2018 09:56:30 +0100
Subject: Retire CVE-2017-17741

---
 retired/CVE-2017-17741 | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 retired/CVE-2017-17741

(limited to 'retired/CVE-2017-17741')

diff --git a/retired/CVE-2017-17741 b/retired/CVE-2017-17741
new file mode 100644
index 00000000..c59274ad
--- /dev/null
+++ b/retired/CVE-2017-17741
@@ -0,0 +1,17 @@
+Description: KVM: X86: Fix stack-out-of-bounds read in write_mmio
+References:
+ https://www.spinics.net/lists/kvm/msg160710.html
+ https://www.spinics.net/lists/kvm/msg160796.html
+Notes:
+ bwh> This appears to only affect the write_mmio tracepoint, so it won't do any
+ bwh> harm unless that tracepoint is enabled.  Introduced in 2.6.32 by commit
+ bwh> aec51dc4f158 "KVM: Trace mmio".
+Bugs:
+upstream: released (4.15-rc5) [e39d200fa5bf5b94a0948db0dae44c1b73b84a56]
+4.9-upstream-stable: released (4.9.77) [c781e3be97a1cbeef8c853101e8f266db556b0a3]
+3.16-upstream-stable: released (3.16.52) [7cc7f67418296f829a284b6e2d4c62d937f15faa]
+3.2-upstream-stable: released (3.2.97) [26a8a3c531ae847048ee9126f07cb07424bd4724]
+sid: released (4.14.7-1) [bugfix/all/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch]
+3.16-jessie-security: released (3.16.51-3+deb8u1) [bugfix/all/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch]
+3.2-wheezy-security: released (3.2.96-3) [bugfix/x86/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch]
-- 
cgit v1.2.3