From 91d7544f9fdbc7ffb67a099b9576cae72ed19d5d Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 16 Mar 2017 08:20:15 +0000
Subject: Retire CVEs fixed everywhere needed

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5086 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2017-6346 | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 retired/CVE-2017-6346

(limited to 'retired/CVE-2017-6346')

diff --git a/retired/CVE-2017-6346 b/retired/CVE-2017-6346
new file mode 100644
index 00000000..5230f7ff
--- /dev/null
+++ b/retired/CVE-2017-6346
@@ -0,0 +1,13 @@
+Description: packet: fix races in fanout_add()
+References:
+Notes:
+ bwh> The races can clearly lead to a UAF since 4.2.  The impact may be
+ bwh> less severe in earlier versions but still needs to be fixed.
+Bugs:
+upstream: released (4.10) [d199fab63c11998a602205f7ee7ff7c05c97164b]
+4.9-upstream-stable: released (4.9.13) [722737f27774b14be5a1d2d3b9281dcded7c48b2]
+3.16-upstream-stable: released (3.16.42) [packet-fix-races-in-fanout_add.patch]
+3.2-upstream-stable: released (3.2.87) [packet-fix-races-in-fanout_add.patch]
+sid: released (4.9.13-1)
+3.16-jessie-security: released (3.16.39-1+deb8u2) [bugfix/all/packet-fix-races-in-fanout_add.patch]
+3.2-wheezy-security: released (3.2.86-1) [bugfix/all/packet-fix-races-in-fanout_add.patch]
-- 
cgit v1.2.3