[kernel-sec-discuss] r5401 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jul 3 07:24:13 UTC 2017
Author: carnil
Date: 2017-07-03 07:24:13 +0000 (Mon, 03 Jul 2017)
New Revision: 5401
Added:
retired/CVE-2017-1000364
retired/CVE-2017-7487
retired/CVE-2017-7645
retired/CVE-2017-7895
retired/CVE-2017-8064
retired/CVE-2017-8890
retired/CVE-2017-8924
retired/CVE-2017-8925
retired/CVE-2017-9074
retired/CVE-2017-9075
retired/CVE-2017-9076
retired/CVE-2017-9077
retired/CVE-2017-9242
Removed:
active/CVE-2017-1000364
active/CVE-2017-7487
active/CVE-2017-7645
active/CVE-2017-7895
active/CVE-2017-8064
active/CVE-2017-8890
active/CVE-2017-8924
active/CVE-2017-8925
active/CVE-2017-9074
active/CVE-2017-9075
active/CVE-2017-9076
active/CVE-2017-9077
active/CVE-2017-9242
Log:
Retire several CVEs fixed everwhere
Deleted: active/CVE-2017-1000364
===================================================================
--- active/CVE-2017-1000364 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-1000364 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,16 +0,0 @@
-Description: stack gap guard page too small
-References:
-Notes:
- carnil> original patch series as applied in 4.9.30-2+deb9u1,
- carnil> 3.16.43-2+deb8u1 and 3.2.89-1 caused regressions.
- carnil> A regression update following the official upstream
- carnil> patch will solve those.
-Bugs:
-upstream: released (4.12-rc6) [1be7107fbe18eed3e319a6c3e83c78254b693acb]
-4.9-upstream-stable: released (4.9.34) [cfc0eb403816c5c4f9667d959de5e22789b5421e]
-3.16-upstream-stable: released (3.16.45) [978b8aa1646d4e023edd121c7f1b8f938ccb813d]
-3.2-upstream-stable: released (3.2.90) [640c7dfdc7c723143b1ce42f5569ec8565cbbde7]
-sid: released (4.11.6-1) [bugfix/all/mm-larger-stack-guard-gap-between-vmas.patch]
-4.9-stretch-security: released (4.9.30-2+deb9u1)
-3.16-jessie-security: released (3.16.43-2+deb8u1)
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-7487
===================================================================
--- active/CVE-2017-7487 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-7487 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,12 +0,0 @@
-Description: ipx: call ipxitf_put() in ioctl error path
-References:
-Notes:
-Bugs:
-upstream: released (4.12-rc1) [ee0d8d8482345ff97a75a7d747efc309f13b0d80]
-4.9-upstream-stable: released (4.9.30) [820adccd0e3be9bdd2384ca8fc4712108cfdf28b]
-3.16-upstream-stable: released (3.16.44) [c64988b55a19fc5c85f85c433976d6e5210f54dc]
-3.2-upstream-stable: released (3.2.89) [48dc185bcc73e1bb42d007cbaf96ad55cefaf4cb]
-sid: released (4.9.30-1)
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-7645
===================================================================
--- active/CVE-2017-7645 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-7645 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,25 +0,0 @@
-Description: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c
-References:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7645
- https://marc.info/?l=linux-nfs&m=149218228327497&w=2
- https://marc.info/?l=linux-nfs&m=149247516212924&w=2
-Notes:
- carnil> afaict the issue for which CVE-2017-7645 was assigned
- carnil> is fixed with e6838a29ecb484c97e4efef9429643b9851fba6e
- carnil> but I think
- carnil> db44bac41bbfc0c0d9dd943092d8bded3c9db19b (nfsd4: minor
- carnil> NFSv2/v3 write decoding cleanup) and the following
- carnil> 13bf9fbff0e5e099e2b6f003a0ab8ae145436309 (nfsd: stricter
- carnil> decoding of write-like NFSv2/v3 ops) should be applied
- carnil> as well (should the last commit get a separate CVE id?)
- carnil> 13bf9fbff0e5e099e2b6f003a0ab8ae145436309 got a separate
- carnil> CVE: CVE-2017-7895
-Bugs:
-upstream: released (4.11) [e6838a29ecb484c97e4efef9429643b9851fba6e]
-4.9-upstream-stable: released (4.9.26) [fc6445df466f37291a70937642068bda78802a5b]
-3.16-upstream-stable: released (3.16.44) [1d4ab03084d4bace93b1573c57a309e954d05c09]
-3.2-upstream-stable: released (3.2.89) [1eb3e42d91d63fc757a8da38683f417bcdf953a2]
-sid: released (4.9.25-1) [bugfix/all/nfsd-check-for-oversized-NFSv2-v3-arguments.patch]
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-7895
===================================================================
--- active/CVE-2017-7895 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-7895 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,14 +0,0 @@
-Description: nfsd: stricter decoding of write-like NFSv2/v3 ops
-References:
-Notes:
- carnil> Prerequisite: db44bac41bbfc0c0d9dd943092d8bded3c9db19b (nfsd4: minor
- carnil> NFSv2/v3 write decoding cleanup)
-Bugs:
-upstream: released (4.11) [13bf9fbff0e5e099e2b6f003a0ab8ae145436309]
-4.9-upstream-stable: released (4.9.26) [d7809b9e99bb75e83bdd13dc70ce27df61faf5de]
-3.16-upstream-stable: released (3.16.44) [bb0ea8af0b69259f5ea1d2fcff52948c98129c5e]
-3.2-upstream-stable: released (3.2.89) [6b9ba0c00cb068a50a409bbdc7cfbe473f1c01a3]
-sid: released (4.9.25-1) [bugfix/all/nfsd-stricter-decoding-of-write-like-NFSv2-v3-ops.patch]
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-8064
===================================================================
--- active/CVE-2017-8064 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-8064 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,14 +0,0 @@
-Description: [media] dvb-usb-v2: avoid use-after-free
-References:
-Notes:
- bwh> Introduced in 3.7 by commit d10d1b9ac97b
- bwh> "[media] dvb_usb_v2: use dev_* logging macros"
-Bugs:
-upstream: released (4.11-rc1) [005145378c9ad7575a01b6ce1ba118fb427f583a]
-4.9-upstream-stable: released (4.9.24) [1992564156b5dc4ac73418e5b95e1a43f12f3cb1]
-3.16-upstream-stable: released (3.16.44) [522182342410708c54eb2b33ff36e85f0b045a6d]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.9.25-1)
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/media-dvb-usb-v2-avoid-use-after-free.patch]
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2017-8890
===================================================================
--- active/CVE-2017-8890 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-8890 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,14 +0,0 @@
-Description: dccp/tcp: do not inherit mc_list from parent
-References:
-Notes:
- bwh> What's weird here is that it's possible to add a socket for a
- bwh> connection-based protocol to a multicast group.
-Bugs:
-upstream: released (4.12-rc1) [657831ffc38e30092a2d5f03d385d710eb88b09a]
-4.9-upstream-stable: released (4.9.31) [4eed44029507acc666ac7afe9c6a8ea0abf857b7]
-3.16-upstream-stable: released (3.16.44) [e4d8daa3b0d195c8aead116dd70aad8124be60c3]
-3.2-upstream-stable: released (3.2.89) [3d221359fedfc759661fb4a72804b6e798886e8f]
-sid: released (4.9.30-1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-8924
===================================================================
--- active/CVE-2017-8924 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-8924 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,12 +0,0 @@
-Description: information leak in io_ti USB driver
-References:
-Notes:
-Bugs:
-upstream: released (4.11-rc2) [654b404f2a222f918af9b0cd18ad469d0c941a8e]
-4.9-upstream-stable: released (4.9.16) [d0ef6ecee85e17742d8bce1559872cb542d6ccac]
-3.16-upstream-stable: released (3.16.44) [f7287278eea268132ab71b30a0425ccf3a13a323]
-3.2-upstream-stable: released (3.2.89) [6d0c587048c85ca94723fc1bd900130cbe875eb3]
-sid: released (4.9.16-1)
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-8925
===================================================================
--- active/CVE-2017-8925 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-8925 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,12 +0,0 @@
-Description: tty exhaustion DoS in omninet USB driver
-References:
-Notes:
-Bugs:
-upstream: released (4.11-rc2) [30572418b445d85fcfe6c8fe84c947d2606767d8]
-4.9-upstream-stable: released (4.9.16) [6d6c5895f45431579c20f4183b25183f0e3afc92]
-3.16-upstream-stable: released (3.16.44) [e766215595e90b7a307cc7c7054ff43e96340731]
-3.2-upstream-stable: released (3.2.89) [8b236342396140be22ab9b486c412666f161af78]
-sid: released (4.9.16-1)
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-9074
===================================================================
--- active/CVE-2017-9074 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-9074 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,16 +0,0 @@
-Description: ipv6: Prevent overrun when parsing v6 header options
-References:
-Notes:
- carnil> Requires as well 7dd7eb9513bd02184d45f000ab69d78cb1fa1531
- carnil> which fixes 2423496af35d94a87156b063ea5cedffc10a70a1
- bwh> Also requires 6e80ac5cc992ab6256c3dae87f7e57db15e1a58c and
- bwh> e3e86b5119f81e5e2499bea7ea1ebe8ac6aab789
-Bugs:
-upstream: released (4.12-rc2) [2423496af35d94a87156b063ea5cedffc10a70a1]
-4.9-upstream-stable: released (4.9.31) [a2c845e51a820549a6df5a1e8907ee754422119e]
-3.16-upstream-stable: released (3.16.44) [3bff722de601acaf593a1ade13fbbee54b688e9b]
-3.2-upstream-stable: released (3.2.89) [ad8a4d9d3f255a783d534a47d4b4ac611bb291d8]
-sid: released (4.9.30-1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-9075
===================================================================
--- active/CVE-2017-9075 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-9075 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,12 +0,0 @@
-Description: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
-References:
-Notes:
-Bugs:
-upstream: released (4.12-rc2) [fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8]
-4.9-upstream-stable: released (4.9.31) [5e7d9f0b3f729a64b99e58047f7bb0ff36acb759]
-3.16-upstream-stable: released (3.16.44) [60e7579f4b71e2e8b252d2f1b3ef5ffb3b971a4e]
-3.2-upstream-stable: released (3.2.89) [cc1fa7814bdb7ebee2ee79bbce181c0783de9ad5]
-sid: released (4.9.30-1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-9076
===================================================================
--- active/CVE-2017-9076 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-9076 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,12 +0,0 @@
-Description: ipv6/dccp: do not inherit ipv6_mc_list from parent (dccp_v6_request_recv_sock)
-References:
-Notes:
-Bugs:
-upstream: released (4.12-rc2) [83eaddab4378db256d00d295bda6ca997cd13a52]
-4.9-upstream-stable: released (4.9.31) [4bd8f5e38e5a1612ce4373068b518b14d3e38ec8]
-3.16-upstream-stable: released (3.16.44) [53d48f98b800059504da76d12bf0074581aa0fe2]
-3.2-upstream-stable: released (3.2.89) [0767192a2c4ac9145a7e8fb00370963bc145a920]
-sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-9077
===================================================================
--- active/CVE-2017-9077 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-9077 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,12 +0,0 @@
-Description: ipv6/dccp: do not inherit ipv6_mc_list from parent (tcp_v6_syn_recv_sock)
-References:
-Notes:
-Bugs:
-upstream: released (4.12-rc2) [83eaddab4378db256d00d295bda6ca997cd13a52]
-4.9-upstream-stable: released (4.9.31) [4bd8f5e38e5a1612ce4373068b518b14d3e38ec8]
-3.16-upstream-stable: released (3.16.44) [53d48f98b800059504da76d12bf0074581aa0fe2]
-3.2-upstream-stable: released (3.2.89) [0767192a2c4ac9145a7e8fb00370963bc145a920]
-sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-3.2-wheezy-security: released (3.2.89-1)
Deleted: active/CVE-2017-9242
===================================================================
--- active/CVE-2017-9242 2017-07-03 07:18:46 UTC (rev 5400)
+++ active/CVE-2017-9242 2017-07-03 07:24:13 UTC (rev 5401)
@@ -1,12 +0,0 @@
-Description: ipv6: fix out of bound writes in __ip6_append_data()
-References:
-Notes:
-Bugs:
-upstream: released (4.12-rc3) [232cd35d0804cc241eb887bb8d4d9b3b9881c64a]
-4.9-upstream-stable: released (4.9.31) [304b41014acbdc5fa5126c86bac31dc41a245f9f]
-3.16-upstream-stable: released (3.16.44) [55c51263ff43e3bf5deb1425f4221696f94db1be]
-3.2-upstream-stable: released (3.2.89) [e5238fca9694d61861096d5fb80685c9f6581555]
-sid: released (4.9.30-1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
-4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
-3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-1000364 (from rev 5400, active/CVE-2017-1000364)
===================================================================
--- retired/CVE-2017-1000364 (rev 0)
+++ retired/CVE-2017-1000364 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,16 @@
+Description: stack gap guard page too small
+References:
+Notes:
+ carnil> original patch series as applied in 4.9.30-2+deb9u1,
+ carnil> 3.16.43-2+deb8u1 and 3.2.89-1 caused regressions.
+ carnil> A regression update following the official upstream
+ carnil> patch will solve those.
+Bugs:
+upstream: released (4.12-rc6) [1be7107fbe18eed3e319a6c3e83c78254b693acb]
+4.9-upstream-stable: released (4.9.34) [cfc0eb403816c5c4f9667d959de5e22789b5421e]
+3.16-upstream-stable: released (3.16.45) [978b8aa1646d4e023edd121c7f1b8f938ccb813d]
+3.2-upstream-stable: released (3.2.90) [640c7dfdc7c723143b1ce42f5569ec8565cbbde7]
+sid: released (4.11.6-1) [bugfix/all/mm-larger-stack-guard-gap-between-vmas.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u1)
+3.16-jessie-security: released (3.16.43-2+deb8u1)
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-7487 (from rev 5400, active/CVE-2017-7487)
===================================================================
--- retired/CVE-2017-7487 (rev 0)
+++ retired/CVE-2017-7487 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,12 @@
+Description: ipx: call ipxitf_put() in ioctl error path
+References:
+Notes:
+Bugs:
+upstream: released (4.12-rc1) [ee0d8d8482345ff97a75a7d747efc309f13b0d80]
+4.9-upstream-stable: released (4.9.30) [820adccd0e3be9bdd2384ca8fc4712108cfdf28b]
+3.16-upstream-stable: released (3.16.44) [c64988b55a19fc5c85f85c433976d6e5210f54dc]
+3.2-upstream-stable: released (3.2.89) [48dc185bcc73e1bb42d007cbaf96ad55cefaf4cb]
+sid: released (4.9.30-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-7645 (from rev 5400, active/CVE-2017-7645)
===================================================================
--- retired/CVE-2017-7645 (rev 0)
+++ retired/CVE-2017-7645 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,25 @@
+Description: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c
+References:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7645
+ https://marc.info/?l=linux-nfs&m=149218228327497&w=2
+ https://marc.info/?l=linux-nfs&m=149247516212924&w=2
+Notes:
+ carnil> afaict the issue for which CVE-2017-7645 was assigned
+ carnil> is fixed with e6838a29ecb484c97e4efef9429643b9851fba6e
+ carnil> but I think
+ carnil> db44bac41bbfc0c0d9dd943092d8bded3c9db19b (nfsd4: minor
+ carnil> NFSv2/v3 write decoding cleanup) and the following
+ carnil> 13bf9fbff0e5e099e2b6f003a0ab8ae145436309 (nfsd: stricter
+ carnil> decoding of write-like NFSv2/v3 ops) should be applied
+ carnil> as well (should the last commit get a separate CVE id?)
+ carnil> 13bf9fbff0e5e099e2b6f003a0ab8ae145436309 got a separate
+ carnil> CVE: CVE-2017-7895
+Bugs:
+upstream: released (4.11) [e6838a29ecb484c97e4efef9429643b9851fba6e]
+4.9-upstream-stable: released (4.9.26) [fc6445df466f37291a70937642068bda78802a5b]
+3.16-upstream-stable: released (3.16.44) [1d4ab03084d4bace93b1573c57a309e954d05c09]
+3.2-upstream-stable: released (3.2.89) [1eb3e42d91d63fc757a8da38683f417bcdf953a2]
+sid: released (4.9.25-1) [bugfix/all/nfsd-check-for-oversized-NFSv2-v3-arguments.patch]
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-7895 (from rev 5400, active/CVE-2017-7895)
===================================================================
--- retired/CVE-2017-7895 (rev 0)
+++ retired/CVE-2017-7895 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,14 @@
+Description: nfsd: stricter decoding of write-like NFSv2/v3 ops
+References:
+Notes:
+ carnil> Prerequisite: db44bac41bbfc0c0d9dd943092d8bded3c9db19b (nfsd4: minor
+ carnil> NFSv2/v3 write decoding cleanup)
+Bugs:
+upstream: released (4.11) [13bf9fbff0e5e099e2b6f003a0ab8ae145436309]
+4.9-upstream-stable: released (4.9.26) [d7809b9e99bb75e83bdd13dc70ce27df61faf5de]
+3.16-upstream-stable: released (3.16.44) [bb0ea8af0b69259f5ea1d2fcff52948c98129c5e]
+3.2-upstream-stable: released (3.2.89) [6b9ba0c00cb068a50a409bbdc7cfbe473f1c01a3]
+sid: released (4.9.25-1) [bugfix/all/nfsd-stricter-decoding-of-write-like-NFSv2-v3-ops.patch]
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-8064 (from rev 5400, active/CVE-2017-8064)
===================================================================
--- retired/CVE-2017-8064 (rev 0)
+++ retired/CVE-2017-8064 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,14 @@
+Description: [media] dvb-usb-v2: avoid use-after-free
+References:
+Notes:
+ bwh> Introduced in 3.7 by commit d10d1b9ac97b
+ bwh> "[media] dvb_usb_v2: use dev_* logging macros"
+Bugs:
+upstream: released (4.11-rc1) [005145378c9ad7575a01b6ce1ba118fb427f583a]
+4.9-upstream-stable: released (4.9.24) [1992564156b5dc4ac73418e5b95e1a43f12f3cb1]
+3.16-upstream-stable: released (3.16.44) [522182342410708c54eb2b33ff36e85f0b045a6d]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.9.25-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/media-dvb-usb-v2-avoid-use-after-free.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2017-8890 (from rev 5400, active/CVE-2017-8890)
===================================================================
--- retired/CVE-2017-8890 (rev 0)
+++ retired/CVE-2017-8890 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,14 @@
+Description: dccp/tcp: do not inherit mc_list from parent
+References:
+Notes:
+ bwh> What's weird here is that it's possible to add a socket for a
+ bwh> connection-based protocol to a multicast group.
+Bugs:
+upstream: released (4.12-rc1) [657831ffc38e30092a2d5f03d385d710eb88b09a]
+4.9-upstream-stable: released (4.9.31) [4eed44029507acc666ac7afe9c6a8ea0abf857b7]
+3.16-upstream-stable: released (3.16.44) [e4d8daa3b0d195c8aead116dd70aad8124be60c3]
+3.2-upstream-stable: released (3.2.89) [3d221359fedfc759661fb4a72804b6e798886e8f]
+sid: released (4.9.30-1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-8924 (from rev 5400, active/CVE-2017-8924)
===================================================================
--- retired/CVE-2017-8924 (rev 0)
+++ retired/CVE-2017-8924 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,12 @@
+Description: information leak in io_ti USB driver
+References:
+Notes:
+Bugs:
+upstream: released (4.11-rc2) [654b404f2a222f918af9b0cd18ad469d0c941a8e]
+4.9-upstream-stable: released (4.9.16) [d0ef6ecee85e17742d8bce1559872cb542d6ccac]
+3.16-upstream-stable: released (3.16.44) [f7287278eea268132ab71b30a0425ccf3a13a323]
+3.2-upstream-stable: released (3.2.89) [6d0c587048c85ca94723fc1bd900130cbe875eb3]
+sid: released (4.9.16-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-8925 (from rev 5400, active/CVE-2017-8925)
===================================================================
--- retired/CVE-2017-8925 (rev 0)
+++ retired/CVE-2017-8925 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,12 @@
+Description: tty exhaustion DoS in omninet USB driver
+References:
+Notes:
+Bugs:
+upstream: released (4.11-rc2) [30572418b445d85fcfe6c8fe84c947d2606767d8]
+4.9-upstream-stable: released (4.9.16) [6d6c5895f45431579c20f4183b25183f0e3afc92]
+3.16-upstream-stable: released (3.16.44) [e766215595e90b7a307cc7c7054ff43e96340731]
+3.2-upstream-stable: released (3.2.89) [8b236342396140be22ab9b486c412666f161af78]
+sid: released (4.9.16-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-9074 (from rev 5400, active/CVE-2017-9074)
===================================================================
--- retired/CVE-2017-9074 (rev 0)
+++ retired/CVE-2017-9074 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,16 @@
+Description: ipv6: Prevent overrun when parsing v6 header options
+References:
+Notes:
+ carnil> Requires as well 7dd7eb9513bd02184d45f000ab69d78cb1fa1531
+ carnil> which fixes 2423496af35d94a87156b063ea5cedffc10a70a1
+ bwh> Also requires 6e80ac5cc992ab6256c3dae87f7e57db15e1a58c and
+ bwh> e3e86b5119f81e5e2499bea7ea1ebe8ac6aab789
+Bugs:
+upstream: released (4.12-rc2) [2423496af35d94a87156b063ea5cedffc10a70a1]
+4.9-upstream-stable: released (4.9.31) [a2c845e51a820549a6df5a1e8907ee754422119e]
+3.16-upstream-stable: released (3.16.44) [3bff722de601acaf593a1ade13fbbee54b688e9b]
+3.2-upstream-stable: released (3.2.89) [ad8a4d9d3f255a783d534a47d4b4ac611bb291d8]
+sid: released (4.9.30-1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-9075 (from rev 5400, active/CVE-2017-9075)
===================================================================
--- retired/CVE-2017-9075 (rev 0)
+++ retired/CVE-2017-9075 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,12 @@
+Description: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
+References:
+Notes:
+Bugs:
+upstream: released (4.12-rc2) [fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8]
+4.9-upstream-stable: released (4.9.31) [5e7d9f0b3f729a64b99e58047f7bb0ff36acb759]
+3.16-upstream-stable: released (3.16.44) [60e7579f4b71e2e8b252d2f1b3ef5ffb3b971a4e]
+3.2-upstream-stable: released (3.2.89) [cc1fa7814bdb7ebee2ee79bbce181c0783de9ad5]
+sid: released (4.9.30-1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-9076 (from rev 5400, active/CVE-2017-9076)
===================================================================
--- retired/CVE-2017-9076 (rev 0)
+++ retired/CVE-2017-9076 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,12 @@
+Description: ipv6/dccp: do not inherit ipv6_mc_list from parent (dccp_v6_request_recv_sock)
+References:
+Notes:
+Bugs:
+upstream: released (4.12-rc2) [83eaddab4378db256d00d295bda6ca997cd13a52]
+4.9-upstream-stable: released (4.9.31) [4bd8f5e38e5a1612ce4373068b518b14d3e38ec8]
+3.16-upstream-stable: released (3.16.44) [53d48f98b800059504da76d12bf0074581aa0fe2]
+3.2-upstream-stable: released (3.2.89) [0767192a2c4ac9145a7e8fb00370963bc145a920]
+sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-9077 (from rev 5400, active/CVE-2017-9077)
===================================================================
--- retired/CVE-2017-9077 (rev 0)
+++ retired/CVE-2017-9077 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,12 @@
+Description: ipv6/dccp: do not inherit ipv6_mc_list from parent (tcp_v6_syn_recv_sock)
+References:
+Notes:
+Bugs:
+upstream: released (4.12-rc2) [83eaddab4378db256d00d295bda6ca997cd13a52]
+4.9-upstream-stable: released (4.9.31) [4bd8f5e38e5a1612ce4373068b518b14d3e38ec8]
+3.16-upstream-stable: released (3.16.44) [53d48f98b800059504da76d12bf0074581aa0fe2]
+3.2-upstream-stable: released (3.2.89) [0767192a2c4ac9145a7e8fb00370963bc145a920]
+sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.2-wheezy-security: released (3.2.89-1)
Copied: retired/CVE-2017-9242 (from rev 5400, active/CVE-2017-9242)
===================================================================
--- retired/CVE-2017-9242 (rev 0)
+++ retired/CVE-2017-9242 2017-07-03 07:24:13 UTC (rev 5401)
@@ -0,0 +1,12 @@
+Description: ipv6: fix out of bound writes in __ip6_append_data()
+References:
+Notes:
+Bugs:
+upstream: released (4.12-rc3) [232cd35d0804cc241eb887bb8d4d9b3b9881c64a]
+4.9-upstream-stable: released (4.9.31) [304b41014acbdc5fa5126c86bac31dc41a245f9f]
+3.16-upstream-stable: released (3.16.44) [55c51263ff43e3bf5deb1425f4221696f94db1be]
+3.2-upstream-stable: released (3.2.89) [e5238fca9694d61861096d5fb80685c9f6581555]
+sid: released (4.9.30-1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
+3.2-wheezy-security: released (3.2.89-1)
More information about the kernel-sec-discuss
mailing list