From d6ce9ee6d4c958926ec6efa83eb940d75c80c0bc Mon Sep 17 00:00:00 2001
From: Ben Hutchings <benh@debian.org>
Date: Wed, 20 Sep 2017 20:36:39 +0000
Subject: Retire issues that are now released, N/A, or ignored in all branches

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5589 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2017-7889 | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 retired/CVE-2017-7889

(limited to 'retired/CVE-2017-7889')

diff --git a/retired/CVE-2017-7889 b/retired/CVE-2017-7889
new file mode 100644
index 00000000..3b456ab0
--- /dev/null
+++ b/retired/CVE-2017-7889
@@ -0,0 +1,17 @@
+Description: CONFIG_STRICT_DEVMEM does not prevent read/write of system RAM under 1MB
+References:
+ http://www.openwall.com/lists/oss-security/2017/04/16/4
+Notes:
+ bwh> This issue seems to include only read/write, as mmap is not
+ bwh> covered by the commit referenced.  So I can't see a security
+ bwh> benefit in fixing just this, although there is a *stability*
+ bwh> benefit for newer versions with CONFIG_HARDENED_USERCOPY.
+Bugs:
+upstream: released (4.11-rc7) [a4866aa812518ed1a37d8ea0c881dc946409de94]
+4.9-upstream-stable: released (4.9.24) [2c0ad235ac77f2fc2eee593bf06822cad772e0e2]
+3.16-upstream-stable: released (3.16.46) [3cbd86d25eeb61e57cb3367fe302c271b0c70fb2]
+3.2-upstream-stable: released (3.2.91) [b8f254aa17f720053054c4ecff3920973a83b9d6]
+sid: released (4.9.25-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/mm-Tighten-x86-dev-mem-with-zeroing-reads.patch b/debian/patches/bugfix/x86/mm-Tighten-x86-dev-mem-with-zeroing-reads.patch]
+3.2-wheezy-security: released (3.2.93-1)
-- 
cgit v1.2.3