[kernel-sec-discuss] r5742 - active retired

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-11-27 05:42:55 +0000 (Mon, 27 Nov 2017)
New Revision: 5742

Added:
   retired/CVE-2017-16648
Removed:
   active/CVE-2017-16648
Log:
Retire CVE-2017-16648

Deleted: active/CVE-2017-16648
===================================================================
--- active/CVE-2017-16648	2017-11-27 05:42:53 UTC (rev 5741)
+++ active/CVE-2017-16648	2017-11-27 05:42:55 UTC (rev 5742)
@@ -1,17 +0,0 @@
-Description: usb/media/dtt200u: use-after-free in __dvb_frontend_free
-References:
- https://patchwork.kernel.org/patch/10046189/
-Notes:
- bwh> Introduced in 4.14-rc6 by commit ead666000a5f "media: dvb_frontend:
- bwh> only use kref after initialized".  Upstream fix probably depends on
- bwh> commit 62229de19ff2 "media: dvb-core: always call invoke_release() in
- bwh> fe_free()".
-Bugs:
-upstream: released (4.15-rc1) [b1cb7372fa822af6c06c8045963571d13ad6348b]
-4.9-upstream-stable: N/A "Vulnerable code not present"
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: N/A "Vulnerable code not present"
-4.9-stretch-security: N/A "Vulnerable code not present"
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-16648 (from rev 5741, active/CVE-2017-16648)
===================================================================
--- retired/CVE-2017-16648	                        (rev 0)
+++ retired/CVE-2017-16648	2017-11-27 05:42:55 UTC (rev 5742)
@@ -0,0 +1,17 @@
+Description: usb/media/dtt200u: use-after-free in __dvb_frontend_free
+References:
+ https://patchwork.kernel.org/patch/10046189/
+Notes:
+ bwh> Introduced in 4.14-rc6 by commit ead666000a5f "media: dvb_frontend:
+ bwh> only use kref after initialized".  Upstream fix probably depends on
+ bwh> commit 62229de19ff2 "media: dvb-core: always call invoke_release() in
+ bwh> fe_free()".
+Bugs:
+upstream: released (4.15-rc1) [b1cb7372fa822af6c06c8045963571d13ad6348b]
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"