[kernel-sec-discuss] r3299 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Apr 11 12:57:40 UTC 2014 

Author: jmm
Date: 2014-04-11 12:56:36 +0000 (Fri, 11 Apr 2014)
New Revision: 3299

Added:
   retired/CVE-2014-2739
Removed:
   active/CVE-2014-2739
Log:
retire


Deleted: active/CVE-2014-2739
===================================================================
--- active/CVE-2014-2739	2014-04-11 12:55:08 UTC (rev 3298)
+++ active/CVE-2014-2739	2014-04-11 12:56:36 UTC (rev 3299)
@@ -1,17 +0,0 @@
-Description: IB/core: Don't resolve passive side RoCE L2 address in CMA REQ handler
-References:
-Notes:
- From oss-sec:
- Linux kernel built with the InfiniBand communication link(CONFIG_INFINIBAND)
- along with the support for Remote Direct Memory Access(RDMA) over Convered
- Ethernet(RoCE), is vulnerable to a crash caused by invalid memory access.
- It occurs while trying to resolve RoCE L2 address on the server side.
- A remote unprivileged user/program could use this flaw to crash the kernel,
- resulting in DoS.
-Bugs:
-upstream: released (3.14-rc4) [b2853fd6c2d0f383dbdf7427e263eb576a633867]
-2.6.32-upstream-stable: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"
-sid: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"
-3.2-wheezy-security: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"
-2.6.32-squeeze-security: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"
-3.2-upstream-stable: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"

Copied: retired/CVE-2014-2739 (from rev 3298, active/CVE-2014-2739)
===================================================================
--- retired/CVE-2014-2739	                        (rev 0)
+++ retired/CVE-2014-2739	2014-04-11 12:56:36 UTC (rev 3299)
@@ -0,0 +1,17 @@
+Description: IB/core: Don't resolve passive side RoCE L2 address in CMA REQ handler
+References:
+Notes:
+ From oss-sec:
+ Linux kernel built with the InfiniBand communication link(CONFIG_INFINIBAND)
+ along with the support for Remote Direct Memory Access(RDMA) over Convered
+ Ethernet(RoCE), is vulnerable to a crash caused by invalid memory access.
+ It occurs while trying to resolve RoCE L2 address on the server side.
+ A remote unprivileged user/program could use this flaw to crash the kernel,
+ resulting in DoS.
+Bugs:
+upstream: released (3.14-rc4) [b2853fd6c2d0f383dbdf7427e263eb576a633867]
+2.6.32-upstream-stable: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"
+sid: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"
+3.2-wheezy-security: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"
+2.6.32-squeeze-security: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"
+3.2-upstream-stable: N/A "Introduced in 3.14-rc1 with dd5f03beb4f76ae65d76d8c22a8815e424fc607c"


Property changes on: retired/CVE-2014-2739
___________________________________________________________________
Added: svn:mergeinfo
   +

More information about the kernel-sec-discuss mailing list