Retire several CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5834 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2017-12-24 07:36:56 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-12-24 07:36:56 +0000
commit: 9a53b9c6d958966fc78a6511fbe0f7926448251a (patch)
tree: a5ba1eb6c02bfcf7657c37693c6899359b5ba2af /retired/CVE-2017-16996
parent: 2193ab58e9173e2630c27364d10dbf9ea304a80b (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2017-16996 b/retired/CVE-2017-16996
new file mode 100644
index 00000000..44cdde56
--- /dev/null
+++ b/retired/CVE-2017-16996
@@ -0,0 +1,15 @@
+Description: bpf: fix incorrect tracking of register size truncation
+References:
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1454
+ http://www.openwall.com/lists/oss-security/2017/12/21/2
+Notes:
+ carnil> Introduced in 4.14-rc1 with b03c9f9fdc37dab81ea04d5dacdc5995d4c224c2
+Bugs:
+upstream: released (4.15-rc5) [0c17d1d2c61936401f4702e1846e2c19b200f958]
+4.9-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+sid: released (4.14.7-1) [bugfix/all/bpf-fix-incorrect-tracking-of-register-size-truncati.patch]
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"
author	Salvatore Bonaccorso <carnil@debian.org>	2017-12-24 07:36:56 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-12-24 07:36:56 +0000
commit	9a53b9c6d958966fc78a6511fbe0f7926448251a (patch)
tree	a5ba1eb6c02bfcf7657c37693c6899359b5ba2af /retired/CVE-2017-16996
parent	2193ab58e9173e2630c27364d10dbf9ea304a80b (diff)