[kernel-sec-discuss] r3361 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Jun 4 14:20:41 UTC 2014 

Author: jmm
Date: 2014-06-04 14:20:41 +0000 (Wed, 04 Jun 2014)
New Revision: 3361

Added:
   retired/CVE-2014-0131
   retired/CVE-2014-0155
Removed:
   active/CVE-2014-0131
   active/CVE-2014-0155
Log:
retire


Deleted: active/CVE-2014-0131
===================================================================
--- active/CVE-2014-0131	2014-06-04 14:20:21 UTC (rev 3360)
+++ active/CVE-2014-0131	2014-06-04 14:20:41 UTC (rev 3361)
@@ -1,11 +0,0 @@
-Description: net: use-after-free during segmentation with zerocopy
-References:
- http://marc.info/?l=linux-netdev&m=139446896921968&w=2
-Notes:
-Bugs:
-upstream: released (3.14-rc7) [8cb19905e9287a93ce7c2cbbdf742a060b00e219, 4e1beba12d094c6c761ba5c49032b9b9e46380e8, df5771ffefb13f8af5392bd54fd7e2b596a3a357, 1a4cedaf65491e66e1e55b8428c89209da729209, 1fd819ecb90cc9b822cd84d3056ddba315d3340f]
-2.6.32-upstream-stable: N/A "zerocopy introduced in 3.1"
-sid: released (3.13.6-1) [bugfix/all/net-use-kfree_skb_list-helper.patch, bugfix/all/0001-skbuff-skb_segment-s-frag-nskb_frag.patch, bugfix/all/0002-skbuff-skb_segment-s-skb_frag-frag.patch, bugfix/all/0003-skbuff-skb_segment-s-skb-head_skb.patch, bugfix/all/0004-skbuff-skb_segment-s-fskb-list_skb.patch, bugfix/all/0005-skbuff-skb_segment-orphan-frags-before-copying.patch]
-3.2-wheezy-security: released (3.2.57-1) [bugfix/all/skbuff-skb_segment-orphan-frags-before-copying.patch]
-2.6.32-squeeze-security: N/A "zerocopy introduced in 3.1"
-3.2-upstream-stable:

Deleted: active/CVE-2014-0155
===================================================================
--- active/CVE-2014-0155	2014-06-04 14:20:21 UTC (rev 3360)
+++ active/CVE-2014-0155	2014-06-04 14:20:41 UTC (rev 3361)
@@ -1,11 +0,0 @@
-Description: kvm: BUG caused by invalid entry in guest ioapic redirection table
-References:
- https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60
-Notes:
-Bugs:
-upstream: released (3.15-rc2) [5678de3f15010b9022ee45673f33bcfc71d47b60]
-2.6.32-upstream-stable: N/A "Vulnerable code not present"
-sid: released (3.14.4-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
-2.6.32-squeeze-security: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"

Copied: retired/CVE-2014-0131 (from rev 3353, active/CVE-2014-0131)
===================================================================
--- retired/CVE-2014-0131	                        (rev 0)
+++ retired/CVE-2014-0131	2014-06-04 14:20:41 UTC (rev 3361)
@@ -0,0 +1,11 @@
+Description: net: use-after-free during segmentation with zerocopy
+References:
+ http://marc.info/?l=linux-netdev&m=139446896921968&w=2
+Notes:
+Bugs:
+upstream: released (3.14-rc7) [8cb19905e9287a93ce7c2cbbdf742a060b00e219, 4e1beba12d094c6c761ba5c49032b9b9e46380e8, df5771ffefb13f8af5392bd54fd7e2b596a3a357, 1a4cedaf65491e66e1e55b8428c89209da729209, 1fd819ecb90cc9b822cd84d3056ddba315d3340f]
+2.6.32-upstream-stable: N/A "zerocopy introduced in 3.1"
+sid: released (3.13.6-1) [bugfix/all/net-use-kfree_skb_list-helper.patch, bugfix/all/0001-skbuff-skb_segment-s-frag-nskb_frag.patch, bugfix/all/0002-skbuff-skb_segment-s-skb_frag-frag.patch, bugfix/all/0003-skbuff-skb_segment-s-skb-head_skb.patch, bugfix/all/0004-skbuff-skb_segment-s-fskb-list_skb.patch, bugfix/all/0005-skbuff-skb_segment-orphan-frags-before-copying.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/skbuff-skb_segment-orphan-frags-before-copying.patch]
+2.6.32-squeeze-security: N/A "zerocopy introduced in 3.1"
+3.2-upstream-stable:


Property changes on: retired/CVE-2014-0131
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2014-0155 (from rev 3353, active/CVE-2014-0155)
===================================================================
--- retired/CVE-2014-0155	                        (rev 0)
+++ retired/CVE-2014-0155	2014-06-04 14:20:41 UTC (rev 3361)
@@ -0,0 +1,11 @@
+Description: kvm: BUG caused by invalid entry in guest ioapic redirection table
+References:
+ https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60
+Notes:
+Bugs:
+upstream: released (3.15-rc2) [5678de3f15010b9022ee45673f33bcfc71d47b60]
+2.6.32-upstream-stable: N/A "Vulnerable code not present"
+sid: released (3.14.4-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
+2.6.32-squeeze-security: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"


Property changes on: retired/CVE-2014-0155
___________________________________________________________________
Added: svn:mergeinfo
   +

More information about the kernel-sec-discuss mailing list