diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-05-03 17:00:04 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-05-03 17:00:04 +0100 |
commit | 029478f9993cf62c96d464443e1bf6569bb6254a (patch) | |
tree | 55fb0463b060ed7be3681a38da3caad9bf65842e /retired/CVE-2019-9213 | |
parent | a2859f875666b5a83fdd4d024b4890a0dcbf501c (diff) |
Retire CVE-2019-9213, fixed everywhere
Diffstat (limited to 'retired/CVE-2019-9213')
-rw-r--r-- | retired/CVE-2019-9213 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2019-9213 b/retired/CVE-2019-9213 new file mode 100644 index 00000000..bbb99eb8 --- /dev/null +++ b/retired/CVE-2019-9213 @@ -0,0 +1,17 @@ +Description: mm: enforce min addr even if capable() in expand_downwards() +References: + https://bugs.chromium.org/p/project-zero/issues/detail?id=1792 +Notes: + bwh> This is effectively mitigated in stable branches that backported + bwh> the Stack Clash fixes without commit 32e4e6d5cbb0 "mm/mmap.c: + bwh> expand_downwards: don't require the gap if !vm_prev", as the + bwh> stack won't expand below stack_guard_gap. However Debian + bwh> security branches do include that commit. +Bugs: +upstream: released (5.0) [0a1d52994d440e21def1c2174932410b4f2a98a1] +4.19-upstream-stable: released (4.19.27) [de04d2973a62e4efb3de45e93bd46acd6d510e0a] +4.9-upstream-stable: released (4.9.162) [331fc4df776be3e5a88a1a9f08ef2f7e063ef1a9] +3.16-upstream-stable: released (3.16.66) [mm-enforce-min-addr-even-if-capable-in-expand_downwards.patch] +sid: released (4.19.28-1) +4.9-stretch-security: released (4.9.168-1) +3.16-jessie-security: released (3.16.64-1) [bugfix/all/mm-enforce-min-addr-even-if-capable-in-expand_downwa.patch] |