[kernel-sec-discuss] r4618 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Sep 4 17:14:01 UTC 2016
Author: carnil
Date: 2016-09-04 17:14:01 +0000 (Sun, 04 Sep 2016)
New Revision: 4618
Added:
retired/CVE-2016-4470
retired/CVE-2016-5400
retired/CVE-2016-5696
retired/CVE-2016-5829
retired/CVE-2016-6136
retired/CVE-2016-6156
retired/CVE-2016-6516
Removed:
active/CVE-2016-4470
active/CVE-2016-5400
active/CVE-2016-5696
active/CVE-2016-5829
active/CVE-2016-6136
active/CVE-2016-6156
active/CVE-2016-6516
Log:
Retiire some CVEs
Deleted: active/CVE-2016-4470
===================================================================
--- active/CVE-2016-4470 2016-09-04 08:13:19 UTC (rev 4617)
+++ active/CVE-2016-4470 2016-09-04 17:14:01 UTC (rev 4618)
@@ -1,10 +0,0 @@
-Description: Uninitialized variable in request_key handling causes kernel crash in error handling path
-References:
-Notes:
-Bugs:
-upstream: released (4.7-rc4) [38327424b40bcebe2de92d07312c89360ac9229a]
-3.16-upstream-stable: released (3.16.37) [keys-potential-uninitialized-variable.patch]
-3.2-upstream-stable: released (3.2.82) [keys-potential-uninitialized-variable.patch]
-sid: released (4.6.2-2) [bugfix/all/keys-potential-uninitialized-variable.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/keys-potential-uninitialized-variable.patch]
-3.2-wheezy-security: released (3.2.81-2) [bugfix/all/keys-potential-uninitialized-variable.patch]
Deleted: active/CVE-2016-5400
===================================================================
--- active/CVE-2016-5400 2016-09-04 08:13:19 UTC (rev 4617)
+++ active/CVE-2016-5400 2016-09-04 17:14:01 UTC (rev 4618)
@@ -1,11 +0,0 @@
-Description: memory leak in airspy usb driver
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1358184
-Notes:
-Bugs:
-upstream: released (4.7) [aa93d1fee85c890a34f2510a310e55ee76a27848]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.7.2-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-5696
===================================================================
--- active/CVE-2016-5696 2016-09-04 08:13:19 UTC (rev 4617)
+++ active/CVE-2016-5696 2016-09-04 17:14:01 UTC (rev 4618)
@@ -1,18 +0,0 @@
-Description: challenge ACK counter information disclosure
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1354708
- https://www.mail-archive.com/netdev@vger.kernel.org/msg118824.html
-Notes:
- RFC 5961 3.2 has been implemented in v3.6-rc1 with commit
- 282f23c6ee343126156dd41218b22ece96d747e3 . But it seems to have
- been backported to older versions as well (including 3.2.x)
- .
- Additionally (but not strictly needed for the CVE, AFAICT), the commit
- 083ae308280d13d187512b9babe3454342a7987e might be added as well.
-Bugs:
-upstream: released (4.7) [75ff39ccc1bd5d3c455b6822ab09e533c551f758]
-3.16-upstream-stable: released (3.16.37) [tcp-make-challenge-acks-less-predictable.patch]
-3.2-upstream-stable: released (3.2.82) [tcp-make-challenge-acks-less-predictable.patch]
-sid: released (4.7.2-1)
-3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
-3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
Deleted: active/CVE-2016-5829
===================================================================
--- active/CVE-2016-5829 2016-09-04 08:13:19 UTC (rev 4617)
+++ active/CVE-2016-5829 2016-09-04 17:14:01 UTC (rev 4618)
@@ -1,10 +0,0 @@
-Description: HID: hiddev buffer overflows
-References:
-Notes:
-Bugs:
-upstream: released (4.7-rc5) [93a2001bdfd5376c3dc2158653034c20392d15c5]
-3.16-upstream-stable: released (3.16.37) [hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch]
-3.2-upstream-stable: released (3.2.82) [hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch]
-sid: released (4.6.3-1) [bugfix/all/HID-hiddev-validate-num_values-for-HIDIOCGUSAGES-HID.patch]
-3.16-jessie-security: released (3.16.7-ckt25-2+deb8u3) [bugfix/all/hid-hiddev-validate-num_values-for-hidiocgusages-hid.patch]
-3.2-wheezy-security: released (3.2.81-2) [bugfix/all/hid-hiddev-validate-num_values-for-hidiocgusages-hid.patch]
Deleted: active/CVE-2016-6136
===================================================================
--- active/CVE-2016-6136 2016-09-04 08:13:19 UTC (rev 4617)
+++ active/CVE-2016-6136 2016-09-04 17:14:01 UTC (rev 4618)
@@ -1,13 +0,0 @@
-Description:
-References:
- https://bugzilla.kernel.org/show_bug.cgi?id=120681
- https://github.com/linux-audit/audit-kernel/issues/18
- https://www.redhat.com/archives/linux-audit/2016-July/msg00120.html
-Notes:
-Bugs:
-upstream: released (4.8-rc1) [43761473c254b45883a64441dd0bc85a42f3645c]
-3.16-upstream-stable: released (3.16.37) [audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
-3.2-upstream-stable: released (3.2.82) [audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
-sid: released (4.7.2-1)
-3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
-3.2-wheezy-security: released (3.2.81-2) [bugfix/all/audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
Deleted: active/CVE-2016-6156
===================================================================
--- active/CVE-2016-6156 2016-09-04 08:13:19 UTC (rev 4617)
+++ active/CVE-2016-6156 2016-09-04 17:14:01 UTC (rev 4618)
@@ -1,14 +0,0 @@
-Description:
-References:
-Notes:
- carnil> As far I can see the vulnerable code is present in 4.6.3
- carnil> but the CROS_EC_CHARDEV is not enabled in Debian builds.
- bwh> It's fixed in 4.6.6 anyway, whether or not it matters to Debian
-Bugs:
- https://bugzilla.kernel.org/show_bug.cgi?id=120131
-upstream: released (4.7-rc7) [096cdc6f52225835ff503f987a0d68ef770bb78e]
-3.16-upstream-stable: N/A "Introduced in 4.2-rc1 with a841178445bb72a3d566b4e6ab9d19e9b002eb47"
-3.2-upstream-stable: N/A "Introduced in 4.2-rc1 with a841178445bb72a3d566b4e6ab9d19e9b002eb47"
-sid: released (4.7.2-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-6516
===================================================================
--- active/CVE-2016-6516 2016-09-04 08:13:19 UTC (rev 4617)
+++ active/CVE-2016-6516 2016-09-04 17:14:01 UTC (rev 4618)
@@ -1,10 +0,0 @@
-Description: double fetch leading to heap overflow
-References:
-Notes:
-Bugs:
-upstream: released (4.8-rc1) [10eec60ce79187686e052092e5383c99b4420a20]
-3.16-upstream-stable: N/A "Vulnerable code introduced in 4.5-rc1 with 54dbc15172375641ef03399e8f911d7165eb90fb"
-3.2-upstream-stable: N/A "Vulnerable code introduced in 4.5-rc1 with 54dbc15172375641ef03399e8f911d7165eb90fb"
-sid: released (4.7.2-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-4470 (from rev 4617, active/CVE-2016-4470)
===================================================================
--- retired/CVE-2016-4470 (rev 0)
+++ retired/CVE-2016-4470 2016-09-04 17:14:01 UTC (rev 4618)
@@ -0,0 +1,10 @@
+Description: Uninitialized variable in request_key handling causes kernel crash in error handling path
+References:
+Notes:
+Bugs:
+upstream: released (4.7-rc4) [38327424b40bcebe2de92d07312c89360ac9229a]
+3.16-upstream-stable: released (3.16.37) [keys-potential-uninitialized-variable.patch]
+3.2-upstream-stable: released (3.2.82) [keys-potential-uninitialized-variable.patch]
+sid: released (4.6.2-2) [bugfix/all/keys-potential-uninitialized-variable.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/keys-potential-uninitialized-variable.patch]
+3.2-wheezy-security: released (3.2.81-2) [bugfix/all/keys-potential-uninitialized-variable.patch]
Copied: retired/CVE-2016-5400 (from rev 4617, active/CVE-2016-5400)
===================================================================
--- retired/CVE-2016-5400 (rev 0)
+++ retired/CVE-2016-5400 2016-09-04 17:14:01 UTC (rev 4618)
@@ -0,0 +1,11 @@
+Description: memory leak in airspy usb driver
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1358184
+Notes:
+Bugs:
+upstream: released (4.7) [aa93d1fee85c890a34f2510a310e55ee76a27848]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.7.2-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-5696 (from rev 4617, active/CVE-2016-5696)
===================================================================
--- retired/CVE-2016-5696 (rev 0)
+++ retired/CVE-2016-5696 2016-09-04 17:14:01 UTC (rev 4618)
@@ -0,0 +1,18 @@
+Description: challenge ACK counter information disclosure
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1354708
+ https://www.mail-archive.com/netdev@vger.kernel.org/msg118824.html
+Notes:
+ RFC 5961 3.2 has been implemented in v3.6-rc1 with commit
+ 282f23c6ee343126156dd41218b22ece96d747e3 . But it seems to have
+ been backported to older versions as well (including 3.2.x)
+ .
+ Additionally (but not strictly needed for the CVE, AFAICT), the commit
+ 083ae308280d13d187512b9babe3454342a7987e might be added as well.
+Bugs:
+upstream: released (4.7) [75ff39ccc1bd5d3c455b6822ab09e533c551f758]
+3.16-upstream-stable: released (3.16.37) [tcp-make-challenge-acks-less-predictable.patch]
+3.2-upstream-stable: released (3.2.82) [tcp-make-challenge-acks-less-predictable.patch]
+sid: released (4.7.2-1)
+3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
+3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
Copied: retired/CVE-2016-5829 (from rev 4617, active/CVE-2016-5829)
===================================================================
--- retired/CVE-2016-5829 (rev 0)
+++ retired/CVE-2016-5829 2016-09-04 17:14:01 UTC (rev 4618)
@@ -0,0 +1,10 @@
+Description: HID: hiddev buffer overflows
+References:
+Notes:
+Bugs:
+upstream: released (4.7-rc5) [93a2001bdfd5376c3dc2158653034c20392d15c5]
+3.16-upstream-stable: released (3.16.37) [hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch]
+3.2-upstream-stable: released (3.2.82) [hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch]
+sid: released (4.6.3-1) [bugfix/all/HID-hiddev-validate-num_values-for-HIDIOCGUSAGES-HID.patch]
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u3) [bugfix/all/hid-hiddev-validate-num_values-for-hidiocgusages-hid.patch]
+3.2-wheezy-security: released (3.2.81-2) [bugfix/all/hid-hiddev-validate-num_values-for-hidiocgusages-hid.patch]
Copied: retired/CVE-2016-6136 (from rev 4617, active/CVE-2016-6136)
===================================================================
--- retired/CVE-2016-6136 (rev 0)
+++ retired/CVE-2016-6136 2016-09-04 17:14:01 UTC (rev 4618)
@@ -0,0 +1,13 @@
+Description:
+References:
+ https://bugzilla.kernel.org/show_bug.cgi?id=120681
+ https://github.com/linux-audit/audit-kernel/issues/18
+ https://www.redhat.com/archives/linux-audit/2016-July/msg00120.html
+Notes:
+Bugs:
+upstream: released (4.8-rc1) [43761473c254b45883a64441dd0bc85a42f3645c]
+3.16-upstream-stable: released (3.16.37) [audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
+3.2-upstream-stable: released (3.2.82) [audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
+sid: released (4.7.2-1)
+3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
+3.2-wheezy-security: released (3.2.81-2) [bugfix/all/audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
Copied: retired/CVE-2016-6156 (from rev 4617, active/CVE-2016-6156)
===================================================================
--- retired/CVE-2016-6156 (rev 0)
+++ retired/CVE-2016-6156 2016-09-04 17:14:01 UTC (rev 4618)
@@ -0,0 +1,14 @@
+Description:
+References:
+Notes:
+ carnil> As far I can see the vulnerable code is present in 4.6.3
+ carnil> but the CROS_EC_CHARDEV is not enabled in Debian builds.
+ bwh> It's fixed in 4.6.6 anyway, whether or not it matters to Debian
+Bugs:
+ https://bugzilla.kernel.org/show_bug.cgi?id=120131
+upstream: released (4.7-rc7) [096cdc6f52225835ff503f987a0d68ef770bb78e]
+3.16-upstream-stable: N/A "Introduced in 4.2-rc1 with a841178445bb72a3d566b4e6ab9d19e9b002eb47"
+3.2-upstream-stable: N/A "Introduced in 4.2-rc1 with a841178445bb72a3d566b4e6ab9d19e9b002eb47"
+sid: released (4.7.2-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-6516 (from rev 4617, active/CVE-2016-6516)
===================================================================
--- retired/CVE-2016-6516 (rev 0)
+++ retired/CVE-2016-6516 2016-09-04 17:14:01 UTC (rev 4618)
@@ -0,0 +1,10 @@
+Description: double fetch leading to heap overflow
+References:
+Notes:
+Bugs:
+upstream: released (4.8-rc1) [10eec60ce79187686e052092e5383c99b4420a20]
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.5-rc1 with 54dbc15172375641ef03399e8f911d7165eb90fb"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.5-rc1 with 54dbc15172375641ef03399e8f911d7165eb90fb"
+sid: released (4.7.2-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list