[kernel-sec-discuss] r4801 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 19 19:09:58 UTC 2016
Author: carnil
Date: 2016-12-19 19:09:58 +0000 (Mon, 19 Dec 2016)
New Revision: 4801
Added:
retired/CVE-2016-8632
Removed:
active/CVE-2016-8632
Log:
Retire CVE-2016-8632
Deleted: active/CVE-2016-8632
===================================================================
--- active/CVE-2016-8632 2016-12-19 18:49:15 UTC (rev 4800)
+++ active/CVE-2016-8632 2016-12-19 19:09:58 UTC (rev 4801)
@@ -1,13 +0,0 @@
-Description: TIPC subsystem: tipc_msg_build() doesn't validate MTU, may cause memory corruption
-References:
- https://www.mail-archive.com/netdev@vger.kernel.org/msg133205.html
-Notes:
- bwh> Introduced by commit 067608e9d019d6477fd45dd948e81af0e5bf599f (3.17-rc1)
- bwh> "tipc: introduce direct iovec to buffer chain fragmentation function"
-Bugs:
-upstream: released (4.9-rc8) [3de81b758853f0b29c61e246679d20b513c4cfec]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.8.15-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-8632 (from rev 4800, active/CVE-2016-8632)
===================================================================
--- retired/CVE-2016-8632 (rev 0)
+++ retired/CVE-2016-8632 2016-12-19 19:09:58 UTC (rev 4801)
@@ -0,0 +1,13 @@
+Description: TIPC subsystem: tipc_msg_build() doesn't validate MTU, may cause memory corruption
+References:
+ https://www.mail-archive.com/netdev@vger.kernel.org/msg133205.html
+Notes:
+ bwh> Introduced by commit 067608e9d019d6477fd45dd948e81af0e5bf599f (3.17-rc1)
+ bwh> "tipc: introduce direct iovec to buffer chain fragmentation function"
+Bugs:
+upstream: released (4.9-rc8) [3de81b758853f0b29c61e246679d20b513c4cfec]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.8.15-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list