[kernel-sec-discuss] r3701 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Feb 24 15:47:33 UTC 2015 

Author: jmm
Date: 2015-02-24 15:47:33 +0000 (Tue, 24 Feb 2015)
New Revision: 3701

Added:
   retired/CVE-2013-6885
   retired/CVE-2014-7822
   retired/CVE-2014-8133
   retired/CVE-2014-8134
   retired/CVE-2014-8160
   retired/CVE-2014-9420
   retired/CVE-2014-9584
   retired/CVE-2014-9585
   retired/CVE-2015-1421
   retired/CVE-2015-1465
Removed:
   active/CVE-2013-6885
   active/CVE-2014-7822
   active/CVE-2014-8133
   active/CVE-2014-8134
   active/CVE-2014-8160
   active/CVE-2014-9420
   active/CVE-2014-9584
   active/CVE-2014-9585
   active/CVE-2015-1421
   active/CVE-2015-1465
Log:
retire (no need to wait for release of pending issues in 2.6.32.x LTS)


Deleted: active/CVE-2013-6885
===================================================================
--- active/CVE-2013-6885	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2013-6885	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,11 +0,0 @@
-Description: AMD family 16h erratum 793, hardware lock-up
-References:
-Notes:
-Bugs:
-upstream: released (3.14-rc2) [3b56496865f9f7d9bcb2f93b44c63f274f08e3b6]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.14.2-1)
-3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/x86/x86-cpu-amd-add-workaround-for-family-16h-erratum-79.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86-cpu-amd-add-workaround-for-family-16h-erratum-79.patch]
-3.16-upstream-stable: N/A "fixed before 3.16"
-3.2-upstream-stable: released (3.2.67) [x86-cpu-amd-add-workaround-for-family-16h-erratum-793.patch]

Deleted: active/CVE-2014-7822
===================================================================
--- active/CVE-2014-7822	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2014-7822	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,15 +0,0 @@
-Description: splice: lack of generic write checks
-References:
-Notes:
- bwh> I have a reproducer for this.  On 2.6.32 it causes ext4 to corrupt
- bwh> the filesystem (which is caught by e2fsck).  On 3.2 it causes ext4 to
- bwh> hang on umount.  ext3 and xfs don't seem to be affected.
-Bugs:
- - https://bugzilla.redhat.com/show_bug.cgi?id=1163792
-upstream: released (v3.16-rc1) [8d0207652cbe27d1f962050737848e5ad4671958]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.2-1)
-3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
-3.16-upstream-stable: N/A "fixed before 3.16"
-3.2-upstream-stable: released (3.2.67) [splice-apply-generic-position-and-size-checks-to-eac.patch]

Deleted: active/CVE-2014-8133
===================================================================
--- active/CVE-2014-8133	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2014-8133	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,11 +0,0 @@
-Description: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS
-References:
-Notes:
-Bugs:
-upstream: released (3.19-rc1) [41bdc78544b8a93a9c6814b8bbbfef966272abbe]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.7-ckt4-1)
-3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/x86/x86-tls-validate-tls-entries-to-protect-espfix.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86-tls-validate-tls-entries-to-protect-espfix.patch]
-3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: released (3.2.66) [x86-tls-validate-tls-entries-to-protect-espfix.patch]

Deleted: active/CVE-2014-8134
===================================================================
--- active/CVE-2014-8134	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2014-8134	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,14 +0,0 @@
-Description: x86: espfix not working for 32-bit KVM paravirt guests
-References:
- http://www.spinics.net/lists/kvm/msg111458.html
- https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?h=linux-next&id=29fa6825463c97e5157284db80107d1bfac5d77b
-Notes:
- This is for KVM guests, not KVM itself, so it does apply to squeeze-lts.
-Bugs:
-upstream: released (3.19-rc1) [29fa6825463c97e5157284db80107d1bfac5d77b]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.7-ckt4-1)
-3.2-wheezy-security: released (3.2.65-1) [bugfix/x86/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
-3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: released (3.2.66) [x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]

Deleted: active/CVE-2014-8160
===================================================================
--- active/CVE-2014-8160	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2014-8160	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,12 +0,0 @@
-Description: netfilter: SCTP firewalling fails until SCTP module is loaded
-References:
- http://www.spinics.net/lists/netfilter-devel/msg33430.html
-Notes:
-Bugs:
-upstream: released (3.18) [db29a9508a9246e77087c5531e45b2c88ec6988b]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.7-ckt4-1) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
-3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
-3.16-upstream-stable: released (3.16.7-ckt5)
-3.2-upstream-stable: released (3.2.67) [netfilter-conntrack-disable-generic-tracking-for-kno.patch]

Deleted: active/CVE-2014-9420
===================================================================
--- active/CVE-2014-9420	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2014-9420	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,11 +0,0 @@
-Description: fs: isofs: infinite loop in CE records
-References:
-Notes:
-Bugs:
-upstream: released (v3.19-rc1) [f54e18f1b831c92f6512d2eedb224cd63d607d3d]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.7-ckt4-1)
-3.2-wheezy-security: released (3.2.65-1) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
-3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: released (3.2.67) [isofs-fix-infinite-looping-over-ce-entries.patch]

Deleted: active/CVE-2014-9584
===================================================================
--- active/CVE-2014-9584	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2014-9584	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,11 +0,0 @@
-Description: isofs information leak
-References:
-Notes:
-Bugs:
-upstream: released (3.19-rc3) [4e2024624e678f0ebb916e6192bd23c1f9fdf696]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.7-ckt4-1)
-3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
-3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: released (3.2.67) [isofs-fix-unchecked-printing-of-er-records.patch]

Deleted: active/CVE-2014-9585
===================================================================
--- active/CVE-2014-9585	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2014-9585	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,12 +0,0 @@
-Description: x86_64, vdso: Fix the vdso address randomization algorithm
-References:
- https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/vdso&id=bc3b94c31d65e761ddfe150d02932c65971b74e2
-Notes:
-Bugs:
-upstream: released (3.19-rc4) [394f56fe480140877304d342dec46d50dc823d46]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.7-ckt4-1) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
-3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
-3.16-upstream-stable: released (3.16.7-ckt5)
-3.2-upstream-stable: released (3.2.67) [x86_64-vdso-fix-the-vdso-address-randomization-algorithm.patch]

Deleted: active/CVE-2015-1421
===================================================================
--- active/CVE-2015-1421	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2015-1421	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,13 +0,0 @@
-Description: Use-after-free in sctp triggered remotely
-References:
- http://www.openwall.com/lists/oss-security/2015/01/29/13
- https://git.kernel.org/linus/600ddd6825543962fb807884169e57b580dba208
-Notes:
-Bugs:
-upstream: released (3.19-rc7) [600ddd6825543962fb807884169e57b580dba208]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.7-ckt4-3) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch]
-3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch]
-3.16-upstream-stable: released (3.16.7-ckt6)
-3.2-upstream-stable: released (3.2.67) [net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]

Deleted: active/CVE-2015-1465
===================================================================
--- active/CVE-2015-1465	2015-02-24 15:44:34 UTC (rev 3700)
+++ active/CVE-2015-1465	2015-02-24 15:47:33 UTC (rev 3701)
@@ -1,12 +0,0 @@
-Description: DoS due to routing packets to too many different dsts/too fast
-References:
- - https://bugzilla.redhat.com/show_bug.cgi?id=1183744
-Notes:
-Bugs:
-upstream: released (v3.19-rc7) [df4d92549f23e1c037e83323aff58a21b3de7fe0]
-2.6.32-upstream-stable: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691"
-sid: pending (3.16.7-ckt6-1)
-3.2-wheezy-security: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691"
-2.6.32-squeeze-security: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691"
-3.16-upstream-stable: released (3.16.7-ckt6)
-3.2-upstream-stable: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691"

Copied: retired/CVE-2013-6885 (from rev 3699, active/CVE-2013-6885)
===================================================================
--- retired/CVE-2013-6885	                        (rev 0)
+++ retired/CVE-2013-6885	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,11 @@
+Description: AMD family 16h erratum 793, hardware lock-up
+References:
+Notes:
+Bugs:
+upstream: released (3.14-rc2) [3b56496865f9f7d9bcb2f93b44c63f274f08e3b6]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.14.2-1)
+3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/x86/x86-cpu-amd-add-workaround-for-family-16h-erratum-79.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86-cpu-amd-add-workaround-for-family-16h-erratum-79.patch]
+3.16-upstream-stable: N/A "fixed before 3.16"
+3.2-upstream-stable: released (3.2.67) [x86-cpu-amd-add-workaround-for-family-16h-erratum-793.patch]

Copied: retired/CVE-2014-7822 (from rev 3699, active/CVE-2014-7822)
===================================================================
--- retired/CVE-2014-7822	                        (rev 0)
+++ retired/CVE-2014-7822	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,15 @@
+Description: splice: lack of generic write checks
+References:
+Notes:
+ bwh> I have a reproducer for this.  On 2.6.32 it causes ext4 to corrupt
+ bwh> the filesystem (which is caught by e2fsck).  On 3.2 it causes ext4 to
+ bwh> hang on umount.  ext3 and xfs don't seem to be affected.
+Bugs:
+ - https://bugzilla.redhat.com/show_bug.cgi?id=1163792
+upstream: released (v3.16-rc1) [8d0207652cbe27d1f962050737848e5ad4671958]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.2-1)
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
+3.16-upstream-stable: N/A "fixed before 3.16"
+3.2-upstream-stable: released (3.2.67) [splice-apply-generic-position-and-size-checks-to-eac.patch]

Copied: retired/CVE-2014-8133 (from rev 3699, active/CVE-2014-8133)
===================================================================
--- retired/CVE-2014-8133	                        (rev 0)
+++ retired/CVE-2014-8133	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,11 @@
+Description: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS
+References:
+Notes:
+Bugs:
+upstream: released (3.19-rc1) [41bdc78544b8a93a9c6814b8bbbfef966272abbe]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt4-1)
+3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/x86/x86-tls-validate-tls-entries-to-protect-espfix.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86-tls-validate-tls-entries-to-protect-espfix.patch]
+3.16-upstream-stable: released (3.16.7-ckt4)
+3.2-upstream-stable: released (3.2.66) [x86-tls-validate-tls-entries-to-protect-espfix.patch]

Copied: retired/CVE-2014-8134 (from rev 3699, active/CVE-2014-8134)
===================================================================
--- retired/CVE-2014-8134	                        (rev 0)
+++ retired/CVE-2014-8134	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,14 @@
+Description: x86: espfix not working for 32-bit KVM paravirt guests
+References:
+ http://www.spinics.net/lists/kvm/msg111458.html
+ https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?h=linux-next&id=29fa6825463c97e5157284db80107d1bfac5d77b
+Notes:
+ This is for KVM guests, not KVM itself, so it does apply to squeeze-lts.
+Bugs:
+upstream: released (3.19-rc1) [29fa6825463c97e5157284db80107d1bfac5d77b]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt4-1)
+3.2-wheezy-security: released (3.2.65-1) [bugfix/x86/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
+3.16-upstream-stable: released (3.16.7-ckt4)
+3.2-upstream-stable: released (3.2.66) [x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]

Copied: retired/CVE-2014-8160 (from rev 3699, active/CVE-2014-8160)
===================================================================
--- retired/CVE-2014-8160	                        (rev 0)
+++ retired/CVE-2014-8160	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,12 @@
+Description: netfilter: SCTP firewalling fails until SCTP module is loaded
+References:
+ http://www.spinics.net/lists/netfilter-devel/msg33430.html
+Notes:
+Bugs:
+upstream: released (3.18) [db29a9508a9246e77087c5531e45b2c88ec6988b]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt4-1) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
+3.16-upstream-stable: released (3.16.7-ckt5)
+3.2-upstream-stable: released (3.2.67) [netfilter-conntrack-disable-generic-tracking-for-kno.patch]

Copied: retired/CVE-2014-9420 (from rev 3699, active/CVE-2014-9420)
===================================================================
--- retired/CVE-2014-9420	                        (rev 0)
+++ retired/CVE-2014-9420	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,11 @@
+Description: fs: isofs: infinite loop in CE records
+References:
+Notes:
+Bugs:
+upstream: released (v3.19-rc1) [f54e18f1b831c92f6512d2eedb224cd63d607d3d]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt4-1)
+3.2-wheezy-security: released (3.2.65-1) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
+3.16-upstream-stable: released (3.16.7-ckt4)
+3.2-upstream-stable: released (3.2.67) [isofs-fix-infinite-looping-over-ce-entries.patch]

Copied: retired/CVE-2014-9584 (from rev 3699, active/CVE-2014-9584)
===================================================================
--- retired/CVE-2014-9584	                        (rev 0)
+++ retired/CVE-2014-9584	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,11 @@
+Description: isofs information leak
+References:
+Notes:
+Bugs:
+upstream: released (3.19-rc3) [4e2024624e678f0ebb916e6192bd23c1f9fdf696]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt4-1)
+3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
+3.16-upstream-stable: released (3.16.7-ckt4)
+3.2-upstream-stable: released (3.2.67) [isofs-fix-unchecked-printing-of-er-records.patch]

Copied: retired/CVE-2014-9585 (from rev 3699, active/CVE-2014-9585)
===================================================================
--- retired/CVE-2014-9585	                        (rev 0)
+++ retired/CVE-2014-9585	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,12 @@
+Description: x86_64, vdso: Fix the vdso address randomization algorithm
+References:
+ https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/vdso&id=bc3b94c31d65e761ddfe150d02932c65971b74e2
+Notes:
+Bugs:
+upstream: released (3.19-rc4) [394f56fe480140877304d342dec46d50dc823d46]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt4-1) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
+3.16-upstream-stable: released (3.16.7-ckt5)
+3.2-upstream-stable: released (3.2.67) [x86_64-vdso-fix-the-vdso-address-randomization-algorithm.patch]

Copied: retired/CVE-2015-1421 (from rev 3699, active/CVE-2015-1421)
===================================================================
--- retired/CVE-2015-1421	                        (rev 0)
+++ retired/CVE-2015-1421	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,13 @@
+Description: Use-after-free in sctp triggered remotely
+References:
+ http://www.openwall.com/lists/oss-security/2015/01/29/13
+ https://git.kernel.org/linus/600ddd6825543962fb807884169e57b580dba208
+Notes:
+Bugs:
+upstream: released (3.19-rc7) [600ddd6825543962fb807884169e57b580dba208]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt4-3) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch]
+3.16-upstream-stable: released (3.16.7-ckt6)
+3.2-upstream-stable: released (3.2.67) [net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]

Copied: retired/CVE-2015-1465 (from rev 3699, active/CVE-2015-1465)
===================================================================
--- retired/CVE-2015-1465	                        (rev 0)
+++ retired/CVE-2015-1465	2015-02-24 15:47:33 UTC (rev 3701)
@@ -0,0 +1,12 @@
+Description: DoS due to routing packets to too many different dsts/too fast
+References:
+ - https://bugzilla.redhat.com/show_bug.cgi?id=1183744
+Notes:
+Bugs:
+upstream: released (v3.19-rc7) [df4d92549f23e1c037e83323aff58a21b3de7fe0]
+2.6.32-upstream-stable: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691"
+sid: pending (3.16.7-ckt6-1)
+3.2-wheezy-security: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691"
+2.6.32-squeeze-security: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691"
+3.16-upstream-stable: released (3.16.7-ckt6)
+3.2-upstream-stable: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691"

More information about the kernel-sec-discuss mailing list