[kernel-sec-discuss] r5772 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Dec 9 08:52:03 UTC 2017
Author: carnil
Date: 2017-12-09 08:52:03 +0000 (Sat, 09 Dec 2017)
New Revision: 5772
Added:
retired/CVE-2017-0786
retired/CVE-2017-1000255
retired/CVE-2017-12188
retired/CVE-2017-12192
retired/CVE-2017-12193
retired/CVE-2017-15274
retired/CVE-2017-15306
retired/CVE-2017-15537
retired/CVE-2017-15951
retired/CVE-2017-16528
retired/CVE-2017-16530
retired/CVE-2017-16534
retired/CVE-2017-16646
retired/CVE-2017-16647
retired/CVE-2017-16650
Removed:
active/CVE-2017-0786
active/CVE-2017-1000255
active/CVE-2017-12188
active/CVE-2017-12192
active/CVE-2017-12193
active/CVE-2017-15274
active/CVE-2017-15306
active/CVE-2017-15537
active/CVE-2017-15951
active/CVE-2017-16528
active/CVE-2017-16530
active/CVE-2017-16534
active/CVE-2017-16646
active/CVE-2017-16647
active/CVE-2017-16650
Log:
Retire several CVEs fixed everywhere
Deleted: active/CVE-2017-0786
===================================================================
--- active/CVE-2017-0786 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-0786 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,14 +0,0 @@
-Description: brcmfmac: add length check in brcmf_cfg80211_escan_handler()
-References:
-Notes:
- bwh> Upstream commit is marked for 4.0 onward, but I think the bug was
- bwh> introduced in 3.7 by commit e756af5b30b0 "brcmfmac: add e-scan support."
-Bugs:
-upstream: released (4.14-rc4) [17df6453d4be17910456e99c5a85025aa1b7a246]
-4.9-upstream-stable: released (4.9.55) [4d3132d97aa753104ee35722352a895750a0fca5]
-3.16-upstream-stable: released (3.16.50) [7df83adfc5d38bf960ef7ff0e4cb1c2c92715f63]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.13.4-2) [bugfix/all/brcmfmac-add-length-check-in-brcmf_cfg80211_escan_ha.patch]
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: released (3.16.51-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-1000255
===================================================================
--- active/CVE-2017-1000255 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-1000255 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,19 +0,0 @@
-Description: powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
-References:
-Notes:
- carnil> Introduced in 4.9-rc1 with 5d176f751ee3c6eededd984ad409bff201f436a7
- carnil> Kernels built with CONFIG_PPC_TRANSACTIONAL_MEM=n are not vulnerable.
- carnil> Fix will require two patches:
- carnil> "powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks"
- carnil> and
- carnil> "powerpc/tm: Fix illegal TM state in signal handler"
- carnil> 044215d145a7a8a60ffa8fdc859d110a795fa6ea is needed as well.
-Bugs:
-upstream: released (4.14-rc5) [265e60a170d0a0ecfc2d20490134ed2c48dd45ab]
-4.9-upstream-stable: released (4.9.55) [afebf5ef60da6d15e75398e41ea2817c7a2bb283]
-3.16-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1 with 5d176f751ee3c6eededd984ad409bff201f436a7"
-3.2-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1 with 5d176f751ee3c6eededd984ad409bff201f436a7"
-sid: released (4.13.4-2) [bugfix/all/powerpc-64s-Use-emergency-stack-for-kernel-TM-Bad-Th.patch]
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulerable code introduced later"
-3.2-wheezy-security: N/A "Vulerable code introduced later"
Deleted: active/CVE-2017-12188
===================================================================
--- active/CVE-2017-12188 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-12188 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,21 +0,0 @@
-Description: KVM: MMU potential stack buffer overrun during page walks
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1500380
- https://www.spinics.net/lists/kvm/msg156651.html
-Notes:
- carnil> According to Paolo Bonzini, only
- carnil> https://www.spinics.net/lists/kvm/msg156650.html
- carnil> is needed to fix CVE-2017-12188
- carnil> Issue might thus only affect kernels starting from 4.6-rc1
- carnil> but I'm not 100% certain on the last claim or if we should
- carnil> adress the issue as well for kernels later than 3.12-rc1
- bwh> Let's trust Paolo on this
-Bugs:
-upstream: released (4.14-rc5) [fd19d3b45164466a4adce7cbff448ba9189e1427, 829ee279aed43faa5cb1e4d65c0cad52f2426c53]
-4.9-upstream-stable: released (4.9.57) [28955b03fac36829831e185e3ec2793f8eb18689, 3610c4a7838df867d1b9d83a38c87042859ff896]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.13.4-2) [bugfix/x86/KVM-nVMX-update-last_nonleaf_level-when-initializing.patch, bugfix/x86/KVM-MMU-always-terminate-page-walks-at-level-1.patch]
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-12192
===================================================================
--- active/CVE-2017-12192 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-12192 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,13 +0,0 @@
-Description: NULL pointer dereference due to KEYCTL_READ on negative key
-References:
-Notes:
- carnil> Introduced in 3.13-rc1 with 61ea0c0ba904a55f55317d850c1072ff7835ac92
-Bugs:
-upstream: released (4.14-rc3) [37863c43b2c6464f252862bf2e9768264e961678]
-4.9-upstream-stable: released (4.9.53) [dda70d28c0ac191f128bfd3acfd800667ed86bdf]
-3.16-upstream-stable: released (3.16.50) [3eab231a5b5382067ab3ead172780144f9c0f721]
-3.2-upstream-stable: N/A "Vulnerable code introduced later in 3.13-rc1"
-sid: released (4.13.4-2) [bugfix/all/KEYS-prevent-KEYCTL_READ-on-negative-key.patch]
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: released (3.16.51-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-12193
===================================================================
--- active/CVE-2017-12193 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-12193 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,12 +0,0 @@
-Description: Null pointer dereference due to incorrect node-splitting in assoc_array implementation
-References:
-Notes:
-Bugs:
-upstream: released (4.14-rc7) [ea6789980fdaa610d7eb63602c746bf6ec70cd2b]
-4.9-upstream-stable: released (4.9.60) [67bcc5e530d55e646b7324038c926c2bde735a7e]
-3.16-upstream-stable: released (3.16.50) [c42ab77ec3454fc0d9710bd6734e241e4202d8b3]
-3.2-upstream-stable: N/A "Introduced in 3.13-rc1 with 3cb989501c2688cacbb7dc4b0d353faf838f53a1"
-sid: released (4.13.13-1)
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: released (3.16.51-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-15274
===================================================================
--- active/CVE-2017-15274 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-15274 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,12 +0,0 @@
-Description: KEYS: fix dereferencing NULL payload with nonzero length
-References:
-Notes:
-Bugs:
-upstream: released (4.12-rc5) [5649645d725c73df4302428ee4e02c869248b4c5]
-4.9-upstream-stable: released (4.9.32) [1b253e023f8f75b109564a61d2050d818f75b4f3]
-3.16-upstream-stable: released (3.16.48) [400773b3c6b7faffafc6adedecdd4882fc677d64]
-3.2-upstream-stable: released (3.2.93) [134a3099ea5bb3d13126321ac48bfc48c72784ed]
-sid: released (4.11.6-1)
-4.9-stretch-security: released (4.9.47-1)
-3.16-jessie-security: released (3.16.48-1)
-3.2-wheezy-security: released (3.2.93-1)
Deleted: active/CVE-2017-15306
===================================================================
--- active/CVE-2017-15306 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-15306 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,12 +0,0 @@
-Description: KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM
-References:
-Notes:
-Bugs:
-upstream: released (4.14-rc7) [ac64115a66c18c01745bbd3c47a36b124e5fd8c0]
-4.9-upstream-stable: released (4.9.60) [474cb9e0f02fdabadfc5ecc17b9afbb0ca6aa15a]
-3.16-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 23528bb21ee2c9b27f3feddd77a2a3351a8df148"
-3.2-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 23528bb21ee2c9b27f3feddd77a2a3351a8df148"
-sid: released (4.13.13-1)
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulnerable code introduced later"
-3.2-wheezy-security: N/A "Vulnerable code introduced later"
Deleted: active/CVE-2017-15537
===================================================================
--- active/CVE-2017-15537 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-15537 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,13 +0,0 @@
-Description: x86/fpu: Don't let userspace set bogus xcomp_bv
-References:
-Notes:
- carnil> Introduced in 3.17-rc1 with 0b29643a58439dc9a8b0c0cacad0e7cb608c8199
-Bugs:
-upstream: released (4.14-rc3) [814fb7bb7db5433757d76f4c4502c96fc53b0b5e]
-4.9-upstream-stable: released (4.9.53) [5e9b07f30d21295b83f2024ffb5a349d3af6f749]
-3.16-upstream-stable: N/A "Vulnerable code introduced in 3.17-rc1"
-3.2-upstream-stable: N/A "Vulnerable code introduced in 3.17-rc1"
-sid: released (4.13.10-1)
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulnerable code introduced later"
-3.2-wheezy-security: N/A "Vulnerable code introduced later"
Deleted: active/CVE-2017-15951
===================================================================
--- active/CVE-2017-15951 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-15951 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,13 +0,0 @@
-Description: KEYS: Fix race between updating and finding a negative key
-References:
-Notes:
- carnil> For 4.13.x fixed in 4.13.10 f45b8fe12221c178ce708b1c9d634634f2261802
-Bugs:
-upstream: released (4.14-rc6) [363b02dab09b3226f3bd1420dad9c72b79a42a76]
-4.9-upstream-stable: released (4.9.59) [63c8e452554962f88c0952212c8a4202469d4914]
-3.16-upstream-stable: N/A "Vulnerable code introduced in 4.4-rc1 with 146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc"
-3.2-upstream-stable: N/A "Vulnerable code introduced in 4.4-rc1 with 146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc"
-sid: released (4.13.10-1)
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulnerable code introduced later"
-3.2-wheezy-security: N/A "Vulnerable code introduced later"
Deleted: active/CVE-2017-16528
===================================================================
--- active/CVE-2017-16528 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-16528 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,14 +0,0 @@
-Description: ALSA: seq: Cancel pending autoload work at unbinding device
-References:
-Notes:
- bwh> Introduced in 3.19 by commit 68ab61084de3 "ALSA: seq: bind seq driver
- bwh> automatically"
-Bugs:
-upstream: released (4.14-rc1) [fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57]
-4.9-upstream-stable: released (4.9.63) [1862eca99e2732da2594e05406c9f78b4265bf5b]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.13.4-1)
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-16530
===================================================================
--- active/CVE-2017-16530 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-16530 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,14 +0,0 @@
-Description: USB: uas: fix bug in handling of alternate settings
-References:
-Notes:
- bwh> Introduced in 3.15 by commit 6134041bef0a "uas: Verify endpoint
- bwh> descriptors from uas_use_uas_driver()".
-Bugs:
-upstream: released (4.14-rc4) [786de92b3cb26012d3d0f00ee37adf14527f35c4]
-4.9-upstream-stable: released (4.9.55) [d77606e93d819ad4b8f57511ff61a629ced49750]
-3.16-upstream-stable: released (3.16.50) [c0003557dbdec4ec1976ea7be9534abef758297b]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.13.10-1)
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: released (3.16.51-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-16534
===================================================================
--- active/CVE-2017-16534 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-16534 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,16 +0,0 @@
-Description: USB: core: harden cdc_parse_cdc_header
-References:
-Notes:
- bwh> Introduced in 4.4 by commit c40a2c8817e4 "CDC: common parser for extra
- bwh> headers", but there may be similar bugs in individual drivers in older
- bwh> versions. cdc_ether seems to have missed a length check for
- bwh> USB_CDC_ACM_TYPE.
-Bugs:
-upstream: released (4.14-rc4) [2e1c42391ff2556387b3cb6308b24f6f65619feb]
-4.9-upstream-stable: released (4.9.55) [767f7a2cf33a135fe3f57010b51c3f6e92d7677d]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.13.10-1)
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-16646
===================================================================
--- active/CVE-2017-16646 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-16646 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,15 +0,0 @@
-Description: media: dib0700: fix invalid dvb_detach argument
-References:
- https://patchwork.linuxtv.org/patch/45291/
-Notes:
- bwh> Introduced in 3.17 by commit 8abe4a0a3f6d "[media] dib7000: export just
- bwh> one symbol".
-Bugs:
-upstream: released (4.15-rc1) [eb0c19942288569e0ae492476534d5a485fb8ab4]
-4.9-upstream-stable: released (4.9.64) [49c1e5f032382713933a86fa1077c438b430f6fc]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.13.13-1) [bugfix/all/media-dib0700-fix-invalid-dvb_detach-argument.patch]
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-16647
===================================================================
--- active/CVE-2017-16647 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-16647 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,14 +0,0 @@
-Description: net: usb: asix: fill null-ptr-deref in asix_suspend
-References:
- https://patchwork.ozlabs.org/patch/834686/
-Notes:
- bwh> Introduced in 4.9 by commit d9fe64e51114 "net: asix: Add in_pm parameter".
-Bugs:
-upstream: released (4.14) [8f5624629105589bcc23d0e51cc01bd8103d09a5]
-4.9-upstream-stable: released (4.9.65) [58baa36d3728eea14884f74817d5749b32b0cdeb]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.13.13-1) [bugfix/all/net-usb-asix-fill-null-ptr-deref-in-asix_suspend.patch]
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-16650
===================================================================
--- active/CVE-2017-16650 2017-12-09 08:48:01 UTC (rev 5771)
+++ active/CVE-2017-16650 2017-12-09 08:52:03 UTC (rev 5772)
@@ -1,15 +0,0 @@
-Description: net: qmi_wwan: fix divide by 0 on bad descriptors
-References:
- https://patchwork.ozlabs.org/patch/834770/
-Notes:
- bwh> Introduced in 3.4 by commit 423ce8caab7e "net: usb: qmi_wwan: New driver
- bwh> for Huawei QMI based WWAN devices".
-Bugs:
-upstream: released (4.14) [7fd078337201cf7468f53c3d9ef81ff78cb6df3b]
-4.9-upstream-stable: released (4.9.65) [02a0c0639ae07beab982bbad4527b40da96d33ff]
-3.16-upstream-stable: released (3.16.51) [4a14bd934b40b1a9f7fe3e0546f9873bb55e5b61]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.13.13-1) [bugfix/all/net-qmi_wwan-fix-divide-by-0-on-bad-descriptors.patch]
-4.9-stretch-security: released (4.9.65-1)
-3.16-jessie-security: released (3.16.51-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-0786 (from rev 5771, active/CVE-2017-0786)
===================================================================
--- retired/CVE-2017-0786 (rev 0)
+++ retired/CVE-2017-0786 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,14 @@
+Description: brcmfmac: add length check in brcmf_cfg80211_escan_handler()
+References:
+Notes:
+ bwh> Upstream commit is marked for 4.0 onward, but I think the bug was
+ bwh> introduced in 3.7 by commit e756af5b30b0 "brcmfmac: add e-scan support."
+Bugs:
+upstream: released (4.14-rc4) [17df6453d4be17910456e99c5a85025aa1b7a246]
+4.9-upstream-stable: released (4.9.55) [4d3132d97aa753104ee35722352a895750a0fca5]
+3.16-upstream-stable: released (3.16.50) [7df83adfc5d38bf960ef7ff0e4cb1c2c92715f63]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.4-2) [bugfix/all/brcmfmac-add-length-check-in-brcmf_cfg80211_escan_ha.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-1000255 (from rev 5771, active/CVE-2017-1000255)
===================================================================
--- retired/CVE-2017-1000255 (rev 0)
+++ retired/CVE-2017-1000255 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,19 @@
+Description: powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
+References:
+Notes:
+ carnil> Introduced in 4.9-rc1 with 5d176f751ee3c6eededd984ad409bff201f436a7
+ carnil> Kernels built with CONFIG_PPC_TRANSACTIONAL_MEM=n are not vulnerable.
+ carnil> Fix will require two patches:
+ carnil> "powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks"
+ carnil> and
+ carnil> "powerpc/tm: Fix illegal TM state in signal handler"
+ carnil> 044215d145a7a8a60ffa8fdc859d110a795fa6ea is needed as well.
+Bugs:
+upstream: released (4.14-rc5) [265e60a170d0a0ecfc2d20490134ed2c48dd45ab]
+4.9-upstream-stable: released (4.9.55) [afebf5ef60da6d15e75398e41ea2817c7a2bb283]
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1 with 5d176f751ee3c6eededd984ad409bff201f436a7"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1 with 5d176f751ee3c6eededd984ad409bff201f436a7"
+sid: released (4.13.4-2) [bugfix/all/powerpc-64s-Use-emergency-stack-for-kernel-TM-Bad-Th.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulerable code introduced later"
+3.2-wheezy-security: N/A "Vulerable code introduced later"
Copied: retired/CVE-2017-12188 (from rev 5771, active/CVE-2017-12188)
===================================================================
--- retired/CVE-2017-12188 (rev 0)
+++ retired/CVE-2017-12188 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,21 @@
+Description: KVM: MMU potential stack buffer overrun during page walks
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1500380
+ https://www.spinics.net/lists/kvm/msg156651.html
+Notes:
+ carnil> According to Paolo Bonzini, only
+ carnil> https://www.spinics.net/lists/kvm/msg156650.html
+ carnil> is needed to fix CVE-2017-12188
+ carnil> Issue might thus only affect kernels starting from 4.6-rc1
+ carnil> but I'm not 100% certain on the last claim or if we should
+ carnil> adress the issue as well for kernels later than 3.12-rc1
+ bwh> Let's trust Paolo on this
+Bugs:
+upstream: released (4.14-rc5) [fd19d3b45164466a4adce7cbff448ba9189e1427, 829ee279aed43faa5cb1e4d65c0cad52f2426c53]
+4.9-upstream-stable: released (4.9.57) [28955b03fac36829831e185e3ec2793f8eb18689, 3610c4a7838df867d1b9d83a38c87042859ff896]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.4-2) [bugfix/x86/KVM-nVMX-update-last_nonleaf_level-when-initializing.patch, bugfix/x86/KVM-MMU-always-terminate-page-walks-at-level-1.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-12192 (from rev 5771, active/CVE-2017-12192)
===================================================================
--- retired/CVE-2017-12192 (rev 0)
+++ retired/CVE-2017-12192 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,13 @@
+Description: NULL pointer dereference due to KEYCTL_READ on negative key
+References:
+Notes:
+ carnil> Introduced in 3.13-rc1 with 61ea0c0ba904a55f55317d850c1072ff7835ac92
+Bugs:
+upstream: released (4.14-rc3) [37863c43b2c6464f252862bf2e9768264e961678]
+4.9-upstream-stable: released (4.9.53) [dda70d28c0ac191f128bfd3acfd800667ed86bdf]
+3.16-upstream-stable: released (3.16.50) [3eab231a5b5382067ab3ead172780144f9c0f721]
+3.2-upstream-stable: N/A "Vulnerable code introduced later in 3.13-rc1"
+sid: released (4.13.4-2) [bugfix/all/KEYS-prevent-KEYCTL_READ-on-negative-key.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-12193 (from rev 5771, active/CVE-2017-12193)
===================================================================
--- retired/CVE-2017-12193 (rev 0)
+++ retired/CVE-2017-12193 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,12 @@
+Description: Null pointer dereference due to incorrect node-splitting in assoc_array implementation
+References:
+Notes:
+Bugs:
+upstream: released (4.14-rc7) [ea6789980fdaa610d7eb63602c746bf6ec70cd2b]
+4.9-upstream-stable: released (4.9.60) [67bcc5e530d55e646b7324038c926c2bde735a7e]
+3.16-upstream-stable: released (3.16.50) [c42ab77ec3454fc0d9710bd6734e241e4202d8b3]
+3.2-upstream-stable: N/A "Introduced in 3.13-rc1 with 3cb989501c2688cacbb7dc4b0d353faf838f53a1"
+sid: released (4.13.13-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-15274 (from rev 5771, active/CVE-2017-15274)
===================================================================
--- retired/CVE-2017-15274 (rev 0)
+++ retired/CVE-2017-15274 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,12 @@
+Description: KEYS: fix dereferencing NULL payload with nonzero length
+References:
+Notes:
+Bugs:
+upstream: released (4.12-rc5) [5649645d725c73df4302428ee4e02c869248b4c5]
+4.9-upstream-stable: released (4.9.32) [1b253e023f8f75b109564a61d2050d818f75b4f3]
+3.16-upstream-stable: released (3.16.48) [400773b3c6b7faffafc6adedecdd4882fc677d64]
+3.2-upstream-stable: released (3.2.93) [134a3099ea5bb3d13126321ac48bfc48c72784ed]
+sid: released (4.11.6-1)
+4.9-stretch-security: released (4.9.47-1)
+3.16-jessie-security: released (3.16.48-1)
+3.2-wheezy-security: released (3.2.93-1)
Copied: retired/CVE-2017-15306 (from rev 5771, active/CVE-2017-15306)
===================================================================
--- retired/CVE-2017-15306 (rev 0)
+++ retired/CVE-2017-15306 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,12 @@
+Description: KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM
+References:
+Notes:
+Bugs:
+upstream: released (4.14-rc7) [ac64115a66c18c01745bbd3c47a36b124e5fd8c0]
+4.9-upstream-stable: released (4.9.60) [474cb9e0f02fdabadfc5ecc17b9afbb0ca6aa15a]
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 23528bb21ee2c9b27f3feddd77a2a3351a8df148"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 23528bb21ee2c9b27f3feddd77a2a3351a8df148"
+sid: released (4.13.13-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"
Copied: retired/CVE-2017-15537 (from rev 5771, active/CVE-2017-15537)
===================================================================
--- retired/CVE-2017-15537 (rev 0)
+++ retired/CVE-2017-15537 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,13 @@
+Description: x86/fpu: Don't let userspace set bogus xcomp_bv
+References:
+Notes:
+ carnil> Introduced in 3.17-rc1 with 0b29643a58439dc9a8b0c0cacad0e7cb608c8199
+Bugs:
+upstream: released (4.14-rc3) [814fb7bb7db5433757d76f4c4502c96fc53b0b5e]
+4.9-upstream-stable: released (4.9.53) [5e9b07f30d21295b83f2024ffb5a349d3af6f749]
+3.16-upstream-stable: N/A "Vulnerable code introduced in 3.17-rc1"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 3.17-rc1"
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"
Copied: retired/CVE-2017-15951 (from rev 5771, active/CVE-2017-15951)
===================================================================
--- retired/CVE-2017-15951 (rev 0)
+++ retired/CVE-2017-15951 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,13 @@
+Description: KEYS: Fix race between updating and finding a negative key
+References:
+Notes:
+ carnil> For 4.13.x fixed in 4.13.10 f45b8fe12221c178ce708b1c9d634634f2261802
+Bugs:
+upstream: released (4.14-rc6) [363b02dab09b3226f3bd1420dad9c72b79a42a76]
+4.9-upstream-stable: released (4.9.59) [63c8e452554962f88c0952212c8a4202469d4914]
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.4-rc1 with 146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.4-rc1 with 146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc"
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"
Copied: retired/CVE-2017-16528 (from rev 5771, active/CVE-2017-16528)
===================================================================
--- retired/CVE-2017-16528 (rev 0)
+++ retired/CVE-2017-16528 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,14 @@
+Description: ALSA: seq: Cancel pending autoload work at unbinding device
+References:
+Notes:
+ bwh> Introduced in 3.19 by commit 68ab61084de3 "ALSA: seq: bind seq driver
+ bwh> automatically"
+Bugs:
+upstream: released (4.14-rc1) [fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57]
+4.9-upstream-stable: released (4.9.63) [1862eca99e2732da2594e05406c9f78b4265bf5b]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.4-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-16530 (from rev 5771, active/CVE-2017-16530)
===================================================================
--- retired/CVE-2017-16530 (rev 0)
+++ retired/CVE-2017-16530 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,14 @@
+Description: USB: uas: fix bug in handling of alternate settings
+References:
+Notes:
+ bwh> Introduced in 3.15 by commit 6134041bef0a "uas: Verify endpoint
+ bwh> descriptors from uas_use_uas_driver()".
+Bugs:
+upstream: released (4.14-rc4) [786de92b3cb26012d3d0f00ee37adf14527f35c4]
+4.9-upstream-stable: released (4.9.55) [d77606e93d819ad4b8f57511ff61a629ced49750]
+3.16-upstream-stable: released (3.16.50) [c0003557dbdec4ec1976ea7be9534abef758297b]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-16534 (from rev 5771, active/CVE-2017-16534)
===================================================================
--- retired/CVE-2017-16534 (rev 0)
+++ retired/CVE-2017-16534 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,16 @@
+Description: USB: core: harden cdc_parse_cdc_header
+References:
+Notes:
+ bwh> Introduced in 4.4 by commit c40a2c8817e4 "CDC: common parser for extra
+ bwh> headers", but there may be similar bugs in individual drivers in older
+ bwh> versions. cdc_ether seems to have missed a length check for
+ bwh> USB_CDC_ACM_TYPE.
+Bugs:
+upstream: released (4.14-rc4) [2e1c42391ff2556387b3cb6308b24f6f65619feb]
+4.9-upstream-stable: released (4.9.55) [767f7a2cf33a135fe3f57010b51c3f6e92d7677d]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-16646 (from rev 5771, active/CVE-2017-16646)
===================================================================
--- retired/CVE-2017-16646 (rev 0)
+++ retired/CVE-2017-16646 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,15 @@
+Description: media: dib0700: fix invalid dvb_detach argument
+References:
+ https://patchwork.linuxtv.org/patch/45291/
+Notes:
+ bwh> Introduced in 3.17 by commit 8abe4a0a3f6d "[media] dib7000: export just
+ bwh> one symbol".
+Bugs:
+upstream: released (4.15-rc1) [eb0c19942288569e0ae492476534d5a485fb8ab4]
+4.9-upstream-stable: released (4.9.64) [49c1e5f032382713933a86fa1077c438b430f6fc]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.13-1) [bugfix/all/media-dib0700-fix-invalid-dvb_detach-argument.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-16647 (from rev 5771, active/CVE-2017-16647)
===================================================================
--- retired/CVE-2017-16647 (rev 0)
+++ retired/CVE-2017-16647 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,14 @@
+Description: net: usb: asix: fill null-ptr-deref in asix_suspend
+References:
+ https://patchwork.ozlabs.org/patch/834686/
+Notes:
+ bwh> Introduced in 4.9 by commit d9fe64e51114 "net: asix: Add in_pm parameter".
+Bugs:
+upstream: released (4.14) [8f5624629105589bcc23d0e51cc01bd8103d09a5]
+4.9-upstream-stable: released (4.9.65) [58baa36d3728eea14884f74817d5749b32b0cdeb]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.13-1) [bugfix/all/net-usb-asix-fill-null-ptr-deref-in-asix_suspend.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-16650 (from rev 5771, active/CVE-2017-16650)
===================================================================
--- retired/CVE-2017-16650 (rev 0)
+++ retired/CVE-2017-16650 2017-12-09 08:52:03 UTC (rev 5772)
@@ -0,0 +1,15 @@
+Description: net: qmi_wwan: fix divide by 0 on bad descriptors
+References:
+ https://patchwork.ozlabs.org/patch/834770/
+Notes:
+ bwh> Introduced in 3.4 by commit 423ce8caab7e "net: usb: qmi_wwan: New driver
+ bwh> for Huawei QMI based WWAN devices".
+Bugs:
+upstream: released (4.14) [7fd078337201cf7468f53c3d9ef81ff78cb6df3b]
+4.9-upstream-stable: released (4.9.65) [02a0c0639ae07beab982bbad4527b40da96d33ff]
+3.16-upstream-stable: released (3.16.51) [4a14bd934b40b1a9f7fe3e0546f9873bb55e5b61]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.13-1) [bugfix/all/net-qmi_wwan-fix-divide-by-0-on-bad-descriptors.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list