[kernel-sec-discuss] r4836 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 14 12:32:38 UTC 2017
Author: carnil
Date: 2017-01-14 12:32:38 +0000 (Sat, 14 Jan 2017)
New Revision: 4836
Added:
retired/CVE-2015-1350
retired/CVE-2015-8955
retired/CVE-2016-5412
retired/CVE-2016-7097
retired/CVE-2016-7910
retired/CVE-2016-8633
retired/CVE-2016-8658
retired/CVE-2016-9083
retired/CVE-2016-9084
retired/CVE-2016-9754
retired/CVE-2016-9806
Removed:
active/CVE-2015-1350
active/CVE-2015-8955
active/CVE-2016-5412
active/CVE-2016-7097
active/CVE-2016-7910
active/CVE-2016-8633
active/CVE-2016-8658
active/CVE-2016-9083
active/CVE-2016-9084
active/CVE-2016-9754
active/CVE-2016-9806
Log:
Retire CVEs which are released everywhere
Deleted: active/CVE-2015-1350
===================================================================
--- active/CVE-2015-1350 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2015-1350 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,16 +0,0 @@
-Description: chown removes security.capability xattr on other users' files
-References:
- - http://www.openwall.com/lists/oss-security/2015/01/17/12
- - http://www.openwall.com/lists/oss-security/2015/01/24/5
-Notes:
- bwh> The bug seems to have present ever since file capabilities were added
- bwh> in 2.6.24.
- carnil> prerequisite: 31051c85b5e2aaaf6315f74c72a732673632a905
- carnil> fixes backportable to older versions without breakage?
-Bugs: 770492
-upstream: released (4.9-rc1) [030b533c4fd4d2ec3402363323de4bb2983c9cee]
-sid: released (4.8.11-1) [bugfix/all/xfs-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/ceph-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-Give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-Avoid-premature-clearing-of-capabilities.patch]
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: released (3.2.84-1)
-3.16-upstream-stable: released (3.16.39) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
-3.2-upstream-stable: released (3.2.84) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
Deleted: active/CVE-2015-8955
===================================================================
--- active/CVE-2015-8955 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2015-8955 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,11 +0,0 @@
-Description: Incomplete validation of hardware perf_events on arm64
-References:
-Notes:
- bwh> Minor issue for Debian since we restrict access to perf_event by default
-Bugs:
-upstream: released (4.1-rc1) [8fff105e13041e49b82f92eef034f363a6b1c071]
-3.16-upstream-stable: released (3.16.39) [arm64-perf-reject-groups-spanning-multiple-hw-pmus.patch]
-3.2-upstream-stable: N/A "Vulnerable architecture not present"
-sid: released (4.1.3-1)
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: N/A "Vulnerable architecture not present"
Deleted: active/CVE-2016-5412
===================================================================
--- active/CVE-2016-5412 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-5412 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,14 +0,0 @@
-Description:
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1349916
- https://marc.info/?l=kvm&m=146968629127349&w=2
- https://marc.info/?l=kvm&m=146968629627356&w=2
- https://marc.info/?l=kvm&m=146968629427354&w=2
-Notes:
-Bugs:
-upstream: released (4.8-rc1) [f024ee098476a3e620232e4a78cfac505f121245, 93d17397e4e2182fdaad503e2f9da46202c0f1c3]
-3.16-upstream-stable: released (3.16.37) [kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-into-separate.patch, kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
-3.2-upstream-stable: N/A "Transactional memory is not supported"
-sid: released (4.7.2-1)
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: N/A "Transactional memory is not supported"
Deleted: active/CVE-2016-7097
===================================================================
--- active/CVE-2016-7097 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-7097 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,13 +0,0 @@
-Description: Setting a POSIX ACL via setxattr doesn't clear the setgid bit
-References:
- http://www.spinics.net/lists/linux-fsdevel/msg98328.html
- http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2
- https://bugzilla.redhat.com/show_bug.cgi?id=1368938
-Notes:
-Bugs:
-upstream: released (4.9-rc1) [073931017b49d9458aa351605b43a7e34598caef]
-3.16-upstream-stable: released (3.16.39) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
-3.2-upstream-stable: released (3.2.84) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
-sid: released (4.7.8-1) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissio.patch]
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: released (3.2.84-1)
Deleted: active/CVE-2016-7910
===================================================================
--- active/CVE-2016-7910 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-7910 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,10 +0,0 @@
-Description: Use-after-free in /proc/partitions implementation
-References:
-Notes:
-Bugs:
-upstream: released (4.8-rc1) [77da160530dd1dc94f6ae15a981f24e5f0021e84]
-3.16-upstream-stable: released (3.16.39)
-3.2-upstream-stable: released (3.2.84)
-sid: released (4.7.2-1)
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: released (3.2.84-1)
Deleted: active/CVE-2016-8633
===================================================================
--- active/CVE-2016-8633 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-8633 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,11 +0,0 @@
-Description:
-References:
- https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/
-Notes:
-Bugs:
-upstream: released (4.9-rc4) [667121ace9dbafb368618dbabcf07901c962ddac]
-3.16-upstream-stable: released (3.16.39) [firewire-net-guard-against-rx-buffer-overflows.patch]
-3.2-upstream-stable: released (3.2.84) [firewire-net-guard-against-rx-buffer-overflows.patch]
-sid: released (4.8.7-1)
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: released (3.2.84-1)
Deleted: active/CVE-2016-8658
===================================================================
--- active/CVE-2016-8658 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-8658 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,15 +0,0 @@
-Description: Stack buffer overflow in brcmfmac driver
-References:
-Notes:
- bwh> Appears to have been introduced in 3.7 by commit 1a8733423975,
- bwh> contrary to the commit message. Source file was introduced as
- bwh> drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c, renamed to
- bwh> drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c and then to
- bwh> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-Bugs:
-upstream: released (4.8-rc8) [ded89912156b1a47d940a0c954c43afbabd0c42c]
-3.16-upstream-stable: released (3.16.39) [brcmfmac-avoid-potential-stack-overflow-in-brcmf_cfg80211_start_ap.patch]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.7.5-1)
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-9083
===================================================================
--- active/CVE-2016-9083 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-9083 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,11 +0,0 @@
-Description: Incomplete parameter validation in vfio_pci driver
-References:
-Notes:
- https://patchwork.kernel.org/patch/9373631/
-Bugs:
-upstream: released (4.9-rc4) [05692d7005a364add85c6e25a6c4447ce08f913a]
-3.16-upstream-stable: released (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.8.11-1) [bugfix/all/vfio-pci-Fix-integer-overflows-bitmask-check.patch]
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-9084
===================================================================
--- active/CVE-2016-9084 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-9084 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,11 +0,0 @@
-Description: Integer overflow in vfio_pci driver
-References:
-Notes:
- https://patchwork.kernel.org/patch/9373631/
-Bugs:
-upstream: released (4.9-rc4) [05692d7005a364add85c6e25a6c4447ce08f913a]
-3.16-upstream-stable: released (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.8.11-1) [bugfix/all/vfio-pci-Fix-integer-overflows-bitmask-check.patch]
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-9754
===================================================================
--- active/CVE-2016-9754 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-9754 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,10 +0,0 @@
-Description: Integer overflow in ring_buffer_resize()
-References:
-Notes:
-Bugs:
-upstream: released (4.7-rc1) [59643d1535eb220668692a5359de22545af579f6]
-3.16-upstream-stable: released (3.16.37) [e5e2cbc7f25c06266bba5072adab68cc64f71401]
-3.2-upstream-stable: N/A "Vulnerable code introduced in 3.5-rc1 with 83f40318dab00e3298a1f6d0b12ac025e84e478d
-sid: released (4.6.1-1)
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-9806
===================================================================
--- active/CVE-2016-9806 2017-01-14 12:12:00 UTC (rev 4835)
+++ active/CVE-2016-9806 2017-01-14 12:32:38 UTC (rev 4836)
@@ -1,12 +0,0 @@
-Description: double free in netlink_dump
-References:
-Notes:
- bwh> Introduced by commit 16b304f3404f "netlink: Eliminate kmalloc in
- bwh> netlink dump operation." in 3.12.
-Bugs:
-upstream: released (4.7-rc1) [92964c79b357efd980812c4de5c1fd2ec8bb5520]
-3.16-upstream-stable: released (3.16.37)
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.6.3-1)
-3.16-jessie-security: released (3.16.39-1)
-3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2015-1350 (from rev 4835, active/CVE-2015-1350)
===================================================================
--- retired/CVE-2015-1350 (rev 0)
+++ retired/CVE-2015-1350 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,16 @@
+Description: chown removes security.capability xattr on other users' files
+References:
+ - http://www.openwall.com/lists/oss-security/2015/01/17/12
+ - http://www.openwall.com/lists/oss-security/2015/01/24/5
+Notes:
+ bwh> The bug seems to have present ever since file capabilities were added
+ bwh> in 2.6.24.
+ carnil> prerequisite: 31051c85b5e2aaaf6315f74c72a732673632a905
+ carnil> fixes backportable to older versions without breakage?
+Bugs: 770492
+upstream: released (4.9-rc1) [030b533c4fd4d2ec3402363323de4bb2983c9cee]
+sid: released (4.8.11-1) [bugfix/all/xfs-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/ceph-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-Give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-Avoid-premature-clearing-of-capabilities.patch]
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: released (3.2.84-1)
+3.16-upstream-stable: released (3.16.39) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
+3.2-upstream-stable: released (3.2.84) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
Copied: retired/CVE-2015-8955 (from rev 4835, active/CVE-2015-8955)
===================================================================
--- retired/CVE-2015-8955 (rev 0)
+++ retired/CVE-2015-8955 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,11 @@
+Description: Incomplete validation of hardware perf_events on arm64
+References:
+Notes:
+ bwh> Minor issue for Debian since we restrict access to perf_event by default
+Bugs:
+upstream: released (4.1-rc1) [8fff105e13041e49b82f92eef034f363a6b1c071]
+3.16-upstream-stable: released (3.16.39) [arm64-perf-reject-groups-spanning-multiple-hw-pmus.patch]
+3.2-upstream-stable: N/A "Vulnerable architecture not present"
+sid: released (4.1.3-1)
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: N/A "Vulnerable architecture not present"
Copied: retired/CVE-2016-5412 (from rev 4835, active/CVE-2016-5412)
===================================================================
--- retired/CVE-2016-5412 (rev 0)
+++ retired/CVE-2016-5412 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,14 @@
+Description:
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1349916
+ https://marc.info/?l=kvm&m=146968629127349&w=2
+ https://marc.info/?l=kvm&m=146968629627356&w=2
+ https://marc.info/?l=kvm&m=146968629427354&w=2
+Notes:
+Bugs:
+upstream: released (4.8-rc1) [f024ee098476a3e620232e4a78cfac505f121245, 93d17397e4e2182fdaad503e2f9da46202c0f1c3]
+3.16-upstream-stable: released (3.16.37) [kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-into-separate.patch, kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
+3.2-upstream-stable: N/A "Transactional memory is not supported"
+sid: released (4.7.2-1)
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: N/A "Transactional memory is not supported"
Copied: retired/CVE-2016-7097 (from rev 4835, active/CVE-2016-7097)
===================================================================
--- retired/CVE-2016-7097 (rev 0)
+++ retired/CVE-2016-7097 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,13 @@
+Description: Setting a POSIX ACL via setxattr doesn't clear the setgid bit
+References:
+ http://www.spinics.net/lists/linux-fsdevel/msg98328.html
+ http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2
+ https://bugzilla.redhat.com/show_bug.cgi?id=1368938
+Notes:
+Bugs:
+upstream: released (4.9-rc1) [073931017b49d9458aa351605b43a7e34598caef]
+3.16-upstream-stable: released (3.16.39) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
+3.2-upstream-stable: released (3.2.84) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
+sid: released (4.7.8-1) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissio.patch]
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: released (3.2.84-1)
Copied: retired/CVE-2016-7910 (from rev 4835, active/CVE-2016-7910)
===================================================================
--- retired/CVE-2016-7910 (rev 0)
+++ retired/CVE-2016-7910 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,10 @@
+Description: Use-after-free in /proc/partitions implementation
+References:
+Notes:
+Bugs:
+upstream: released (4.8-rc1) [77da160530dd1dc94f6ae15a981f24e5f0021e84]
+3.16-upstream-stable: released (3.16.39)
+3.2-upstream-stable: released (3.2.84)
+sid: released (4.7.2-1)
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: released (3.2.84-1)
Copied: retired/CVE-2016-8633 (from rev 4835, active/CVE-2016-8633)
===================================================================
--- retired/CVE-2016-8633 (rev 0)
+++ retired/CVE-2016-8633 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,11 @@
+Description:
+References:
+ https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/
+Notes:
+Bugs:
+upstream: released (4.9-rc4) [667121ace9dbafb368618dbabcf07901c962ddac]
+3.16-upstream-stable: released (3.16.39) [firewire-net-guard-against-rx-buffer-overflows.patch]
+3.2-upstream-stable: released (3.2.84) [firewire-net-guard-against-rx-buffer-overflows.patch]
+sid: released (4.8.7-1)
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: released (3.2.84-1)
Copied: retired/CVE-2016-8658 (from rev 4835, active/CVE-2016-8658)
===================================================================
--- retired/CVE-2016-8658 (rev 0)
+++ retired/CVE-2016-8658 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,15 @@
+Description: Stack buffer overflow in brcmfmac driver
+References:
+Notes:
+ bwh> Appears to have been introduced in 3.7 by commit 1a8733423975,
+ bwh> contrary to the commit message. Source file was introduced as
+ bwh> drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c, renamed to
+ bwh> drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c and then to
+ bwh> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+Bugs:
+upstream: released (4.8-rc8) [ded89912156b1a47d940a0c954c43afbabd0c42c]
+3.16-upstream-stable: released (3.16.39) [brcmfmac-avoid-potential-stack-overflow-in-brcmf_cfg80211_start_ap.patch]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.7.5-1)
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-9083 (from rev 4835, active/CVE-2016-9083)
===================================================================
--- retired/CVE-2016-9083 (rev 0)
+++ retired/CVE-2016-9083 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,11 @@
+Description: Incomplete parameter validation in vfio_pci driver
+References:
+Notes:
+ https://patchwork.kernel.org/patch/9373631/
+Bugs:
+upstream: released (4.9-rc4) [05692d7005a364add85c6e25a6c4447ce08f913a]
+3.16-upstream-stable: released (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.8.11-1) [bugfix/all/vfio-pci-Fix-integer-overflows-bitmask-check.patch]
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-9084 (from rev 4835, active/CVE-2016-9084)
===================================================================
--- retired/CVE-2016-9084 (rev 0)
+++ retired/CVE-2016-9084 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,11 @@
+Description: Integer overflow in vfio_pci driver
+References:
+Notes:
+ https://patchwork.kernel.org/patch/9373631/
+Bugs:
+upstream: released (4.9-rc4) [05692d7005a364add85c6e25a6c4447ce08f913a]
+3.16-upstream-stable: released (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.8.11-1) [bugfix/all/vfio-pci-Fix-integer-overflows-bitmask-check.patch]
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-9754 (from rev 4835, active/CVE-2016-9754)
===================================================================
--- retired/CVE-2016-9754 (rev 0)
+++ retired/CVE-2016-9754 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,10 @@
+Description: Integer overflow in ring_buffer_resize()
+References:
+Notes:
+Bugs:
+upstream: released (4.7-rc1) [59643d1535eb220668692a5359de22545af579f6]
+3.16-upstream-stable: released (3.16.37) [e5e2cbc7f25c06266bba5072adab68cc64f71401]
+3.2-upstream-stable: N/A "Vulnerable code introduced in 3.5-rc1 with 83f40318dab00e3298a1f6d0b12ac025e84e478d
+sid: released (4.6.1-1)
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-9806 (from rev 4835, active/CVE-2016-9806)
===================================================================
--- retired/CVE-2016-9806 (rev 0)
+++ retired/CVE-2016-9806 2017-01-14 12:32:38 UTC (rev 4836)
@@ -0,0 +1,12 @@
+Description: double free in netlink_dump
+References:
+Notes:
+ bwh> Introduced by commit 16b304f3404f "netlink: Eliminate kmalloc in
+ bwh> netlink dump operation." in 3.12.
+Bugs:
+upstream: released (4.7-rc1) [92964c79b357efd980812c4de5c1fd2ec8bb5520]
+3.16-upstream-stable: released (3.16.37)
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.6.3-1)
+3.16-jessie-security: released (3.16.39-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list