[kernel-sec-discuss] r4684 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Nov 4 07:17:10 UTC 2016


Author: carnil
Date: 2016-11-04 07:17:10 +0000 (Fri, 04 Nov 2016)
New Revision: 4684

Added:
   active/CVE-2015-8970
Removed:
   active/CVE-2016-crypto-GPF-in-lrw_crypt-caused-by-null-deref
Log:
CVE-2015-8970 assigned

Copied: active/CVE-2015-8970 (from rev 4683, active/CVE-2016-crypto-GPF-in-lrw_crypt-caused-by-null-deref)
===================================================================
--- active/CVE-2015-8970	                        (rev 0)
+++ active/CVE-2015-8970	2016-11-04 07:17:10 UTC (rev 4684)
@@ -0,0 +1,21 @@
+Description: crypto: GPF in lrw_crypt caused by null-deref
+References:
+Notes:
+ carnil> dd504589577d8e8e70f51f997ad487a4cb6c026f is the initial patch
+ carnil> followed by a set of related patches. Possibly related:
+ carnil> dd504589577d8e8e70f51f997ad487a4cb6c026f crypto: algif_skcipher - Require setkey before accept(2)
+ carnil> c840ac6af3f8713a71b4d2363419145760bd6044 crypto: af_alg - Disallow bind/setkey/... after accept(2)
+ carnil> a383292c86663bbc31ac62cc0c04fc77504636a6 crypto: af_alg - Fix socket double-free when accept fails
+ carnil> 37766586c965d63758ad542325a96d5384f4a8c9 crypto: af_alg - Add nokey compatibility path
+ carnil> a0fa2d037129a9849918a92d91b79ed6c7bd2818 crypto: algif_skcipher - Add nokey compatibility path
+ carnil> a5596d6332787fd383b3b5427b41f94254430827 crypto: hash - Add crypto_ahash_has_setkey
+ carnil> 6de62f15b581f920ade22d758f4c338311c2f0d4 crypto: algif_hash - Require setkey before accept(2)
+ carnil> a1383cd86a062fc798899ab20f0ec2116cce39cb crypto: skcipher - Add crypto_skcipher_has_setkey
+ carnil> 6e8d8ecf438792ecf7a3207488fb4eebc4edb040 crypto: algif_skcipher - Add key check exception for cipher_null
+Bugs:
+upstream: released (4.5-rc1) [dd504589577d8e8e70f51f997ad487a4cb6c026f]
+3.16-upstream-stable:
+3.2-upstream-stable:
+sid: released (4.4.2-1)
+3.16-jessie-security:
+3.2-wheezy-security:

Deleted: active/CVE-2016-crypto-GPF-in-lrw_crypt-caused-by-null-deref
===================================================================
--- active/CVE-2016-crypto-GPF-in-lrw_crypt-caused-by-null-deref	2016-11-04 07:16:18 UTC (rev 4683)
+++ active/CVE-2016-crypto-GPF-in-lrw_crypt-caused-by-null-deref	2016-11-04 07:17:10 UTC (rev 4684)
@@ -1,21 +0,0 @@
-Description: crypto: GPF in lrw_crypt caused by null-deref
-References:
-Notes:
- carnil> dd504589577d8e8e70f51f997ad487a4cb6c026f is the initial patch
- carnil> followed by a set of related patches. Possibly related:
- carnil> dd504589577d8e8e70f51f997ad487a4cb6c026f crypto: algif_skcipher - Require setkey before accept(2)
- carnil> c840ac6af3f8713a71b4d2363419145760bd6044 crypto: af_alg - Disallow bind/setkey/... after accept(2)
- carnil> a383292c86663bbc31ac62cc0c04fc77504636a6 crypto: af_alg - Fix socket double-free when accept fails
- carnil> 37766586c965d63758ad542325a96d5384f4a8c9 crypto: af_alg - Add nokey compatibility path
- carnil> a0fa2d037129a9849918a92d91b79ed6c7bd2818 crypto: algif_skcipher - Add nokey compatibility path
- carnil> a5596d6332787fd383b3b5427b41f94254430827 crypto: hash - Add crypto_ahash_has_setkey
- carnil> 6de62f15b581f920ade22d758f4c338311c2f0d4 crypto: algif_hash - Require setkey before accept(2)
- carnil> a1383cd86a062fc798899ab20f0ec2116cce39cb crypto: skcipher - Add crypto_skcipher_has_setkey
- carnil> 6e8d8ecf438792ecf7a3207488fb4eebc4edb040 crypto: algif_skcipher - Add key check exception for cipher_null
-Bugs:
-upstream: released (4.5-rc1) [dd504589577d8e8e70f51f997ad487a4cb6c026f]
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid: released (4.4.2-1)
-3.16-jessie-security:
-3.2-wheezy-security:




More information about the kernel-sec-discuss mailing list