[kernel-sec-discuss] r3905 - active retired
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Aug 20 23:21:39 UTC 2015
Author: jmm
Date: 2015-08-20 23:21:39 +0000 (Thu, 20 Aug 2015)
New Revision: 3905
Added:
retired/CVE-2015-1333
retired/CVE-2015-3290
Removed:
active/CVE-2015-1333
active/CVE-2015-3290
Log:
retire
Deleted: active/CVE-2015-1333
===================================================================
--- active/CVE-2015-1333 2015-08-20 23:20:45 UTC (rev 3904)
+++ active/CVE-2015-1333 2015-08-20 23:21:39 UTC (rev 3905)
@@ -1,15 +0,0 @@
-Description: Replacement of keys leaks memory
-References: https://marc.info/?l=oss-security&m=143800676725867&w=2
-Notes:
- bwh> Appears to have been introduced by commit 034faeb9ef39
- bwh> ("KEYS: Fix keyring quota misaccounting on key replacement and unlink")
- bwh> in 3.13.
-Bugs:
-upstream: released (4.2-rc5) [ca4da5dd1f99fe9c59f1709fb43e818b18ad20e0]
-3.16-upstream-stable: released (3.16.7-ckt16)
-3.2-upstream-stable: N/A ("Vulnerable code not present")
-2.6.32-upstream-stable: N/A ("Vulnerable code not present")
-sid: released (4.1.3-1) [bugfix/all/keys-ensure-we-free-the-assoc-array-edit-if-edit-is-valid.patch]
-3.16-jessie-security: released (3.16.7-ckt11-1+deb8u3) [bugfix/all/keys-ensure-we-free-the-assoc-array-edit-if-edit-is-valid.patch]
-3.2-wheezy-security: N/A ("Vulnerable code not present")
-2.6.32-squeeze-security: N/A ("Vulnerable code not present")
Deleted: active/CVE-2015-3290
===================================================================
--- active/CVE-2015-3290 2015-08-20 23:20:45 UTC (rev 3904)
+++ active/CVE-2015-3290 2015-08-20 23:21:39 UTC (rev 3905)
@@ -1,16 +0,0 @@
-Description: Privilege escalation by triggering nested NMI on x86_64
-References: https://marc.info/?l=oss-security&m=143758877425647&w=2
-Notes:
- Seems to have been introduced by espfix64 in 3.16, but only in combination
- with commit 3f3c8b8c4b2a ("x86: Add workaround to NMI iret woes", 3.3)
- and commit e00b12e64be9 ("perf/x86: Further optimize copy_from_user_nmi()",
- 3.13). espfix64 was backported to 3.2 but the others weren't.
-Bugs:
-upstream: released (4.2-rc3) [9d05041679904b12c12421cbcf9cb5f4860a8d7b, 0e181bb58143cb4a2e8f01c281b0816cd0e4798e, 9b6e6a8334d56354853f9c255d1395c2ba570e0a]
-3.16-upstream-stable: released (3.16.7-ckt16)
-3.2-upstream-stable: N/A ("Vulnerable code not present")
-2.6.32-upstream-stable: N/A ("Vulnerable code not present")
-sid: released (4.0.8-2)
-3.16-jessie-security: released (3.16.7-ckt11-1+deb8u2)
-3.2-wheezy-security: N/A ("Vulnerable code not present")
-2.6.32-squeeze-security: N/A ("Vulnerable code not present")
Copied: retired/CVE-2015-1333 (from rev 3904, active/CVE-2015-1333)
===================================================================
--- retired/CVE-2015-1333 (rev 0)
+++ retired/CVE-2015-1333 2015-08-20 23:21:39 UTC (rev 3905)
@@ -0,0 +1,15 @@
+Description: Replacement of keys leaks memory
+References: https://marc.info/?l=oss-security&m=143800676725867&w=2
+Notes:
+ bwh> Appears to have been introduced by commit 034faeb9ef39
+ bwh> ("KEYS: Fix keyring quota misaccounting on key replacement and unlink")
+ bwh> in 3.13.
+Bugs:
+upstream: released (4.2-rc5) [ca4da5dd1f99fe9c59f1709fb43e818b18ad20e0]
+3.16-upstream-stable: released (3.16.7-ckt16)
+3.2-upstream-stable: N/A ("Vulnerable code not present")
+2.6.32-upstream-stable: N/A ("Vulnerable code not present")
+sid: released (4.1.3-1) [bugfix/all/keys-ensure-we-free-the-assoc-array-edit-if-edit-is-valid.patch]
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u3) [bugfix/all/keys-ensure-we-free-the-assoc-array-edit-if-edit-is-valid.patch]
+3.2-wheezy-security: N/A ("Vulnerable code not present")
+2.6.32-squeeze-security: N/A ("Vulnerable code not present")
Copied: retired/CVE-2015-3290 (from rev 3904, active/CVE-2015-3290)
===================================================================
--- retired/CVE-2015-3290 (rev 0)
+++ retired/CVE-2015-3290 2015-08-20 23:21:39 UTC (rev 3905)
@@ -0,0 +1,16 @@
+Description: Privilege escalation by triggering nested NMI on x86_64
+References: https://marc.info/?l=oss-security&m=143758877425647&w=2
+Notes:
+ Seems to have been introduced by espfix64 in 3.16, but only in combination
+ with commit 3f3c8b8c4b2a ("x86: Add workaround to NMI iret woes", 3.3)
+ and commit e00b12e64be9 ("perf/x86: Further optimize copy_from_user_nmi()",
+ 3.13). espfix64 was backported to 3.2 but the others weren't.
+Bugs:
+upstream: released (4.2-rc3) [9d05041679904b12c12421cbcf9cb5f4860a8d7b, 0e181bb58143cb4a2e8f01c281b0816cd0e4798e, 9b6e6a8334d56354853f9c255d1395c2ba570e0a]
+3.16-upstream-stable: released (3.16.7-ckt16)
+3.2-upstream-stable: N/A ("Vulnerable code not present")
+2.6.32-upstream-stable: N/A ("Vulnerable code not present")
+sid: released (4.0.8-2)
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u2)
+3.2-wheezy-security: N/A ("Vulnerable code not present")
+2.6.32-squeeze-security: N/A ("Vulnerable code not present")
More information about the kernel-sec-discuss
mailing list