[kernel-sec-discuss] r5483 - active retired

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Aug 17 18:58:29 UTC 2017 

Author: carnil
Date: 2017-08-17 18:58:28 +0000 (Thu, 17 Aug 2017)
New Revision: 5483

Added:
   retired/CVE-2014-9940
   retired/CVE-2017-10810
   retired/CVE-2017-7346
   retired/CVE-2017-9605
Removed:
   active/CVE-2014-9940
   active/CVE-2017-10810
   active/CVE-2017-7346
   active/CVE-2017-9605
Log:
Retire four CVEs

Deleted: active/CVE-2014-9940
===================================================================
--- active/CVE-2014-9940	2017-08-17 17:21:02 UTC (rev 5482)
+++ active/CVE-2014-9940	2017-08-17 18:58:28 UTC (rev 5483)
@@ -1,15 +0,0 @@
-Description: regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing
-References:
- https://source.android.com/security/bulletin/2017-05-01
-Notes:
- bwh> Introduced in 3.10 by commit f19b00da8ed3 "regulator: core: support
- bwh> shared enable GPIO concept"
-Bugs:
-upstream: released (3.19-rc1) [60a2362f769cf549dc466134efe71c8bf9fbaaba]
-4.9-upstream-stable: N/A "Fixed before branching point"
-3.16-upstream-stable: released (3.16.45) [702f4dd27ccf3bae7915ef1f8790db3af435d211]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.0.2-1)
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/all/regulator-core-Fix-regualtor_ena_gpio_free-not-to-ac.patch]
-3.2-wheezy-security: N/A "Vulnerable code not present"

Deleted: active/CVE-2017-10810
===================================================================
--- active/CVE-2017-10810	2017-08-17 17:21:02 UTC (rev 5482)
+++ active/CVE-2017-10810	2017-08-17 18:58:28 UTC (rev 5483)
@@ -1,12 +0,0 @@
-Description: Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c
-References:
-Notes:
-Bugs:
-upstream: released (4.12-rc1) [385aee965b4e4c36551c362a334378d2985b722a]
-4.9-upstream-stable: released (4.9.37) [366d9207d9e002bf1a6d9da13a7f8f85b8a40c0b]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.11.11-1)
-4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/all/drm-virtio-don-t-leak-bo-on-drm_gem_object_init-fail.patch]
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Deleted: active/CVE-2017-7346
===================================================================
--- active/CVE-2017-7346	2017-08-17 17:21:02 UTC (rev 5482)
+++ active/CVE-2017-7346	2017-08-17 18:58:28 UTC (rev 5483)
@@ -1,18 +0,0 @@
-Description: drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()
-References:
- https://lists.freedesktop.org/archives/dri-devel/2017-March/137429.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1437431
- https://marc.info/?l=linux-kernel&m=149086968410117&w=2
- https://lists.freedesktop.org/archives/dri-devel/2017-April/138293.html
-Notes:
- bwh> Introduced by commit a97e21923b42 "drm/vmwgfx: Hook up guest-backed
- bwh> surfaces" in 3.14.
-Bugs:
-upstream: released (4.12-rc5) [ee9c4e681ec4f58e42a83cb0c22a0289ade1aacf]
-4.9-upstream-stable: released (4.9.32) [a76ff847013a7f6b1cd328381ca263ddcca12061]
-3.16-upstream-stable: released (3.16.45) [7943d19453aa1a1acf93bdb2812e0bef970ec23c]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.11.6-1)
-4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-limit-the-number-of-mip-levels-in-vmw_gb_.patch]
-3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/drm-vmwgfx-limit-the-number-of-mip-levels-in-vmw_gb_.patch]
-3.2-wheezy-security: N/A "Vulnerable code not present"

Deleted: active/CVE-2017-9605
===================================================================
--- active/CVE-2017-9605	2017-08-17 17:21:02 UTC (rev 5482)
+++ active/CVE-2017-9605	2017-08-17 18:58:28 UTC (rev 5483)
@@ -1,14 +0,0 @@
-Description: drm/vmwgfx: 4 byte read of uninitialised kernel memory  in vmw_gb_surface_define_ioctl()
-References:
- http://www.openwall.com/lists/oss-security/2017/06/13/2
-Notes:
- bwh> Introduced by commit a97e21923b42 "drm/vmwgfx: Hook up guest-backed surfaces"
-Bugs:
-upstream: released (4.12-rc5) [07678eca2cf9c9a18584e546c2b2a0d0c9a3150c]
-4.9-upstream-stable: released (4.9.32) [7860d0e5e2bf986d4bd06e7b029786747b5dc766]
-3.16-upstream-stable: released (3.16.46) [26823129d84c6ca3e12b17af7a8e78c579b3bca5]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.11.6-1)
-4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch]
-3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch]
-3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2014-9940 (from rev 5482, active/CVE-2014-9940)
===================================================================
--- retired/CVE-2014-9940	                        (rev 0)
+++ retired/CVE-2014-9940	2017-08-17 18:58:28 UTC (rev 5483)
@@ -0,0 +1,15 @@
+Description: regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing
+References:
+ https://source.android.com/security/bulletin/2017-05-01
+Notes:
+ bwh> Introduced in 3.10 by commit f19b00da8ed3 "regulator: core: support
+ bwh> shared enable GPIO concept"
+Bugs:
+upstream: released (3.19-rc1) [60a2362f769cf549dc466134efe71c8bf9fbaaba]
+4.9-upstream-stable: N/A "Fixed before branching point"
+3.16-upstream-stable: released (3.16.45) [702f4dd27ccf3bae7915ef1f8790db3af435d211]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.0.2-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/all/regulator-core-Fix-regualtor_ena_gpio_free-not-to-ac.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-10810 (from rev 5482, active/CVE-2017-10810)
===================================================================
--- retired/CVE-2017-10810	                        (rev 0)
+++ retired/CVE-2017-10810	2017-08-17 18:58:28 UTC (rev 5483)
@@ -0,0 +1,12 @@
+Description: Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c
+References:
+Notes:
+Bugs:
+upstream: released (4.12-rc1) [385aee965b4e4c36551c362a334378d2985b722a]
+4.9-upstream-stable: released (4.9.37) [366d9207d9e002bf1a6d9da13a7f8f85b8a40c0b]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.11.11-1)
+4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/all/drm-virtio-don-t-leak-bo-on-drm_gem_object_init-fail.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-7346 (from rev 5482, active/CVE-2017-7346)
===================================================================
--- retired/CVE-2017-7346	                        (rev 0)
+++ retired/CVE-2017-7346	2017-08-17 18:58:28 UTC (rev 5483)
@@ -0,0 +1,18 @@
+Description: drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()
+References:
+ https://lists.freedesktop.org/archives/dri-devel/2017-March/137429.html
+ https://bugzilla.redhat.com/show_bug.cgi?id=1437431
+ https://marc.info/?l=linux-kernel&m=149086968410117&w=2
+ https://lists.freedesktop.org/archives/dri-devel/2017-April/138293.html
+Notes:
+ bwh> Introduced by commit a97e21923b42 "drm/vmwgfx: Hook up guest-backed
+ bwh> surfaces" in 3.14.
+Bugs:
+upstream: released (4.12-rc5) [ee9c4e681ec4f58e42a83cb0c22a0289ade1aacf]
+4.9-upstream-stable: released (4.9.32) [a76ff847013a7f6b1cd328381ca263ddcca12061]
+3.16-upstream-stable: released (3.16.45) [7943d19453aa1a1acf93bdb2812e0bef970ec23c]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.11.6-1)
+4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-limit-the-number-of-mip-levels-in-vmw_gb_.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/drm-vmwgfx-limit-the-number-of-mip-levels-in-vmw_gb_.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-9605 (from rev 5482, active/CVE-2017-9605)
===================================================================
--- retired/CVE-2017-9605	                        (rev 0)
+++ retired/CVE-2017-9605	2017-08-17 18:58:28 UTC (rev 5483)
@@ -0,0 +1,14 @@
+Description: drm/vmwgfx: 4 byte read of uninitialised kernel memory  in vmw_gb_surface_define_ioctl()
+References:
+ http://www.openwall.com/lists/oss-security/2017/06/13/2
+Notes:
+ bwh> Introduced by commit a97e21923b42 "drm/vmwgfx: Hook up guest-backed surfaces"
+Bugs:
+upstream: released (4.12-rc5) [07678eca2cf9c9a18584e546c2b2a0d0c9a3150c]
+4.9-upstream-stable: released (4.9.32) [7860d0e5e2bf986d4bd06e7b029786747b5dc766]
+3.16-upstream-stable: released (3.16.46) [26823129d84c6ca3e12b17af7a8e78c579b3bca5]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.11.6-1)
+4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"

More information about the kernel-sec-discuss mailing list