[kernel-sec-discuss] r3601 - active retired
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Dec 9 05:23:28 UTC 2014
Author: jmm
Date: 2014-12-09 05:23:28 +0000 (Tue, 09 Dec 2014)
New Revision: 3601
Added:
retired/CVE-2012-6657
retired/CVE-2014-3673
retired/CVE-2014-4508
retired/CVE-2014-4608
retired/CVE-2014-5077
retired/CVE-2014-5471
retired/CVE-2014-5472
Removed:
active/CVE-2012-6657
active/CVE-2014-3673
active/CVE-2014-4508
active/CVE-2014-4608
active/CVE-2014-5077
active/CVE-2014-5471
active/CVE-2014-5472
Log:
retire
Deleted: active/CVE-2012-6657
===================================================================
--- active/CVE-2012-6657 2014-12-09 05:21:46 UTC (rev 3600)
+++ active/CVE-2012-6657 2014-12-09 05:23:28 UTC (rev 3601)
@@ -1,11 +0,0 @@
-Description: net: guard tcp_set_keepalive() to tcp sockets
-References:
-Notes:
-Bugs:
-upstream: released (3.6-1) [3e10986d1d698140747fcfc2761ec9cb64c1d582]
-2.6.32-upstream-stable: released (2.6.32.61)
-sid: released (3.6.4-1)
-3.2-wheezy-security: released (3.2.32-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze9)
-3.16-upstream-stable: N/A
-3.2-upstream-stable: released (3.2.31)
Deleted: active/CVE-2014-3673
===================================================================
--- active/CVE-2014-3673 2014-12-09 05:21:46 UTC (rev 3600)
+++ active/CVE-2014-3673 2014-12-09 05:23:28 UTC (rev 3601)
@@ -1,11 +0,0 @@
-Description: sctp: skb_over_panic when receiving malformed ASCONF chunks
-References:
-Notes:
-Bugs:
-upstream: released (v3.18-rc1) [9de7922bc709eee2f609cd01d98aaedc4cf5ea74]
-2.6.32-upstream-stable: released (2.6.32.64)
-sid: released (3.16.7-1) [bugfix/all/net-sctp-fix-skb_over_panic-when-receiving-malformed.patch]
-3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/all/net-sctp-fix-skb_over_panic-when-receiving-malformed.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze9)
-3.16-upstream-stable: released (3.16.7-ckt1)
-3.2-upstream-stable: released (3.2.64)
Deleted: active/CVE-2014-4508
===================================================================
--- active/CVE-2014-4508 2014-12-09 05:21:46 UTC (rev 3600)
+++ active/CVE-2014-4508 2014-12-09 05:23:28 UTC (rev 3601)
@@ -1,12 +0,0 @@
-Description: audit denial of service on 32 systems
-References:
- https://lkml.org/lkml/2014/6/16/682
-Notes:
-Bugs:
-upstream: released (3.16-rc3) [554086d85e71f30abe46fc014fea31929a7c6a8a]
-2.6.32-upstream-stable: released (2.6.32.64)
-sid: released (3.14.9-1) [bugfix/x86/x86_32-entry-Do-syscall-exit-work-on-badsys-CVE-2014.patch]
-3.2-wheezy-security: released (3.2.60-1) [bugfix/x86/x86_32-entry-Do-syscall-exit-work-on-badsys-CVE-2014.patch]
-3.16-upstream-stable: N/A
-2.6.32-squeeze-security: released (2.6.32-48squeeze9)
-3.2-upstream-stable: released (3.2.61) [x86_32-entry-do-syscall-exit-work-on-badsys-cve-2014-4508.patch]
Deleted: active/CVE-2014-4608
===================================================================
--- active/CVE-2014-4608 2014-12-09 05:21:46 UTC (rev 3600)
+++ active/CVE-2014-4608 2014-12-09 05:23:28 UTC (rev 3601)
@@ -1,12 +0,0 @@
-Description: lzo integer overflow
-References:
-Notes:
- jmm> Not exploiable according to http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html
-Bugs:
-upstream: released (3.16-rc3) [206a81c18401c0cde6e579164f752c4b147324ce]
-2.6.32-upstream-stable: released (2.6.32.64)
-sid: released (3.14.9-1)
-3.2-wheezy-security: released (3.2.63-1)
-3.16-upstream-stable: N/A
-2.6.32-squeeze-security: released (2.6.32-48squeeze9)
-3.2-upstream-stable: released (3.2.61) [lib-lzo-rename-lzo1x_decompress.c-to-lzo1x_decompress_safe.c.patch, lib-lzo-update-lzo-compression-to-current-upstream-version.patch, lzo-properly-check-for-overruns.patch]
Deleted: active/CVE-2014-5077
===================================================================
--- active/CVE-2014-5077 2014-12-09 05:21:46 UTC (rev 3600)
+++ active/CVE-2014-5077 2014-12-09 05:23:28 UTC (rev 3601)
@@ -1,14 +0,0 @@
-Description: SCTP remote denial of service
-References:
- http://patchwork.ozlabs.org/patch/372475/
-Notes:
- bwh> Commit message says bug has been present since commit 730fc3d05cd4
- bwh> ('[SCTP]: Implete SCTP-AUTH parameter processing') i.e. in 2.6.24.
-Bugs:
-upstream: released (3.16) [1be9a950c646c9092fb3618197f7b6bfb50e82aa]
-2.6.32-upstream-stable: released (2.6.32.64)
-sid: released (3.14.15-1) [bugfix/all/net-sctp-inherit-auth_capable-on-INIT-collisions.patch]
-3.2-wheezy-security: released (3.2.63-1)
-3.16-upstream-stable: N/A
-2.6.32-squeeze-security: released (2.6.32-48squeeze9)
-3.2-upstream-stable: released (3.2.63) [net-sctp-inherit-auth_capable-on-init-collisions.patch]
Deleted: active/CVE-2014-5471
===================================================================
--- active/CVE-2014-5471 2014-12-09 05:21:46 UTC (rev 3600)
+++ active/CVE-2014-5471 2014-12-09 05:23:28 UTC (rev 3601)
@@ -1,11 +0,0 @@
-Description: unbound recursion in ISOFS - crashes / reboots a kernel due to kernel stack overflow / corruption
-References:
-Notes:
-Bugs:
-upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4]
-2.6.32-upstream-stable: released (2.6.32.64)
-sid: released (3.16.2-2)
-3.2-wheezy-security: released (3.2.63-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze9)
-3.16-upstream-stable: released (3.16.2)
-3.2-upstream-stable: released (3.2.63) [isofs-fix-unbounded-recursion-when-processing-relocated-directories.patch]
Deleted: active/CVE-2014-5472
===================================================================
--- active/CVE-2014-5472 2014-12-09 05:21:46 UTC (rev 3600)
+++ active/CVE-2014-5472 2014-12-09 05:23:28 UTC (rev 3601)
@@ -1,11 +0,0 @@
-Description: unbound recursion in ISOFS - causes a deadlock in the mount process in "inode_wait"
-References:
-Notes:
-Bugs:
-upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4]
-2.6.32-upstream-stable: released (2.6.32.64)
-sid: released (3.16.2-2)
-3.2-wheezy-security: released (3.2.63-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze9)
-3.16-upstream-stable: released (3.16.2)
-3.2-upstream-stable: released (3.2.63) [isofs-fix-unbounded-recursion-when-processing-relocated-directories.patch]
Copied: retired/CVE-2012-6657 (from rev 3600, active/CVE-2012-6657)
===================================================================
--- retired/CVE-2012-6657 (rev 0)
+++ retired/CVE-2012-6657 2014-12-09 05:23:28 UTC (rev 3601)
@@ -0,0 +1,11 @@
+Description: net: guard tcp_set_keepalive() to tcp sockets
+References:
+Notes:
+Bugs:
+upstream: released (3.6-1) [3e10986d1d698140747fcfc2761ec9cb64c1d582]
+2.6.32-upstream-stable: released (2.6.32.61)
+sid: released (3.6.4-1)
+3.2-wheezy-security: released (3.2.32-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze9)
+3.16-upstream-stable: N/A
+3.2-upstream-stable: released (3.2.31)
Property changes on: retired/CVE-2012-6657
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-3673 (from rev 3600, active/CVE-2014-3673)
===================================================================
--- retired/CVE-2014-3673 (rev 0)
+++ retired/CVE-2014-3673 2014-12-09 05:23:28 UTC (rev 3601)
@@ -0,0 +1,11 @@
+Description: sctp: skb_over_panic when receiving malformed ASCONF chunks
+References:
+Notes:
+Bugs:
+upstream: released (v3.18-rc1) [9de7922bc709eee2f609cd01d98aaedc4cf5ea74]
+2.6.32-upstream-stable: released (2.6.32.64)
+sid: released (3.16.7-1) [bugfix/all/net-sctp-fix-skb_over_panic-when-receiving-malformed.patch]
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/all/net-sctp-fix-skb_over_panic-when-receiving-malformed.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze9)
+3.16-upstream-stable: released (3.16.7-ckt1)
+3.2-upstream-stable: released (3.2.64)
Property changes on: retired/CVE-2014-3673
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-4508 (from rev 3600, active/CVE-2014-4508)
===================================================================
--- retired/CVE-2014-4508 (rev 0)
+++ retired/CVE-2014-4508 2014-12-09 05:23:28 UTC (rev 3601)
@@ -0,0 +1,12 @@
+Description: audit denial of service on 32 systems
+References:
+ https://lkml.org/lkml/2014/6/16/682
+Notes:
+Bugs:
+upstream: released (3.16-rc3) [554086d85e71f30abe46fc014fea31929a7c6a8a]
+2.6.32-upstream-stable: released (2.6.32.64)
+sid: released (3.14.9-1) [bugfix/x86/x86_32-entry-Do-syscall-exit-work-on-badsys-CVE-2014.patch]
+3.2-wheezy-security: released (3.2.60-1) [bugfix/x86/x86_32-entry-Do-syscall-exit-work-on-badsys-CVE-2014.patch]
+3.16-upstream-stable: N/A
+2.6.32-squeeze-security: released (2.6.32-48squeeze9)
+3.2-upstream-stable: released (3.2.61) [x86_32-entry-do-syscall-exit-work-on-badsys-cve-2014-4508.patch]
Property changes on: retired/CVE-2014-4508
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-4608 (from rev 3600, active/CVE-2014-4608)
===================================================================
--- retired/CVE-2014-4608 (rev 0)
+++ retired/CVE-2014-4608 2014-12-09 05:23:28 UTC (rev 3601)
@@ -0,0 +1,12 @@
+Description: lzo integer overflow
+References:
+Notes:
+ jmm> Not exploiable according to http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html
+Bugs:
+upstream: released (3.16-rc3) [206a81c18401c0cde6e579164f752c4b147324ce]
+2.6.32-upstream-stable: released (2.6.32.64)
+sid: released (3.14.9-1)
+3.2-wheezy-security: released (3.2.63-1)
+3.16-upstream-stable: N/A
+2.6.32-squeeze-security: released (2.6.32-48squeeze9)
+3.2-upstream-stable: released (3.2.61) [lib-lzo-rename-lzo1x_decompress.c-to-lzo1x_decompress_safe.c.patch, lib-lzo-update-lzo-compression-to-current-upstream-version.patch, lzo-properly-check-for-overruns.patch]
Property changes on: retired/CVE-2014-4608
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-5077 (from rev 3600, active/CVE-2014-5077)
===================================================================
--- retired/CVE-2014-5077 (rev 0)
+++ retired/CVE-2014-5077 2014-12-09 05:23:28 UTC (rev 3601)
@@ -0,0 +1,14 @@
+Description: SCTP remote denial of service
+References:
+ http://patchwork.ozlabs.org/patch/372475/
+Notes:
+ bwh> Commit message says bug has been present since commit 730fc3d05cd4
+ bwh> ('[SCTP]: Implete SCTP-AUTH parameter processing') i.e. in 2.6.24.
+Bugs:
+upstream: released (3.16) [1be9a950c646c9092fb3618197f7b6bfb50e82aa]
+2.6.32-upstream-stable: released (2.6.32.64)
+sid: released (3.14.15-1) [bugfix/all/net-sctp-inherit-auth_capable-on-INIT-collisions.patch]
+3.2-wheezy-security: released (3.2.63-1)
+3.16-upstream-stable: N/A
+2.6.32-squeeze-security: released (2.6.32-48squeeze9)
+3.2-upstream-stable: released (3.2.63) [net-sctp-inherit-auth_capable-on-init-collisions.patch]
Property changes on: retired/CVE-2014-5077
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-5471 (from rev 3600, active/CVE-2014-5471)
===================================================================
--- retired/CVE-2014-5471 (rev 0)
+++ retired/CVE-2014-5471 2014-12-09 05:23:28 UTC (rev 3601)
@@ -0,0 +1,11 @@
+Description: unbound recursion in ISOFS - crashes / reboots a kernel due to kernel stack overflow / corruption
+References:
+Notes:
+Bugs:
+upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4]
+2.6.32-upstream-stable: released (2.6.32.64)
+sid: released (3.16.2-2)
+3.2-wheezy-security: released (3.2.63-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze9)
+3.16-upstream-stable: released (3.16.2)
+3.2-upstream-stable: released (3.2.63) [isofs-fix-unbounded-recursion-when-processing-relocated-directories.patch]
Property changes on: retired/CVE-2014-5471
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-5472 (from rev 3600, active/CVE-2014-5472)
===================================================================
--- retired/CVE-2014-5472 (rev 0)
+++ retired/CVE-2014-5472 2014-12-09 05:23:28 UTC (rev 3601)
@@ -0,0 +1,11 @@
+Description: unbound recursion in ISOFS - causes a deadlock in the mount process in "inode_wait"
+References:
+Notes:
+Bugs:
+upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4]
+2.6.32-upstream-stable: released (2.6.32.64)
+sid: released (3.16.2-2)
+3.2-wheezy-security: released (3.2.63-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze9)
+3.16-upstream-stable: released (3.16.2)
+3.2-upstream-stable: released (3.2.63) [isofs-fix-unbounded-recursion-when-processing-relocated-directories.patch]
Property changes on: retired/CVE-2014-5472
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list