[kernel-sec-discuss] r3888 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Aug 7 13:49:19 UTC 2015 

Author: jmm
Date: 2015-08-07 13:49:19 +0000 (Fri, 07 Aug 2015)
New Revision: 3888

Added:
   retired/CVE-2015-1420
   retired/CVE-2015-3212
Removed:
   active/CVE-2015-1420
   active/CVE-2015-3212
Log:
retire


Deleted: active/CVE-2015-1420
===================================================================
--- active/CVE-2015-1420	2015-08-07 13:48:56 UTC (rev 3887)
+++ active/CVE-2015-1420	2015-08-07 13:49:19 UTC (rev 3888)
@@ -1,14 +0,0 @@
-Description: race condition in fs/fhandle.c
-References:
- http://marc.info/?l=linux-kernel&m=142247707318982&w=2
-Notes:
- jmm> Pinged Sasha, this fell through the cracks, he'll re-poke
-Bugs:
-upstream: released (4.1-rc7) [161f873b8913]
-2.6.32-upstream-stable: N/A "Introduced in 2.6.39 with becfd1f37544798cbdfd788f32c827160fab98c1"
-sid: released (3.16.7-ckt7-1) [bugfix/all/vfs-read-file_handle-only-once-in-handle_to_path.patch]
-3.16-jessie-security: N/A "Fixed before initial release"
-3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/vfs-read-file_handle-only-once-in-handle_to_path.patch]
-2.6.32-squeeze-security: N/A "Introduced in 2.6.39 with becfd1f37544798cbdfd788f32c827160fab98c1"
-3.16-upstream-stable: released (3.16.7-ckt13)
-3.2-upstream-stable: released (3.2.70) [vfs-read-file_handle-only-once-in-handle_to_path.patch]

Deleted: active/CVE-2015-3212
===================================================================
--- active/CVE-2015-3212	2015-08-07 13:48:56 UTC (rev 3887)
+++ active/CVE-2015-3212	2015-08-07 13:49:19 UTC (rev 3888)
@@ -1,14 +0,0 @@
-Description: SCTP race condition allows list corruption and panic from userlevel
-References:
- https://marc.info/?l=linux-netdev&m=143277436124732&w=2
-Notes:
- Introduced in v3.1-rc1 by 9f7d653b67aed2d92540fbb0a8adaf
-Bugs:
-upstream: released (4.2-rc1) [2d45a02d0166caf2627fe91897c6ffc3b19514c4]
-3.16-upstream-stable: released (3.16.7-ckt15)
-3.2-upstream-stable: released (3.2.70) [sctp-fix-asconf-list-handling.patch]
-2.6.32-upstream-stable: N/A "Introduced with 9f7d653b67aed2d92540fbb0a8adaf"
-sid: released (4.0.8-1)
-3.16-jessie-security: released (3.16.7-ckt11-1+deb8u3) [bugfix/all/sctp-fix-asconf-list-handling.patch]
-3.2-wheezy-security: released (3.2.68-1+deb7u3) [bugfix/all/sctp-fix-asconf-list-handling.patch]
-2.6.32-squeeze-security: N/A "Introduced with 9f7d653b67aed2d92540fbb0a8adaf"

Copied: retired/CVE-2015-1420 (from rev 3887, active/CVE-2015-1420)
===================================================================
--- retired/CVE-2015-1420	                        (rev 0)
+++ retired/CVE-2015-1420	2015-08-07 13:49:19 UTC (rev 3888)
@@ -0,0 +1,14 @@
+Description: race condition in fs/fhandle.c
+References:
+ http://marc.info/?l=linux-kernel&m=142247707318982&w=2
+Notes:
+ jmm> Pinged Sasha, this fell through the cracks, he'll re-poke
+Bugs:
+upstream: released (4.1-rc7) [161f873b8913]
+2.6.32-upstream-stable: N/A "Introduced in 2.6.39 with becfd1f37544798cbdfd788f32c827160fab98c1"
+sid: released (3.16.7-ckt7-1) [bugfix/all/vfs-read-file_handle-only-once-in-handle_to_path.patch]
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/vfs-read-file_handle-only-once-in-handle_to_path.patch]
+2.6.32-squeeze-security: N/A "Introduced in 2.6.39 with becfd1f37544798cbdfd788f32c827160fab98c1"
+3.16-upstream-stable: released (3.16.7-ckt13)
+3.2-upstream-stable: released (3.2.70) [vfs-read-file_handle-only-once-in-handle_to_path.patch]

Copied: retired/CVE-2015-3212 (from rev 3887, active/CVE-2015-3212)
===================================================================
--- retired/CVE-2015-3212	                        (rev 0)
+++ retired/CVE-2015-3212	2015-08-07 13:49:19 UTC (rev 3888)
@@ -0,0 +1,14 @@
+Description: SCTP race condition allows list corruption and panic from userlevel
+References:
+ https://marc.info/?l=linux-netdev&m=143277436124732&w=2
+Notes:
+ Introduced in v3.1-rc1 by 9f7d653b67aed2d92540fbb0a8adaf
+Bugs:
+upstream: released (4.2-rc1) [2d45a02d0166caf2627fe91897c6ffc3b19514c4]
+3.16-upstream-stable: released (3.16.7-ckt15)
+3.2-upstream-stable: released (3.2.70) [sctp-fix-asconf-list-handling.patch]
+2.6.32-upstream-stable: N/A "Introduced with 9f7d653b67aed2d92540fbb0a8adaf"
+sid: released (4.0.8-1)
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u3) [bugfix/all/sctp-fix-asconf-list-handling.patch]
+3.2-wheezy-security: released (3.2.68-1+deb7u3) [bugfix/all/sctp-fix-asconf-list-handling.patch]
+2.6.32-squeeze-security: N/A "Introduced with 9f7d653b67aed2d92540fbb0a8adaf"

More information about the kernel-sec-discuss mailing list