[kernel-sec-discuss] r3792 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue May 19 08:21:38 UTC 2015 

Author: jmm
Date: 2015-05-19 08:21:37 +0000 (Tue, 19 May 2015)
New Revision: 3792

Added:
   retired/CVE-2014-7825
   retired/CVE-2014-7826
Removed:
   active/CVE-2014-7825
   active/CVE-2014-7826
Log:
retire


Deleted: active/CVE-2014-7825
===================================================================
--- active/CVE-2014-7825	2015-05-19 08:21:21 UTC (rev 3791)
+++ active/CVE-2014-7825	2015-05-19 08:21:37 UTC (rev 3792)
@@ -1,15 +0,0 @@
-Description: Perf subsystem oob read in supervisor mode (local DoS)
-References:
- Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
-Notes:
- For 2.6.32, commit cd0980fc8add ("tracing: Check invalid syscall nr while
- tracing syscalls") is also needed.
-Bugs:
-upstream: released (v3.18-rc3) [086ba77a6db00ed858ff07451bedee197df868c9]
-2.6.32-upstream-stable: ignored
-sid: released (3.16.7-ckt2-1)
-3.16-jessie-security: N/A "Fixed before initial release"
-3.2-wheezy-security: N/A "CONFIG_FTRACE_SYSCALL not enabled"
-2.6.32-squeeze-security: N/A "CONFIG_FTRACE_SYSCALL not enabled"
-3.16-upstream-stable: released (3.16.7-ckt1)
-3.2-upstream-stable: released (3.2.65)

Deleted: active/CVE-2014-7826
===================================================================
--- active/CVE-2014-7826	2015-05-19 08:21:21 UTC (rev 3791)
+++ active/CVE-2014-7826	2015-05-19 08:21:37 UTC (rev 3792)
@@ -1,16 +0,0 @@
-Description: Ftrace subsystem supervisor mode code execution
-References:
- Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
- Support for SOFT_DISABLE to syscall events was added in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d562aff93bfb530b0992141500a402d17081189d (v3.13-rc1)
-Notes:
- For 2.6.32, commit cd0980fc8add ("tracing: Check invalid syscall nr while
- tracing syscalls") is also needed.
-Bugs:
-upstream: released (v3.18-rc3) [086ba77a6db00ed858ff07451bedee197df868c9]
-2.6.32-upstream-stable: ignored
-sid: released (3.16.7-ckt2-1)
-3.16-jessie-security: N/A "Fixed before initial release"
-3.2-wheezy-security: N/A "CONFIG_FTRACE_SYSCALL not enabled"
-2.6.32-squeeze-security: N/A "CONFIG_FTRACE_SYSCALL not enabled"
-3.16-upstream-stable: released (3.16.7-ckt1)
-3.2-upstream-stable: released (3.2.65)

Copied: retired/CVE-2014-7825 (from rev 3791, active/CVE-2014-7825)
===================================================================
--- retired/CVE-2014-7825	                        (rev 0)
+++ retired/CVE-2014-7825	2015-05-19 08:21:37 UTC (rev 3792)
@@ -0,0 +1,15 @@
+Description: Perf subsystem oob read in supervisor mode (local DoS)
+References:
+ Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
+Notes:
+ For 2.6.32, commit cd0980fc8add ("tracing: Check invalid syscall nr while
+ tracing syscalls") is also needed.
+Bugs:
+upstream: released (v3.18-rc3) [086ba77a6db00ed858ff07451bedee197df868c9]
+2.6.32-upstream-stable: ignored
+sid: released (3.16.7-ckt2-1)
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: N/A "CONFIG_FTRACE_SYSCALL not enabled"
+2.6.32-squeeze-security: N/A "CONFIG_FTRACE_SYSCALL not enabled"
+3.16-upstream-stable: released (3.16.7-ckt1)
+3.2-upstream-stable: released (3.2.65)

Copied: retired/CVE-2014-7826 (from rev 3791, active/CVE-2014-7826)
===================================================================
--- retired/CVE-2014-7826	                        (rev 0)
+++ retired/CVE-2014-7826	2015-05-19 08:21:37 UTC (rev 3792)
@@ -0,0 +1,16 @@
+Description: Ftrace subsystem supervisor mode code execution
+References:
+ Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
+ Support for SOFT_DISABLE to syscall events was added in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d562aff93bfb530b0992141500a402d17081189d (v3.13-rc1)
+Notes:
+ For 2.6.32, commit cd0980fc8add ("tracing: Check invalid syscall nr while
+ tracing syscalls") is also needed.
+Bugs:
+upstream: released (v3.18-rc3) [086ba77a6db00ed858ff07451bedee197df868c9]
+2.6.32-upstream-stable: ignored
+sid: released (3.16.7-ckt2-1)
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: N/A "CONFIG_FTRACE_SYSCALL not enabled"
+2.6.32-squeeze-security: N/A "CONFIG_FTRACE_SYSCALL not enabled"
+3.16-upstream-stable: released (3.16.7-ckt1)
+3.2-upstream-stable: released (3.2.65)

More information about the kernel-sec-discuss mailing list