Retire CVE-2019-9213, fixed everywhere

author: Ben Hutchings <ben@decadent.org.uk> 2019-05-03 17:00:04 +0100
committer: Ben Hutchings <ben@decadent.org.uk> 2019-05-03 17:00:04 +0100
commit: 029478f9993cf62c96d464443e1bf6569bb6254a (patch)
tree: 55fb0463b060ed7be3681a38da3caad9bf65842e /retired/CVE-2019-9213
parent: a2859f875666b5a83fdd4d024b4890a0dcbf501c (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2019-9213 b/retired/CVE-2019-9213
new file mode 100644
index 00000000..bbb99eb8
--- /dev/null
+++ b/retired/CVE-2019-9213
@@ -0,0 +1,17 @@
+Description: mm: enforce min addr even if capable() in expand_downwards()
+References:
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1792
+Notes:
+ bwh> This is effectively mitigated in stable branches that backported
+ bwh> the Stack Clash fixes without commit 32e4e6d5cbb0 "mm/mmap.c:
+ bwh> expand_downwards: don't require the gap if !vm_prev", as the
+ bwh> stack won't expand below stack_guard_gap.  However Debian
+ bwh> security branches do include that commit.
+Bugs:
+upstream: released (5.0) [0a1d52994d440e21def1c2174932410b4f2a98a1]
+4.19-upstream-stable: released (4.19.27) [de04d2973a62e4efb3de45e93bd46acd6d510e0a]
+4.9-upstream-stable: released (4.9.162) [331fc4df776be3e5a88a1a9f08ef2f7e063ef1a9]
+3.16-upstream-stable: released (3.16.66) [mm-enforce-min-addr-even-if-capable-in-expand_downwards.patch]
+sid: released (4.19.28-1)
+4.9-stretch-security: released (4.9.168-1)
+3.16-jessie-security: released (3.16.64-1) [bugfix/all/mm-enforce-min-addr-even-if-capable-in-expand_downwa.patch]
author	Ben Hutchings <ben@decadent.org.uk>	2019-05-03 17:00:04 +0100
committer	Ben Hutchings <ben@decadent.org.uk>	2019-05-03 17:00:04 +0100
commit	029478f9993cf62c96d464443e1bf6569bb6254a (patch)
tree	55fb0463b060ed7be3681a38da3caad9bf65842e /retired/CVE-2019-9213
parent	a2859f875666b5a83fdd4d024b4890a0dcbf501c (diff)