[kernel-sec-discuss] r4738 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 28 19:21:47 UTC 2016
Author: carnil
Date: 2016-11-28 19:21:47 +0000 (Mon, 28 Nov 2016)
New Revision: 4738
Added:
retired/CVE-2015-8956
retired/CVE-2016-6480
retired/CVE-2016-6828
retired/CVE-2016-7042
retired/CVE-2016-7425
Removed:
active/CVE-2015-8956
active/CVE-2016-6480
active/CVE-2016-6828
active/CVE-2016-7042
active/CVE-2016-7425
Log:
Retire some CVEs fixed everywhere
Deleted: active/CVE-2015-8956
===================================================================
--- active/CVE-2015-8956 2016-11-28 19:03:30 UTC (rev 4737)
+++ active/CVE-2015-8956 2016-11-28 19:21:47 UTC (rev 4738)
@@ -1,12 +0,0 @@
-Description: Potential null dereference in rfcomm protocol
-References:
-Notes:
- bwh> This is minor for 3.2 as the only dereference is in a conditional
- bwh> logging statement which is disabled by default.
-Bugs:
-upstream: released (4.2-rc1) [951b6a0717db97ce420547222647bcc40bf1eacd]
-3.16-upstream-stable: released (3.16.39) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch]
-3.2-upstream-stable: released (3.2.84) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch]
-sid: released (4.2.1-1)
-3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch]
-3.2-wheezy-security: released (3.2.82-1) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch]
Deleted: active/CVE-2016-6480
===================================================================
--- active/CVE-2016-6480 2016-11-28 19:03:30 UTC (rev 4737)
+++ active/CVE-2016-6480 2016-11-28 19:21:47 UTC (rev 4738)
@@ -1,13 +0,0 @@
-Description: scsi: aacraid: double fetch in ioctl_send_fib()
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=116751
- http://seclists.org/bugtraq/2016/Aug/15
- Introduced by 7c00ffa314bf0fb0e23858bbebad33b48b6abbb9 (2.6.13-rc1)
-Notes:
-Bugs:
-upstream: released (4.8-rc3) [fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3]
-3.16-upstream-stable: released (3.16.39) [aacraid-check-size-values-after-double-fetch-from-user.patch]
-3.2-upstream-stable: released (3.2.84) [aacraid-check-size-values-after-double-fetch-from-user.patch]
-sid: released (4.7.2-1) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch]
-3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/aacraid-Check-size-values-after-double-fetch-from-us.patch]
-3.2-wheezy-security: released (3.2.81-2) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch]
Deleted: active/CVE-2016-6828
===================================================================
--- active/CVE-2016-6828 2016-11-28 19:03:30 UTC (rev 4737)
+++ active/CVE-2016-6828 2016-11-28 19:21:47 UTC (rev 4738)
@@ -1,12 +0,0 @@
-Description: Linux tcp_xmit_retransmit_queue use after free
-References:
- http://www.openwall.com/lists/oss-security/2016/08/15/1
- https://www.spinics.net/lists/netdev/msg390257.html
-Notes:
-Bugs:
-upstream: released (4.8-rc5) [bb1fceca22492109be12640d49f5ea5a544c6bb4]
-3.16-upstream-stable: released (3.16.39) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
-3.2-upstream-stable: released (3.2.84) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
-sid: released (4.7.2-1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
-3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
-3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
Deleted: active/CVE-2016-7042
===================================================================
--- active/CVE-2016-7042 2016-11-28 19:03:30 UTC (rev 4737)
+++ active/CVE-2016-7042 2016-11-28 19:21:47 UTC (rev 4738)
@@ -1,12 +0,0 @@
-Description:
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1373966
- https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch)
-Notes:
-Bugs:
-upstream: released (4.9-rc3) [03dab869b7b239c4e013ec82aea22e181e441cfc]
-3.16-upstream-stable: released (3.16.39) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch]
-3.2-upstream-stable: released (3.2.84) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch]
-sid: released (4.7.8-1) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch]
-3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch]
-3.2-wheezy-security: released (3.2.82-1) [bugfix/all/keys-fix-short-sprintf-buffer-in-proc-keys-show-func.patch]
Deleted: active/CVE-2016-7425
===================================================================
--- active/CVE-2016-7425 2016-11-28 19:03:30 UTC (rev 4737)
+++ active/CVE-2016-7425 2016-11-28 19:21:47 UTC (rev 4738)
@@ -1,12 +0,0 @@
-Description:
-References:
- http://marc.info/?l=linux-scsi&m=147394713328707&w=2
- http://marc.info/?l=linux-scsi&m=147394796228991&w=2
-Notes:
-Bugs:
-upstream: released (4.9-rc1) [7bc2b55a5c030685b399bb65b6baa9ccc3d1f167]
-3.16-upstream-stable: released (3.16.39) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch]
-3.2-upstream-stable: released (3.2.84) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch]
-sid: released (4.7.8-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch]
-3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/scsi-arcmsr-Buffer-overflow-in-arcmsr_iop_message_xf.patch]
-3.2-wheezy-security: released (3.2.82-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch]
Copied: retired/CVE-2015-8956 (from rev 4737, active/CVE-2015-8956)
===================================================================
--- retired/CVE-2015-8956 (rev 0)
+++ retired/CVE-2015-8956 2016-11-28 19:21:47 UTC (rev 4738)
@@ -0,0 +1,12 @@
+Description: Potential null dereference in rfcomm protocol
+References:
+Notes:
+ bwh> This is minor for 3.2 as the only dereference is in a conditional
+ bwh> logging statement which is disabled by default.
+Bugs:
+upstream: released (4.2-rc1) [951b6a0717db97ce420547222647bcc40bf1eacd]
+3.16-upstream-stable: released (3.16.39) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch]
+3.2-upstream-stable: released (3.2.84) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch]
+sid: released (4.2.1-1)
+3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch]
+3.2-wheezy-security: released (3.2.82-1) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch]
Copied: retired/CVE-2016-6480 (from rev 4737, active/CVE-2016-6480)
===================================================================
--- retired/CVE-2016-6480 (rev 0)
+++ retired/CVE-2016-6480 2016-11-28 19:21:47 UTC (rev 4738)
@@ -0,0 +1,13 @@
+Description: scsi: aacraid: double fetch in ioctl_send_fib()
+References:
+ https://bugzilla.kernel.org/show_bug.cgi?id=116751
+ http://seclists.org/bugtraq/2016/Aug/15
+ Introduced by 7c00ffa314bf0fb0e23858bbebad33b48b6abbb9 (2.6.13-rc1)
+Notes:
+Bugs:
+upstream: released (4.8-rc3) [fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3]
+3.16-upstream-stable: released (3.16.39) [aacraid-check-size-values-after-double-fetch-from-user.patch]
+3.2-upstream-stable: released (3.2.84) [aacraid-check-size-values-after-double-fetch-from-user.patch]
+sid: released (4.7.2-1) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch]
+3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/aacraid-Check-size-values-after-double-fetch-from-us.patch]
+3.2-wheezy-security: released (3.2.81-2) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch]
Copied: retired/CVE-2016-6828 (from rev 4737, active/CVE-2016-6828)
===================================================================
--- retired/CVE-2016-6828 (rev 0)
+++ retired/CVE-2016-6828 2016-11-28 19:21:47 UTC (rev 4738)
@@ -0,0 +1,12 @@
+Description: Linux tcp_xmit_retransmit_queue use after free
+References:
+ http://www.openwall.com/lists/oss-security/2016/08/15/1
+ https://www.spinics.net/lists/netdev/msg390257.html
+Notes:
+Bugs:
+upstream: released (4.8-rc5) [bb1fceca22492109be12640d49f5ea5a544c6bb4]
+3.16-upstream-stable: released (3.16.39) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
+3.2-upstream-stable: released (3.2.84) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
+sid: released (4.7.2-1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
+3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
+3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
Copied: retired/CVE-2016-7042 (from rev 4737, active/CVE-2016-7042)
===================================================================
--- retired/CVE-2016-7042 (rev 0)
+++ retired/CVE-2016-7042 2016-11-28 19:21:47 UTC (rev 4738)
@@ -0,0 +1,12 @@
+Description:
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1373966
+ https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch)
+Notes:
+Bugs:
+upstream: released (4.9-rc3) [03dab869b7b239c4e013ec82aea22e181e441cfc]
+3.16-upstream-stable: released (3.16.39) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch]
+3.2-upstream-stable: released (3.2.84) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch]
+sid: released (4.7.8-1) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch]
+3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch]
+3.2-wheezy-security: released (3.2.82-1) [bugfix/all/keys-fix-short-sprintf-buffer-in-proc-keys-show-func.patch]
Copied: retired/CVE-2016-7425 (from rev 4737, active/CVE-2016-7425)
===================================================================
--- retired/CVE-2016-7425 (rev 0)
+++ retired/CVE-2016-7425 2016-11-28 19:21:47 UTC (rev 4738)
@@ -0,0 +1,12 @@
+Description:
+References:
+ http://marc.info/?l=linux-scsi&m=147394713328707&w=2
+ http://marc.info/?l=linux-scsi&m=147394796228991&w=2
+Notes:
+Bugs:
+upstream: released (4.9-rc1) [7bc2b55a5c030685b399bb65b6baa9ccc3d1f167]
+3.16-upstream-stable: released (3.16.39) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch]
+3.2-upstream-stable: released (3.2.84) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch]
+sid: released (4.7.8-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch]
+3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/scsi-arcmsr-Buffer-overflow-in-arcmsr_iop_message_xf.patch]
+3.2-wheezy-security: released (3.2.82-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch]
More information about the kernel-sec-discuss
mailing list