[kernel-sec-discuss] r4211 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Mar 2 17:31:59 UTC 2016 

Author: carnil
Date: 2016-03-02 17:31:59 +0000 (Wed, 02 Mar 2016)
New Revision: 4211

Added:
   active/CVE-2015-8830
Removed:
   active/CVE-2016-aio-oflow
Log:
CVE-2015-8830 assigned

Copied: active/CVE-2015-8830 (from rev 4210, active/CVE-2016-aio-oflow)
===================================================================
--- active/CVE-2015-8830	                        (rev 0)
+++ active/CVE-2015-8830	2016-03-02 17:31:59 UTC (rev 4211)
@@ -0,0 +1,15 @@
+Description: aio write triggers integer overflow in some network protocols
+References:
+ https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit?id=c4f4b82694fe48b02f7a881a1797131a6dad1364
+ https://lkml.org/lkml/2016/2/23/1018
+ https://code.google.com/p/google-security-research/issues/detail?id=735
+Notes:
+ bwh> An identical issue was previously fixed by commit a70b52ec1aae, but
+ bwh> commit 41ef4eb8eef8 removed the fix.
+Bugs:
+upstream: released (4.1-rc1) [4c185ce06dca14f5cea192f5a2c981ef50663f2b]
+3.16-upstream-stable: needed
+3.2-upstream-stable: N/A "Includes previous fix and not the regression"
+sid: released (4.1.3-1)
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/aio-properly-check-iovec-sizes.patch]
+3.2-wheezy-security: N/A "Includes previous fix and not the regression"

Deleted: active/CVE-2016-aio-oflow
===================================================================
--- active/CVE-2016-aio-oflow	2016-03-01 15:59:08 UTC (rev 4210)
+++ active/CVE-2016-aio-oflow	2016-03-02 17:31:59 UTC (rev 4211)
@@ -1,15 +0,0 @@
-Description: aio write triggers integer overflow in some network protocols
-References:
- https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit?id=c4f4b82694fe48b02f7a881a1797131a6dad1364
- https://lkml.org/lkml/2016/2/23/1018
- https://code.google.com/p/google-security-research/issues/detail?id=735
-Notes:
- bwh> An identical issue was previously fixed by commit a70b52ec1aae, but
- bwh> commit 41ef4eb8eef8 removed the fix.
-Bugs:
-upstream: released (4.1-rc1) [4c185ce06dca14f5cea192f5a2c981ef50663f2b]
-3.16-upstream-stable: needed
-3.2-upstream-stable: N/A "Includes previous fix and not the regression"
-sid: released (4.1.3-1)
-3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/aio-properly-check-iovec-sizes.patch]
-3.2-wheezy-security: N/A "Includes previous fix and not the regression"

More information about the kernel-sec-discuss mailing list