Retire CVE-2015-8830

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4356 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2016-05-07 06:36:57 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2016-05-07 06:36:57 +0000
commit: dd2da5374f20b2db76c957967a2956cf49336c9b (patch)
tree: da72bac1b0161ff5f98325a98ef157692704b4d7 /retired/CVE-2015-8830
parent: aebee796e011c4ff72f50dc89975ee602e6ba032 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2015-8830 b/retired/CVE-2015-8830
new file mode 100644
index 00000000..e311cf40
--- /dev/null
+++ b/retired/CVE-2015-8830
@@ -0,0 +1,15 @@
+Description: aio write triggers integer overflow in some network protocols
+References:
+ https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit?id=c4f4b82694fe48b02f7a881a1797131a6dad1364
+ https://lkml.org/lkml/2016/2/23/1018
+ https://code.google.com/p/google-security-research/issues/detail?id=735
+Notes:
+ bwh> An identical issue was previously fixed by commit a70b52ec1aae, but
+ bwh> commit 41ef4eb8eef8 removed the fix.
+Bugs:
+upstream: released (4.1-rc1) [4c185ce06dca14f5cea192f5a2c981ef50663f2b]
+3.16-upstream-stable: released (3.16.7-ckt26)
+3.2-upstream-stable: N/A "Includes previous fix and not the regression"
+sid: released (4.1.3-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/aio-properly-check-iovec-sizes.patch]
+3.2-wheezy-security: N/A "Includes previous fix and not the regression"
author	Salvatore Bonaccorso <carnil@debian.org>	2016-05-07 06:36:57 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2016-05-07 06:36:57 +0000
commit	dd2da5374f20b2db76c957967a2956cf49336c9b (patch)
tree	da72bac1b0161ff5f98325a98ef157692704b4d7 /retired/CVE-2015-8830
parent	aebee796e011c4ff72f50dc89975ee602e6ba032 (diff)