diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2016-01-25 17:16:52 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2016-01-25 17:16:52 +0000 |
| commit | 0454a5a72955bfdc4d46ace9334a1d8f690c34d9 (patch) | |
| tree | 56854612961ed11c7df78cf7016e579f8225fb27 /retired/CVE-2015-8543 | |
| parent | b42704c607f5b4e2cb5d877b053f4b2d6ec6aaf2 (diff) | |
retire, these are fixed everywhere and pending for 2.6.32.x
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4115 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2015-8543')
| -rw-r--r-- | retired/CVE-2015-8543 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2015-8543 b/retired/CVE-2015-8543 new file mode 100644 index 00000000..a4a94ba0 --- /dev/null +++ b/retired/CVE-2015-8543 @@ -0,0 +1,17 @@ +Description: Connecting raw socket with invalid protocol number causes oops +References: + http://www.openwall.com/lists/oss-security/2015/12/09/3 + http://article.gmane.org/gmane.linux.network/391482 +Notes: + bwh> Only exploitable with CAP_NET_RAW. Since Linux 3.8 the capability + bwh> checks use ns_capable() and containers can also exploit this. + bwh> For earlier versions it's not important. +Bugs: +upstream: released (4.4-rc6) [79462ad02e861803b3840cc782248c7359451cd9] +3.16-upstream-stable: released (3.16.7-ckt22) +3.2-upstream-stable: released (3.2.75) [net-add-validation-for-the-socket-syscall-protocol-argument.patch] +2.6.32-upstream-stable: pending (2.6.32.70) +sid: released (4.3.3-1) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch] +3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch] +3.2-wheezy-security: released (3.2.73-2+deb7u2) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch] +2.6.32-squeeze-security: released (2.6.32-48squeeze18) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch] |