[kernel-sec-discuss] r4499 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jun 28 08:34:54 UTC 2016
Author: carnil
Date: 2016-06-28 08:34:54 +0000 (Tue, 28 Jun 2016)
New Revision: 4499
Added:
retired/CVE-2014-9903
retired/CVE-2015-7515
retired/CVE-2016-0821
retired/CVE-2016-2117
retired/CVE-2016-2143
retired/CVE-2016-2184
retired/CVE-2016-2185
retired/CVE-2016-2186
retired/CVE-2016-2187
retired/CVE-2016-3070
retired/CVE-2016-3134
retired/CVE-2016-3136
retired/CVE-2016-3137
retired/CVE-2016-3138
retired/CVE-2016-3140
retired/CVE-2016-3156
retired/CVE-2016-3157
retired/CVE-2016-3672
retired/CVE-2016-3951
retired/CVE-2016-3955
retired/CVE-2016-3961
retired/CVE-2016-4485
retired/CVE-2016-4486
retired/CVE-2016-4565
retired/CVE-2016-4580
retired/CVE-2016-4581
retired/CVE-2016-4794
retired/CVE-2016-4805
retired/CVE-2016-4913
retired/CVE-2016-partial-SMAP-bypass
Removed:
active/CVE-2014-9903
active/CVE-2015-7515
active/CVE-2016-0821
active/CVE-2016-2117
active/CVE-2016-2143
active/CVE-2016-2184
active/CVE-2016-2185
active/CVE-2016-2186
active/CVE-2016-2187
active/CVE-2016-3070
active/CVE-2016-3134
active/CVE-2016-3136
active/CVE-2016-3137
active/CVE-2016-3138
active/CVE-2016-3140
active/CVE-2016-3156
active/CVE-2016-3157
active/CVE-2016-3672
active/CVE-2016-3951
active/CVE-2016-3955
active/CVE-2016-3961
active/CVE-2016-4485
active/CVE-2016-4486
active/CVE-2016-4565
active/CVE-2016-4580
active/CVE-2016-4581
active/CVE-2016-4794
active/CVE-2016-4805
active/CVE-2016-4913
active/CVE-2016-partial-SMAP-bypass
Log:
Retire several CVEs
Deleted: active/CVE-2014-9903
===================================================================
--- active/CVE-2014-9903 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2014-9903 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description:
-References:
-Notes: Introduced in 3.14-rc1 with d50dde5a10f305253cbc3855307f608f8a3c5f73
-Bugs:
-upstream: released (3.14-rc4) [4efbc454ba68def5ef285b26ebfcfdb605b52755]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnreable code not present"
-sid: N/A "Vulnrable code not present"
-3.16-jessie-security: N/A "Vulnreable code not present"
-3.2-wheezy-security: N/A "Vulnreable code not present"
Deleted: active/CVE-2015-7515
===================================================================
--- active/CVE-2015-7515 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2015-7515 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,13 +0,0 @@
-Description: aiptek: crash on invalid USB device descriptors
-References:
- - https://bugzilla.redhat.com/show_bug.cgi?id=1285326
- - https://www.spinics.net/lists/linux-input/msg42294.html
- - https://os-s.net/advisories/OSS-2016-05_aiptek.pdf
-Notes:
-Bugs:
-upstream: released (4.4-rc6) [8e20cf2bce122ce9262d6034ee5d5b76fbb92f96]
-3.16-upstream-stable: released (3.16.7-ckt26) [24b12688c53a46545a723cf084e25afde2ba39f3]
-3.2-upstream-stable: released (3.2.79) [input-aiptek-fix-crash-on-detecting-device-without-endpoints.patch]
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-aiptek-fix-crash-on-detecting-device-without-e.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-0821
===================================================================
--- active/CVE-2016-0821 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-0821 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description: Too big poison pointer space
-References:
-Notes:
-Bugs:
-upstream: released (4.3-rc1) [8a5e5e02fc83aaf67053ab53b359af08c6c49aaf]
-3.16-upstream-stable: released (3.16.7-ckt27)
-3.2-upstream-stable: released (3.2.79) [include-linux-poison.h-fix-list_poison-1-2-offset.patch]
-sid: released (4.3.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/include-linux-poison.h-fix-list_poison-1-2-offset.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-2117
===================================================================
--- active/CVE-2016-2117 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-2117 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,13 +0,0 @@
-Description: memory disclosure into ethernet frames due to incorrect driver handling of scatter/gather IO
-References:
- http://www.openwall.com/lists/oss-security/2016/03/16/7
- https://bugzilla.novell.com/show_bug.cgi?id=968697
- http://mid.gmane.org/0160420222308.GJ3348@decadent.org.uk
-Notes:
-Bugs:
-upstream: released (4.6-rc5) [f43bfaeddc79effbf3d0fcb53ca477cca66f3db8]
-3.16-upstream-stable: released (3.16.36) [atl2-disable-unimplemented-scatter-gather-feature.patch]
-3.2-upstream-stable: N/A ("scatter/gather cannot be enabled")
-sid: released (4.5.2-1) [bugfix/all/atl2-disable-unimplemented-scatter-gather-feature.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/atl2-disable-unimplemented-scatter-gather-feature.patch]
-3.2-wheezy-security: N/A ("scatter/gather cannot be enabled")
Deleted: active/CVE-2016-2143
===================================================================
--- active/CVE-2016-2143 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-2143 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,11 +0,0 @@
-Description: s390/mm: page table corruption
-References:
-Notes:
- Introduced since 6252d702c5311ce916caf75ed82e5c8245171c92 (v2.6.25-rc1)
-Bugs:
-upstream: released (4.5) [3446c13b268af86391d06611327006b059b8bab1]
-3.16-upstream-stable: released (3.16.35) [s390-mm-four-page-table-levels-vs.-fork.patch]
-3.2-upstream-stable: released (3.2.79) [s390-mm-four-page-table-levels-vs.-fork.patch]
-sid: released (4.4.6-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/s390/s390-mm-four-page-table-levels-vs.-fork.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-2184
===================================================================
--- active/CVE-2016-2184 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-2184 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,13 +0,0 @@
-Description: Kernel panic on invalid USB device descriptor (snd_usb_audio driver)
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1317012
- https://bugzilla.redhat.com/show_bug.cgi?id=1283355
- https://bugzilla.redhat.com/show_bug.cgi?id=1283358
-Notes:
-Bugs:
-upstream: released (4.6-rc1) [0f886ca12765d20124bd06291c82951fd49a33be, 447d6275f0c21f6cc97a88b3a0c601436a4cdf2a]
-3.16-upstream-stable: released (3.16.7-ckt27)
-3.2-upstream-stable: released (3.2.80) [alsa-usb-audio-fix-null-dereference-in-create_fixed_stream_quirk.patch, alsa-usb-audio-add-sanity-checks-for-endpoint-accesses.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/alsa-usb-audio-fix-null-dereference-in-create_fixed_.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-2185
===================================================================
--- active/CVE-2016-2185 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-2185 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,13 +0,0 @@
-Description: Kernel panic on invalid USB device descriptor (ati_remote2 driver)
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1317014
- https://bugzilla.redhat.com/show_bug.cgi?id=1283362
- https://bugzilla.redhat.com/show_bug.cgi?id=1283363
-Notes:
-Bugs:
-upstream: released (4.6-rc1) [950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d]
-3.16-upstream-stable: released (3.16.7-ckt27)
-3.2-upstream-stable: released (3.2.80) [input-ati_remote2-fix-crashes-on-detecting-device-with-invalid.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-ati_remote2-fix-crashes-on-detecting-device-wi.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-2186
===================================================================
--- active/CVE-2016-2186 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-2186 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,13 +0,0 @@
-Description: Kernel panic on invalid USB device descriptor (powermate driver)
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1317015
- https://bugzilla.redhat.com/show_bug.cgi?id=1283384
- http://marc.info/?l=linux-usb&m=145796479528669&w=2
-Notes:
-Bugs:
-upstream: released (4.6-rc1) [9c6ba456711687b794dcf285856fc14e2c76074f]
-3.16-upstream-stable: released (3.16.7-ckt27)
-3.2-upstream-stable: released (3.2.80) [input-powermate-fix-oops-with-malicious-usb-descriptors.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-powermate-fix-oops-with-malicious-usb-descript.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-2187
===================================================================
--- active/CVE-2016-2187 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-2187 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,11 +0,0 @@
-Description: Kernel panic on invalid USB device descriptor (gtco driver)
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1317017
-Notes:
-Bugs:
-upstream: released (4.6-rc5) [162f98dea487206d9ab79fc12ed64700667a894d]
-3.16-upstream-stable: released (3.16.36) [input-gtco-fix-crash-on-detecting-device-without-endpoints.patch]
-3.2-upstream-stable: released (3.2.81) [input-gtco-fix-crash-on-detecting-device-without-endpoints.patch]
-sid: released (4.5.2-1) [bugfix/all/input-gtco-fix-crash-on-detecting-device-without-end.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-gtco-fix-crash-on-detecting-device-without-end.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3070
===================================================================
--- active/CVE-2016-3070 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3070 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,14 +0,0 @@
-Description: Null pointer dereference in trace_writeback_dirty_page()
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1306851 (not yet public)
-Notes:
- bwh> Problematic call sequence removed by upstream commit appears to be:
- bwh> migrate_page_copy() -> __set_page_dirty_nobuffers()
- bwh> -> account_page_dirtied() -> trace_writeback_dirty_page()
-Bugs:
-upstream: released (4.4-rc1) [42cb14b110a5698ccf26ce59c4441722605a3743]
-3.16-upstream-stable: released (3.16.36) [mm-migrate-dirty-page-without-clear_page_dirty_for_io-etc.patch]
-3.2-upstream-stable: N/A ("Vulnerable code not present")
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/mm-migrate-dirty-page-without-clear_page_dirty_for_io-etc.patch]
-3.2-wheezy-security: N/A ("Vulnerable code not present")
Deleted: active/CVE-2016-3134
===================================================================
--- active/CVE-2016-3134 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3134 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,19 +0,0 @@
-Description: netfilter IPT_SO_SET_REPLACE memory corruption
-References:
- https://code.google.com/p/google-security-research/issues/detail?id=758
- https://patchwork.ozlabs.org/patch/595575/
- https://patchwork.ozlabs.org/patch/599721/
- http://marc.info/?l=netfilter-devel&m=145757134822741&w=2
- https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=bdf533de6968e9686df777dc178486f600c6e617
- https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
-Notes:
- carnil> Can be triggered by an unprivileged user on PF_INET sockets when
- carnil> unprivileged user namespaces are available (CONFIG_USER_NS=y)
- bwh> The upstream fixes (in davem/net.git) are the last two listed above
-Bugs:
-upstream: released (4.6-rc2) [bdf533de6968e9686df777dc178486f600c6e617, 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91]
-3.16-upstream-stable: released (3.16.35) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
-3.2-upstream-stable: released (3.2.80) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
-sid: released (4.5.1-1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3136
===================================================================
--- active/CVE-2016-3136 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3136 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,12 +0,0 @@
-Description: crash on invalid USB device descriptors (mct_u232 driver)
-References:
- http://seclists.org/bugtraq/2016/Mar/57
- https://bugzilla.redhat.com/show_bug.cgi?id=1283370
-Notes:
-Bugs:
-upstream: released (4.6-rc3) [4e9a0b05257f29cf4b75f3209243ed71614d062e]
-3.16-upstream-stable: released (3.16.35) [usb-mct_u232-add-sanity-checking-in-probe.patch]
-3.2-upstream-stable: released (3.2.80) [usb-mct_u232-add-sanity-checking-in-probe.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-mct_u232-add-sanity-checking-in-probe.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3137
===================================================================
--- active/CVE-2016-3137 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3137 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,12 +0,0 @@
-Description: crash on invalid USB device descriptors (cypress_m8 driver)
-References:
- http://seclists.org/bugtraq/2016/Mar/55
- https://bugzilla.redhat.com/show_bug.cgi?id=1283368
-Notes:
-Bugs:
-upstream: released (4.6-rc3) [c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754]
-3.16-upstream-stable: released (3.16.35) [usb-cypress_m8-add-endpoint-sanity-check.patch]
-3.2-upstream-stable: released (3.2.80) [usb-cypress_m8-add-endpoint-sanity-check.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-cypress_m8-add-endpoint-sanity-check.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3138
===================================================================
--- active/CVE-2016-3138 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3138 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,12 +0,0 @@
-Description: crash on invalid USB device descriptors (cdc_acm driver)
-References:
- http://seclists.org/bugtraq/2016/Mar/54
- https://bugzilla.redhat.com/show_bug.cgi?id=1283366
-Notes:
-Bugs:
-upstream: released (4.6-rc1) [8835ba4a39cf53f705417b3b3a94eb067673f2c9]
-3.16-upstream-stable: released (3.16.7-ckt27)
-3.2-upstream-stable: released (3.2.80) [usb-cdc-acm-more-sanity-checking.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-cdc-acm-more-sanity-checking.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3140
===================================================================
--- active/CVE-2016-3140 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3140 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,13 +0,0 @@
-Description: crash on invalid USB device descriptors (digi_acceleport driver)
-References:
- http://seclists.org/bugtraq/2016/Mar/61
- https://bugzilla.redhat.com/show_bug.cgi?id=1283378
-Notes:
- Proposed patch: http://marc.info/?l=linux-usb&m=145796765030590&w=2
-Bugs:
-upstream: released (4.6-rc3) [5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f]
-3.16-upstream-stable: released (3.16.35) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
-3.2-upstream-stable: released (3.2.80) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-digi_acceleport-do-sanity-checking-for-the-numbe.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3156
===================================================================
--- active/CVE-2016-3156 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3156 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description: ipv4: Don't do expensive useless work during inetdev destroy
-References:
-Notes:
-Bugs:
-upstream: released (4.6-rc1) [fbd40ea0180a2d328c5adc61414dc8bab9335ce2]
-3.16-upstream-stable: released (3.16.7-ckt27)
-3.2-upstream-stable: N/A "Not a security issue since containers are not supported"
-sid: released (4.5.1-1) [bugfix/all/ipv4-don-t-do-expensive-useless-work-during-inetdev-.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ipv4-don-t-do-expensive-useless-work-during-inetdev-.patch]
-3.2-wheezy-security: N/A "Not a security issue since containers are not supported"
Deleted: active/CVE-2016-3157
===================================================================
--- active/CVE-2016-3157 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3157 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,11 +0,0 @@
-Description: I/O port access privilege escalation in x86-64 Linux under Xen
-References:
- http://xenbits.xen.org/xsa/advisory-171.html
-Notes:
-Bugs:
-upstream: released (4.6-rc1) [b7a584598aea7ca73140cb87b40319944dd3393f]
-3.16-upstream-stable: released (3.16.7-ckt27)
-3.2-upstream-stable: released (3.2.80) [x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3672
===================================================================
--- active/CVE-2016-3672 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3672 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,14 +0,0 @@
-Description: Unlimiting the stack disables ASLR on i386
-References:
- http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html
-Notes:
- bwh> This problem has been known for a long time; I don't know why it got
- bwh> a 2016 CVE ID. There is some risk of regression so we should
- bwh> probably wait a while before backporting.
-Bugs:
-upstream: released (4.6-rc1) [8b8addf891de8a00e4d39fc32f93f7c5eb8feceb]
-3.16-upstream-stable: released (3.16.35) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
-3.2-upstream-stable: released (3.2.80) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
-sid: released (4.5.1-1) [bugfix/all/x86-mm-32-enable-full-randomization-on-i386-and-x86_.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-standardize-mmap_rnd-usage.patch, bugfix/x86/x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3951
===================================================================
--- active/CVE-2016-3951 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3951 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,11 +0,0 @@
-Description: usbnet: memory corruption triggered by invalid USB descriptor
-References:
-Notes:
- bwh> First part was included in 3.16.7-ckt26 and doesn't seem to be needed for 3.2
-Bugs:
-upstream: released (4.5) [4d06dd537f95683aba3651098ae288b7cbff8274, 1666984c8625b3db19a9abc298931d35ab7bc64b]
-3.16-upstream-stable: released (3.16.35) [usbnet-cleanup-after-bind-in-probe.patch]
-3.2-upstream-stable: released (3.2.80) [usbnet-cleanup-after-bind-in-probe.patch]
-sid: released (4.5.1-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/cdc_ncm-do-not-call-usbnet_link_change-from-cdc_ncm_.patch, bugfix/all/usbnet-cleanup-after-bind-in-probe.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3955
===================================================================
--- active/CVE-2016-3955 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3955 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description: remote buffer overflow in usbip
-References:
-Notes:
-Bugs:
-upstream: released (4.6-rc3) [b348d7dddb6c4fbfc810b7a0626e8ec9e29f7cbb]
-3.16-upstream-stable: released (3.16.35) [usb-usbip-fix-potential-out-of-bounds-write.patch]
-3.2-upstream-stable: released (3.2.80) [usb-usbip-fix-potential-out-of-bounds-write.patch]
-sid: released (4.5.2-1) [bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-3961
===================================================================
--- active/CVE-2016-3961 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-3961 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,11 +0,0 @@
-Description: XSA-174: hugetlbfs use may crash PV Linux guests
-References:
- http://xenbits.xen.org/xsa/advisory-174.html
-Notes:
-Bugs:
-upstream: released (4.6-rc5) [103f6112f253017d7062cd74d17f4a514ed4485c]
-3.16-upstream-stable: released (3.16.36) [mm-hugetlb-allow-hugepages_supported-to-be-architecture-specific.patch, x86-mm-xen-suppress-hugetlbfs-in-pv-guests.patch]
-3.2-upstream-stable: released (3.2.81) [hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, mm-hugetlb-allow-hugepages_supported-to-be-architecture-specific.patch, x86-mm-xen-suppress-hugetlbfs-in-pv-guests.patch]
-sid: released (4.5.2-1) [bugfix/x86/x86-xen-suppress-hugetlbfs-in-PV-guests.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]
-3.2-wheezy-security: released (3.2.81-1) [bugfix/all/hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]
Deleted: active/CVE-2016-4485
===================================================================
--- active/CVE-2016-4485 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-4485 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description: information leak vulnerability in llc module
-References:
-Notes:
-Bugs:
-upstream: released (4.6) [b8670c09f37bdf2847cc44f36511a53afc6161fd]
-3.16-upstream-stable: released (3.16.36) [net-fix-infoleak-in-llc.patch]
-3.2-upstream-stable: released (3.2.81) [net-fix-infoleak-in-llc.patch]
-sid: released (4.5.4-1) [bugfix/all/net-fix-infoleak-in-llc.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-infoleak-in-llc.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-4486
===================================================================
--- active/CVE-2016-4486 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-4486 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description: information leak vulnerability in rtnetlink
-References:
-Notes:
-Bugs:
-upstream: released (4.6) [5f8e44741f9f216e33736ea4ec65ca9ac03036e6]
-3.16-upstream-stable: released (3.16.36) [net-fix-infoleak-in-rtnetlink.patch]
-3.2-upstream-stable: released (3.2.81) [net-fix-infoleak-in-rtnetlink.patch]
-sid: released (4.5.4-1) [bugfix/all/net-fix-infoleak-in-rtnetlink.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-infoleak-in-rtnetlink.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-4565
===================================================================
--- active/CVE-2016-4565 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-4565 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description: Privilege escalation through misuse of write() in RDMA APIs
-References:
-Notes:
-Bugs:
-upstream: released (4.6-rc6) [e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3]
-3.16-upstream-stable: released (3.16.36) [ib-security-restrict-use-of-the-write-interface.patch]
-3.2-upstream-stable: released (3.2.81) [ib-security-restrict-use-of-the-write-interface.patch]
-sid: released (4.5.3-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ib-security-restrict-use-of-the-write-interface.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-4580
===================================================================
--- active/CVE-2016-4580 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-4580 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,11 +0,0 @@
-Description: net: fix a kernel infoleak in x25 module
-References:
-Notes:
- For 4.5.x fixed in f7ee286fab0b55bf5908978c94e50d52e627b3ac
-Bugs:
-upstream: released (4.6) [79e48650320e6fba48369fccf13fd045315b19b8]
-3.16-upstream-stable: released (3.16.36) [net-fix-a-kernel-infoleak-in-x25-module.patch]
-3.2-upstream-stable: released (3.2.81) [net-fix-a-kernel-infoleak-in-x25-module.patch]
-sid: released (4.5.5-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-a-kernel-infoleak-in-x25-module.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-4581
===================================================================
--- active/CVE-2016-4581 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-4581 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description:
-References:
-Notes:
-Bugs:
-upstream: released (4.6-rc7) [5ec0811d30378ae104f250bfc9b3640242d81e3f]
-3.16-upstream-stable: released (3.16.36) [fs-pnode.c-treat-zero-mnt_group_id-s-as-unequal.patch, propogate_mnt-handle-the-first-propogated-copy-being-a-slave.patch]
-3.2-upstream-stable: N/A "Vulnerable code introduced with f2ebb3a921c1ca1e2ddd9242e95a1989a50c4c68 (3.15-rc1)"
-sid: released (4.5.4-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/fs-pnode.c-treat-zero-mnt_group_id-s-as-unequal.patch, bugfix/all/propogate_mnt-Handle-the-first-propogated-copy-being.patch]
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-4794
===================================================================
--- active/CVE-2016-4794 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-4794 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,16 +0,0 @@
-Description: Use-after-free in pcpu_extend_area_map, triggered by bpf()
-References:
- Reproducer: http://www.openwall.com/lists/oss-security/2016/05/12/6
- http://thread.gmane.org/gmane.linux.network/408459/
- http://article.gmane.org/gmane.linux.kernel/2227891
- http://article.gmane.org/gmane.linux.kernel/2227892
-Notes:
- bwh> It's not clear whether this is specific to bpf() or an existing bug
- bwh> that's now easier to hit (and exploit).
-Bugs:
-upstream: released (4.7-rc4) [4f996e234dad488e5d9ba0858bc1bae12eff82c3, 6710e594f71ccaad8101bc64321152af7cd9ea28]
-3.16-upstream-stable: N/A "Introduced with 1a4d76076cda and 9c824b6a172c in 3.18-rc1"
-3.2-upstream-stable: N/A "Introduced with 1a4d76076cda and 9c824b6a172c in 3.18-rc1"
-sid: released (4.6.2-2) [bugfix/all/percpu-fix-synchronization-between-chunk-map_extend_.patch, bugfix/all/percpu-fix-synchronization-between-synchronous-map-e.patch]
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-4805
===================================================================
--- active/CVE-2016-4805 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-4805 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description: use-after-free issue for ppp channel
-References:
-Notes: For 4.5.x in d1d87a48fa9731247424675f6abc5daba74ec3f8
-Bugs:
-upstream: released (4.6-rc1) [1f461dcdd296eecedaffffc6bae2bfa90bd7eb89]
-3.16-upstream-stable: released (3.16.35) [6ab3a4331a1de5a20c3dc97f5211d00f1b35ce50]
-3.2-upstream-stable: released (3.2.80) [7fda126c5155acc3e61596ce4c5dcf3859e22444]
-sid: released (4.5.2-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ppp-take-reference-on-channels-netns.patch]
-3.2-wheezy-security: released (3.2.81-1)
Deleted: active/CVE-2016-4913
===================================================================
--- active/CVE-2016-4913 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-4913 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,10 +0,0 @@
-Description: information leak in Rock Ridge Extensions to iso9660
-References:
-Notes:
-Bugs:
-upstream: released (4.6) [99d825822eade8d827a1817357cbf3f889a552d6]
-3.16-upstream-stable: released (3.16.36) [get_rock_ridge_filename-handle-malformed-nm-entries.patch]
-3.2-upstream-stable: released (3.2.81) [get_rock_ridge_filename-handle-malformed-nm-entries.patch]
-sid: released (4.5.4-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-nm-entries.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]
-3.2-wheezy-security: released (3.2.81-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]
Deleted: active/CVE-2016-partial-SMAP-bypass
===================================================================
--- active/CVE-2016-partial-SMAP-bypass 2016-06-28 07:32:18 UTC (rev 4498)
+++ active/CVE-2016-partial-SMAP-bypass 2016-06-28 08:34:54 UTC (rev 4499)
@@ -1,11 +0,0 @@
-Description: Partial SMAP bypass on 64-bit Linux kernels
-References:
- http://www.openwall.com/lists/oss-security/2016/02/26/6
-Notes:
-Bugs:
-upstream: released (4.5-rc6) [3d44d51bd339766f0178f0cf2e8d048b4a4872aa]
-3.16-upstream-stable: released (3.16.7-ckt26) [a39881d103f27702f8057051f59196375b905f6a]
-3.2-upstream-stable: N/A "Vulnerable code not present, introduced in 63bcff2a307b9bcc712a8251eb27df8b2e117967 (v3.10-rc1)"
-sid: released (4.4.4-1)
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-entry-compat-add-missing-clac-to-entry_int80_32.patch]
-3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2014-9903 (from rev 4498, active/CVE-2014-9903)
===================================================================
--- retired/CVE-2014-9903 (rev 0)
+++ retired/CVE-2014-9903 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description:
+References:
+Notes: Introduced in 3.14-rc1 with d50dde5a10f305253cbc3855307f608f8a3c5f73
+Bugs:
+upstream: released (3.14-rc4) [4efbc454ba68def5ef285b26ebfcfdb605b52755]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnreable code not present"
+sid: N/A "Vulnrable code not present"
+3.16-jessie-security: N/A "Vulnreable code not present"
+3.2-wheezy-security: N/A "Vulnreable code not present"
Copied: retired/CVE-2015-7515 (from rev 4498, active/CVE-2015-7515)
===================================================================
--- retired/CVE-2015-7515 (rev 0)
+++ retired/CVE-2015-7515 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,13 @@
+Description: aiptek: crash on invalid USB device descriptors
+References:
+ - https://bugzilla.redhat.com/show_bug.cgi?id=1285326
+ - https://www.spinics.net/lists/linux-input/msg42294.html
+ - https://os-s.net/advisories/OSS-2016-05_aiptek.pdf
+Notes:
+Bugs:
+upstream: released (4.4-rc6) [8e20cf2bce122ce9262d6034ee5d5b76fbb92f96]
+3.16-upstream-stable: released (3.16.7-ckt26) [24b12688c53a46545a723cf084e25afde2ba39f3]
+3.2-upstream-stable: released (3.2.79) [input-aiptek-fix-crash-on-detecting-device-without-endpoints.patch]
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-aiptek-fix-crash-on-detecting-device-without-e.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-0821 (from rev 4498, active/CVE-2016-0821)
===================================================================
--- retired/CVE-2016-0821 (rev 0)
+++ retired/CVE-2016-0821 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description: Too big poison pointer space
+References:
+Notes:
+Bugs:
+upstream: released (4.3-rc1) [8a5e5e02fc83aaf67053ab53b359af08c6c49aaf]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.79) [include-linux-poison.h-fix-list_poison-1-2-offset.patch]
+sid: released (4.3.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/include-linux-poison.h-fix-list_poison-1-2-offset.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-2117 (from rev 4498, active/CVE-2016-2117)
===================================================================
--- retired/CVE-2016-2117 (rev 0)
+++ retired/CVE-2016-2117 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,13 @@
+Description: memory disclosure into ethernet frames due to incorrect driver handling of scatter/gather IO
+References:
+ http://www.openwall.com/lists/oss-security/2016/03/16/7
+ https://bugzilla.novell.com/show_bug.cgi?id=968697
+ http://mid.gmane.org/0160420222308.GJ3348@decadent.org.uk
+Notes:
+Bugs:
+upstream: released (4.6-rc5) [f43bfaeddc79effbf3d0fcb53ca477cca66f3db8]
+3.16-upstream-stable: released (3.16.36) [atl2-disable-unimplemented-scatter-gather-feature.patch]
+3.2-upstream-stable: N/A ("scatter/gather cannot be enabled")
+sid: released (4.5.2-1) [bugfix/all/atl2-disable-unimplemented-scatter-gather-feature.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/atl2-disable-unimplemented-scatter-gather-feature.patch]
+3.2-wheezy-security: N/A ("scatter/gather cannot be enabled")
Copied: retired/CVE-2016-2143 (from rev 4498, active/CVE-2016-2143)
===================================================================
--- retired/CVE-2016-2143 (rev 0)
+++ retired/CVE-2016-2143 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,11 @@
+Description: s390/mm: page table corruption
+References:
+Notes:
+ Introduced since 6252d702c5311ce916caf75ed82e5c8245171c92 (v2.6.25-rc1)
+Bugs:
+upstream: released (4.5) [3446c13b268af86391d06611327006b059b8bab1]
+3.16-upstream-stable: released (3.16.35) [s390-mm-four-page-table-levels-vs.-fork.patch]
+3.2-upstream-stable: released (3.2.79) [s390-mm-four-page-table-levels-vs.-fork.patch]
+sid: released (4.4.6-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/s390/s390-mm-four-page-table-levels-vs.-fork.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-2184 (from rev 4498, active/CVE-2016-2184)
===================================================================
--- retired/CVE-2016-2184 (rev 0)
+++ retired/CVE-2016-2184 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,13 @@
+Description: Kernel panic on invalid USB device descriptor (snd_usb_audio driver)
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1317012
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283355
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283358
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [0f886ca12765d20124bd06291c82951fd49a33be, 447d6275f0c21f6cc97a88b3a0c601436a4cdf2a]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [alsa-usb-audio-fix-null-dereference-in-create_fixed_stream_quirk.patch, alsa-usb-audio-add-sanity-checks-for-endpoint-accesses.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/alsa-usb-audio-fix-null-dereference-in-create_fixed_.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-2185 (from rev 4498, active/CVE-2016-2185)
===================================================================
--- retired/CVE-2016-2185 (rev 0)
+++ retired/CVE-2016-2185 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,13 @@
+Description: Kernel panic on invalid USB device descriptor (ati_remote2 driver)
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1317014
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283362
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283363
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [input-ati_remote2-fix-crashes-on-detecting-device-with-invalid.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-ati_remote2-fix-crashes-on-detecting-device-wi.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-2186 (from rev 4498, active/CVE-2016-2186)
===================================================================
--- retired/CVE-2016-2186 (rev 0)
+++ retired/CVE-2016-2186 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,13 @@
+Description: Kernel panic on invalid USB device descriptor (powermate driver)
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1317015
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283384
+ http://marc.info/?l=linux-usb&m=145796479528669&w=2
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [9c6ba456711687b794dcf285856fc14e2c76074f]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [input-powermate-fix-oops-with-malicious-usb-descriptors.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-powermate-fix-oops-with-malicious-usb-descript.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-2187 (from rev 4498, active/CVE-2016-2187)
===================================================================
--- retired/CVE-2016-2187 (rev 0)
+++ retired/CVE-2016-2187 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,11 @@
+Description: Kernel panic on invalid USB device descriptor (gtco driver)
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1317017
+Notes:
+Bugs:
+upstream: released (4.6-rc5) [162f98dea487206d9ab79fc12ed64700667a894d]
+3.16-upstream-stable: released (3.16.36) [input-gtco-fix-crash-on-detecting-device-without-endpoints.patch]
+3.2-upstream-stable: released (3.2.81) [input-gtco-fix-crash-on-detecting-device-without-endpoints.patch]
+sid: released (4.5.2-1) [bugfix/all/input-gtco-fix-crash-on-detecting-device-without-end.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/input-gtco-fix-crash-on-detecting-device-without-end.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3070 (from rev 4498, active/CVE-2016-3070)
===================================================================
--- retired/CVE-2016-3070 (rev 0)
+++ retired/CVE-2016-3070 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,14 @@
+Description: Null pointer dereference in trace_writeback_dirty_page()
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1306851 (not yet public)
+Notes:
+ bwh> Problematic call sequence removed by upstream commit appears to be:
+ bwh> migrate_page_copy() -> __set_page_dirty_nobuffers()
+ bwh> -> account_page_dirtied() -> trace_writeback_dirty_page()
+Bugs:
+upstream: released (4.4-rc1) [42cb14b110a5698ccf26ce59c4441722605a3743]
+3.16-upstream-stable: released (3.16.36) [mm-migrate-dirty-page-without-clear_page_dirty_for_io-etc.patch]
+3.2-upstream-stable: N/A ("Vulnerable code not present")
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/mm-migrate-dirty-page-without-clear_page_dirty_for_io-etc.patch]
+3.2-wheezy-security: N/A ("Vulnerable code not present")
Copied: retired/CVE-2016-3134 (from rev 4498, active/CVE-2016-3134)
===================================================================
--- retired/CVE-2016-3134 (rev 0)
+++ retired/CVE-2016-3134 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,19 @@
+Description: netfilter IPT_SO_SET_REPLACE memory corruption
+References:
+ https://code.google.com/p/google-security-research/issues/detail?id=758
+ https://patchwork.ozlabs.org/patch/595575/
+ https://patchwork.ozlabs.org/patch/599721/
+ http://marc.info/?l=netfilter-devel&m=145757134822741&w=2
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=bdf533de6968e9686df777dc178486f600c6e617
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
+Notes:
+ carnil> Can be triggered by an unprivileged user on PF_INET sockets when
+ carnil> unprivileged user namespaces are available (CONFIG_USER_NS=y)
+ bwh> The upstream fixes (in davem/net.git) are the last two listed above
+Bugs:
+upstream: released (4.6-rc2) [bdf533de6968e9686df777dc178486f600c6e617, 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91]
+3.16-upstream-stable: released (3.16.35) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+3.2-upstream-stable: released (3.2.80) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+sid: released (4.5.1-1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3136 (from rev 4498, active/CVE-2016-3136)
===================================================================
--- retired/CVE-2016-3136 (rev 0)
+++ retired/CVE-2016-3136 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,12 @@
+Description: crash on invalid USB device descriptors (mct_u232 driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/57
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283370
+Notes:
+Bugs:
+upstream: released (4.6-rc3) [4e9a0b05257f29cf4b75f3209243ed71614d062e]
+3.16-upstream-stable: released (3.16.35) [usb-mct_u232-add-sanity-checking-in-probe.patch]
+3.2-upstream-stable: released (3.2.80) [usb-mct_u232-add-sanity-checking-in-probe.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-mct_u232-add-sanity-checking-in-probe.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3137 (from rev 4498, active/CVE-2016-3137)
===================================================================
--- retired/CVE-2016-3137 (rev 0)
+++ retired/CVE-2016-3137 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,12 @@
+Description: crash on invalid USB device descriptors (cypress_m8 driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/55
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283368
+Notes:
+Bugs:
+upstream: released (4.6-rc3) [c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754]
+3.16-upstream-stable: released (3.16.35) [usb-cypress_m8-add-endpoint-sanity-check.patch]
+3.2-upstream-stable: released (3.2.80) [usb-cypress_m8-add-endpoint-sanity-check.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-cypress_m8-add-endpoint-sanity-check.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3138 (from rev 4498, active/CVE-2016-3138)
===================================================================
--- retired/CVE-2016-3138 (rev 0)
+++ retired/CVE-2016-3138 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,12 @@
+Description: crash on invalid USB device descriptors (cdc_acm driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/54
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283366
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [8835ba4a39cf53f705417b3b3a94eb067673f2c9]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [usb-cdc-acm-more-sanity-checking.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-cdc-acm-more-sanity-checking.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3140 (from rev 4498, active/CVE-2016-3140)
===================================================================
--- retired/CVE-2016-3140 (rev 0)
+++ retired/CVE-2016-3140 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,13 @@
+Description: crash on invalid USB device descriptors (digi_acceleport driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/61
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283378
+Notes:
+ Proposed patch: http://marc.info/?l=linux-usb&m=145796765030590&w=2
+Bugs:
+upstream: released (4.6-rc3) [5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f]
+3.16-upstream-stable: released (3.16.35) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
+3.2-upstream-stable: released (3.2.80) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-digi_acceleport-do-sanity-checking-for-the-numbe.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3156 (from rev 4498, active/CVE-2016-3156)
===================================================================
--- retired/CVE-2016-3156 (rev 0)
+++ retired/CVE-2016-3156 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description: ipv4: Don't do expensive useless work during inetdev destroy
+References:
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [fbd40ea0180a2d328c5adc61414dc8bab9335ce2]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: N/A "Not a security issue since containers are not supported"
+sid: released (4.5.1-1) [bugfix/all/ipv4-don-t-do-expensive-useless-work-during-inetdev-.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ipv4-don-t-do-expensive-useless-work-during-inetdev-.patch]
+3.2-wheezy-security: N/A "Not a security issue since containers are not supported"
Copied: retired/CVE-2016-3157 (from rev 4498, active/CVE-2016-3157)
===================================================================
--- retired/CVE-2016-3157 (rev 0)
+++ retired/CVE-2016-3157 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,11 @@
+Description: I/O port access privilege escalation in x86-64 Linux under Xen
+References:
+ http://xenbits.xen.org/xsa/advisory-171.html
+Notes:
+Bugs:
+upstream: released (4.6-rc1) [b7a584598aea7ca73140cb87b40319944dd3393f]
+3.16-upstream-stable: released (3.16.7-ckt27)
+3.2-upstream-stable: released (3.2.80) [x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3672 (from rev 4498, active/CVE-2016-3672)
===================================================================
--- retired/CVE-2016-3672 (rev 0)
+++ retired/CVE-2016-3672 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,14 @@
+Description: Unlimiting the stack disables ASLR on i386
+References:
+ http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html
+Notes:
+ bwh> This problem has been known for a long time; I don't know why it got
+ bwh> a 2016 CVE ID. There is some risk of regression so we should
+ bwh> probably wait a while before backporting.
+Bugs:
+upstream: released (4.6-rc1) [8b8addf891de8a00e4d39fc32f93f7c5eb8feceb]
+3.16-upstream-stable: released (3.16.35) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
+3.2-upstream-stable: released (3.2.80) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
+sid: released (4.5.1-1) [bugfix/all/x86-mm-32-enable-full-randomization-on-i386-and-x86_.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-standardize-mmap_rnd-usage.patch, bugfix/x86/x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3951 (from rev 4498, active/CVE-2016-3951)
===================================================================
--- retired/CVE-2016-3951 (rev 0)
+++ retired/CVE-2016-3951 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,11 @@
+Description: usbnet: memory corruption triggered by invalid USB descriptor
+References:
+Notes:
+ bwh> First part was included in 3.16.7-ckt26 and doesn't seem to be needed for 3.2
+Bugs:
+upstream: released (4.5) [4d06dd537f95683aba3651098ae288b7cbff8274, 1666984c8625b3db19a9abc298931d35ab7bc64b]
+3.16-upstream-stable: released (3.16.35) [usbnet-cleanup-after-bind-in-probe.patch]
+3.2-upstream-stable: released (3.2.80) [usbnet-cleanup-after-bind-in-probe.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/cdc_ncm-do-not-call-usbnet_link_change-from-cdc_ncm_.patch, bugfix/all/usbnet-cleanup-after-bind-in-probe.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3955 (from rev 4498, active/CVE-2016-3955)
===================================================================
--- retired/CVE-2016-3955 (rev 0)
+++ retired/CVE-2016-3955 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description: remote buffer overflow in usbip
+References:
+Notes:
+Bugs:
+upstream: released (4.6-rc3) [b348d7dddb6c4fbfc810b7a0626e8ec9e29f7cbb]
+3.16-upstream-stable: released (3.16.35) [usb-usbip-fix-potential-out-of-bounds-write.patch]
+3.2-upstream-stable: released (3.2.80) [usb-usbip-fix-potential-out-of-bounds-write.patch]
+sid: released (4.5.2-1) [bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-3961 (from rev 4498, active/CVE-2016-3961)
===================================================================
--- retired/CVE-2016-3961 (rev 0)
+++ retired/CVE-2016-3961 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,11 @@
+Description: XSA-174: hugetlbfs use may crash PV Linux guests
+References:
+ http://xenbits.xen.org/xsa/advisory-174.html
+Notes:
+Bugs:
+upstream: released (4.6-rc5) [103f6112f253017d7062cd74d17f4a514ed4485c]
+3.16-upstream-stable: released (3.16.36) [mm-hugetlb-allow-hugepages_supported-to-be-architecture-specific.patch, x86-mm-xen-suppress-hugetlbfs-in-pv-guests.patch]
+3.2-upstream-stable: released (3.2.81) [hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, mm-hugetlb-allow-hugepages_supported-to-be-architecture-specific.patch, x86-mm-xen-suppress-hugetlbfs-in-pv-guests.patch]
+sid: released (4.5.2-1) [bugfix/x86/x86-xen-suppress-hugetlbfs-in-PV-guests.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]
Copied: retired/CVE-2016-4485 (from rev 4498, active/CVE-2016-4485)
===================================================================
--- retired/CVE-2016-4485 (rev 0)
+++ retired/CVE-2016-4485 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description: information leak vulnerability in llc module
+References:
+Notes:
+Bugs:
+upstream: released (4.6) [b8670c09f37bdf2847cc44f36511a53afc6161fd]
+3.16-upstream-stable: released (3.16.36) [net-fix-infoleak-in-llc.patch]
+3.2-upstream-stable: released (3.2.81) [net-fix-infoleak-in-llc.patch]
+sid: released (4.5.4-1) [bugfix/all/net-fix-infoleak-in-llc.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-infoleak-in-llc.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-4486 (from rev 4498, active/CVE-2016-4486)
===================================================================
--- retired/CVE-2016-4486 (rev 0)
+++ retired/CVE-2016-4486 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description: information leak vulnerability in rtnetlink
+References:
+Notes:
+Bugs:
+upstream: released (4.6) [5f8e44741f9f216e33736ea4ec65ca9ac03036e6]
+3.16-upstream-stable: released (3.16.36) [net-fix-infoleak-in-rtnetlink.patch]
+3.2-upstream-stable: released (3.2.81) [net-fix-infoleak-in-rtnetlink.patch]
+sid: released (4.5.4-1) [bugfix/all/net-fix-infoleak-in-rtnetlink.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-infoleak-in-rtnetlink.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-4565 (from rev 4498, active/CVE-2016-4565)
===================================================================
--- retired/CVE-2016-4565 (rev 0)
+++ retired/CVE-2016-4565 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description: Privilege escalation through misuse of write() in RDMA APIs
+References:
+Notes:
+Bugs:
+upstream: released (4.6-rc6) [e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3]
+3.16-upstream-stable: released (3.16.36) [ib-security-restrict-use-of-the-write-interface.patch]
+3.2-upstream-stable: released (3.2.81) [ib-security-restrict-use-of-the-write-interface.patch]
+sid: released (4.5.3-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ib-security-restrict-use-of-the-write-interface.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-4580 (from rev 4498, active/CVE-2016-4580)
===================================================================
--- retired/CVE-2016-4580 (rev 0)
+++ retired/CVE-2016-4580 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,11 @@
+Description: net: fix a kernel infoleak in x25 module
+References:
+Notes:
+ For 4.5.x fixed in f7ee286fab0b55bf5908978c94e50d52e627b3ac
+Bugs:
+upstream: released (4.6) [79e48650320e6fba48369fccf13fd045315b19b8]
+3.16-upstream-stable: released (3.16.36) [net-fix-a-kernel-infoleak-in-x25-module.patch]
+3.2-upstream-stable: released (3.2.81) [net-fix-a-kernel-infoleak-in-x25-module.patch]
+sid: released (4.5.5-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/net-fix-a-kernel-infoleak-in-x25-module.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-4581 (from rev 4498, active/CVE-2016-4581)
===================================================================
--- retired/CVE-2016-4581 (rev 0)
+++ retired/CVE-2016-4581 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description:
+References:
+Notes:
+Bugs:
+upstream: released (4.6-rc7) [5ec0811d30378ae104f250bfc9b3640242d81e3f]
+3.16-upstream-stable: released (3.16.36) [fs-pnode.c-treat-zero-mnt_group_id-s-as-unequal.patch, propogate_mnt-handle-the-first-propogated-copy-being-a-slave.patch]
+3.2-upstream-stable: N/A "Vulnerable code introduced with f2ebb3a921c1ca1e2ddd9242e95a1989a50c4c68 (3.15-rc1)"
+sid: released (4.5.4-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/fs-pnode.c-treat-zero-mnt_group_id-s-as-unequal.patch, bugfix/all/propogate_mnt-Handle-the-first-propogated-copy-being.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-4794 (from rev 4498, active/CVE-2016-4794)
===================================================================
--- retired/CVE-2016-4794 (rev 0)
+++ retired/CVE-2016-4794 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,16 @@
+Description: Use-after-free in pcpu_extend_area_map, triggered by bpf()
+References:
+ Reproducer: http://www.openwall.com/lists/oss-security/2016/05/12/6
+ http://thread.gmane.org/gmane.linux.network/408459/
+ http://article.gmane.org/gmane.linux.kernel/2227891
+ http://article.gmane.org/gmane.linux.kernel/2227892
+Notes:
+ bwh> It's not clear whether this is specific to bpf() or an existing bug
+ bwh> that's now easier to hit (and exploit).
+Bugs:
+upstream: released (4.7-rc4) [4f996e234dad488e5d9ba0858bc1bae12eff82c3, 6710e594f71ccaad8101bc64321152af7cd9ea28]
+3.16-upstream-stable: N/A "Introduced with 1a4d76076cda and 9c824b6a172c in 3.18-rc1"
+3.2-upstream-stable: N/A "Introduced with 1a4d76076cda and 9c824b6a172c in 3.18-rc1"
+sid: released (4.6.2-2) [bugfix/all/percpu-fix-synchronization-between-chunk-map_extend_.patch, bugfix/all/percpu-fix-synchronization-between-synchronous-map-e.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-4805 (from rev 4498, active/CVE-2016-4805)
===================================================================
--- retired/CVE-2016-4805 (rev 0)
+++ retired/CVE-2016-4805 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description: use-after-free issue for ppp channel
+References:
+Notes: For 4.5.x in d1d87a48fa9731247424675f6abc5daba74ec3f8
+Bugs:
+upstream: released (4.6-rc1) [1f461dcdd296eecedaffffc6bae2bfa90bd7eb89]
+3.16-upstream-stable: released (3.16.35) [6ab3a4331a1de5a20c3dc97f5211d00f1b35ce50]
+3.2-upstream-stable: released (3.2.80) [7fda126c5155acc3e61596ce4c5dcf3859e22444]
+sid: released (4.5.2-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ppp-take-reference-on-channels-netns.patch]
+3.2-wheezy-security: released (3.2.81-1)
Copied: retired/CVE-2016-4913 (from rev 4498, active/CVE-2016-4913)
===================================================================
--- retired/CVE-2016-4913 (rev 0)
+++ retired/CVE-2016-4913 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,10 @@
+Description: information leak in Rock Ridge Extensions to iso9660
+References:
+Notes:
+Bugs:
+upstream: released (4.6) [99d825822eade8d827a1817357cbf3f889a552d6]
+3.16-upstream-stable: released (3.16.36) [get_rock_ridge_filename-handle-malformed-nm-entries.patch]
+3.2-upstream-stable: released (3.2.81) [get_rock_ridge_filename-handle-malformed-nm-entries.patch]
+sid: released (4.5.4-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-nm-entries.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]
Copied: retired/CVE-2016-partial-SMAP-bypass (from rev 4498, active/CVE-2016-partial-SMAP-bypass)
===================================================================
--- retired/CVE-2016-partial-SMAP-bypass (rev 0)
+++ retired/CVE-2016-partial-SMAP-bypass 2016-06-28 08:34:54 UTC (rev 4499)
@@ -0,0 +1,11 @@
+Description: Partial SMAP bypass on 64-bit Linux kernels
+References:
+ http://www.openwall.com/lists/oss-security/2016/02/26/6
+Notes:
+Bugs:
+upstream: released (4.5-rc6) [3d44d51bd339766f0178f0cf2e8d048b4a4872aa]
+3.16-upstream-stable: released (3.16.7-ckt26) [a39881d103f27702f8057051f59196375b905f6a]
+3.2-upstream-stable: N/A "Vulnerable code not present, introduced in 63bcff2a307b9bcc712a8251eb27df8b2e117967 (v3.10-rc1)"
+sid: released (4.4.4-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-entry-compat-add-missing-clac-to-entry_int80_32.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list