[kernel-sec-discuss] r4802 - active retired

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Dec 19 19:11:00 UTC 2016 

Author: carnil
Date: 2016-12-19 19:11:00 +0000 (Mon, 19 Dec 2016)
New Revision: 4802

Added:
   retired/CVE-2016-9755
Removed:
   active/CVE-2016-9755
Log:
Retire CVE-2016-9755

Deleted: active/CVE-2016-9755
===================================================================
--- active/CVE-2016-9755	2016-12-19 19:09:58 UTC (rev 4801)
+++ active/CVE-2016-9755	2016-12-19 19:11:00 UTC (rev 4802)
@@ -1,13 +0,0 @@
-Description: net: out-of-bounds due do a signedness issue when defragging ipv6
-References:
- https://www.spinics.net/lists/netdev/msg407525.html
- https://groups.google.com/forum/#!topic/syzkaller/GFbGpX7nTEo
-Notes:
- Introduced in 4.5-rc1 with 029f7f3b8701cc7aca8bdb31f0c7edd6a479e357
-Bugs:
-upstream: released (4.9-rc8) [9b57da0630c9fd36ed7a20fc0f98dc82cc0777fa]
-3.16-upstream-stable: N/A "Introduced in 4.5-rc1 with 029f7f3b8701cc7aca8bdb31f0c7edd6a479e357"
-3.2-upstream-stable: N/A "Introduced in 4.5-rc1 with 029f7f3b8701cc7aca8bdb31f0c7edd6a479e357"
-sid: released (4.8.15-1) [bugfix/all/netfilter-ipv6-nf_defrag-drop-mangled-skb-on-ream-er.patch]
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2016-9755 (from rev 4801, active/CVE-2016-9755)
===================================================================
--- retired/CVE-2016-9755	                        (rev 0)
+++ retired/CVE-2016-9755	2016-12-19 19:11:00 UTC (rev 4802)
@@ -0,0 +1,13 @@
+Description: net: out-of-bounds due do a signedness issue when defragging ipv6
+References:
+ https://www.spinics.net/lists/netdev/msg407525.html
+ https://groups.google.com/forum/#!topic/syzkaller/GFbGpX7nTEo
+Notes:
+ Introduced in 4.5-rc1 with 029f7f3b8701cc7aca8bdb31f0c7edd6a479e357
+Bugs:
+upstream: released (4.9-rc8) [9b57da0630c9fd36ed7a20fc0f98dc82cc0777fa]
+3.16-upstream-stable: N/A "Introduced in 4.5-rc1 with 029f7f3b8701cc7aca8bdb31f0c7edd6a479e357"
+3.2-upstream-stable: N/A "Introduced in 4.5-rc1 with 029f7f3b8701cc7aca8bdb31f0c7edd6a479e357"
+sid: released (4.8.15-1) [bugfix/all/netfilter-ipv6-nf_defrag-drop-mangled-skb-on-ream-er.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"

More information about the kernel-sec-discuss mailing list