[Secure-testing-commits] r49276 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Feb 27 20:38:03 UTC 2017
Author: carnil
Date: 2017-02-27 20:38:03 +0000 (Mon, 27 Feb 2017)
New Revision: 49276
Modified:
data/CVE/list
Log:
Record fixes for linux/4.9.13-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-27 18:58:18 UTC (rev 49275)
+++ data/CVE/list 2017-02-27 20:38:03 UTC (rev 49276)
@@ -68,25 +68,25 @@
NOTE: https://github.com/gentoo/pax-utils/commit/858939ea6ad63f1acb4ec74bba705c197a67d559
CVE-2017-6353 [sctp: deny peeloff operation on asocs with threads sleeping on it]
RESERVED
- - linux <unfixed>
+ - linux 4.9.13-1
NOTE: https://marc.info/?l=linux-netdev&m=148785309416337&w=2
CVE-2017-6348 [irda: Fix lockdep annotations in hashbin_delete().]
RESERVED
- - linux <unfixed>
+ - linux 4.9.13-1
NOTE: Fixed by: https://git.kernel.org/linus/4c03b862b12f980456f9de92db6d508a4999b788
CVE-2017-6347 [ip: fix IP_CHECKSUM handling]
RESERVED
- - linux <unfixed>
+ - linux 4.9.13-1
[jessie] - linux <not-affected> (Vulnerable code introduced in 4.0)
[wheezy] - linux <not-affected> (Vulnerable code introduced in 4.0)
NOTE: Fixed by: https://git.kernel.org/linus/ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32
CVE-2017-6346 [packet: fix races in fanout_add()]
RESERVED
- - linux <unfixed>
+ - linux 4.9.13-1
NOTE: Fixed by: https://git.kernel.org/linus/d199fab63c11998a602205f7ee7ff7c05c97164b
CVE-2017-6345 [net/llc: avoid BUG_ON() in skb_orphan()]
RESERVED
- - linux <unfixed>
+ - linux 4.9.13-1
NOTE: Fixed by: https://git.kernel.org/linus/8b74d439e1697110c5e5c600643e823eb1dd0762
CVE-2017-6321
RESERVED
@@ -362,7 +362,7 @@
CVE-2017-6211
RESERVED
CVE-2017-6214 (The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel ...)
- - linux <unfixed>
+ - linux 4.9.13-1
NOTE: Fixed by: https://git.kernel.org/linus/ccf7abb93af09ad0868ae9033d1ca8108bdaec82 (v4.10-rc8)
CVE-2017-6210 [null pointer dereference in vrend_decode_reset]
RESERVED
@@ -664,7 +664,7 @@
RESERVED
CVE-2017-6074 (The dccp_rcv_state_process function in net/dccp/input.c in the Linux ...)
{DSA-3791-1 DLA-833-1}
- - linux <unfixed>
+ - linux 4.9.13-1
NOTE: Fixed by: https://git.kernel.org/linus/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4
CVE-2017-6073
RESERVED
@@ -969,7 +969,7 @@
CVE-2017-5968
RESERVED
CVE-2017-5967 (The time subsystem in the Linux kernel through 4.9.9, when ...)
- - linux <unfixed> (low)
+ - linux 4.9.13-1 (low)
[jessie] - linux <no-dsa> (Upstream fix removes feature; not suitable for backporting)
[wheezy] - linux <no-dsa> (Upstream fix removes feature; not suitable for backporting)
CVE-2017-5966
@@ -1192,7 +1192,7 @@
CVE-2017-5897
RESERVED
{DSA-3791-1}
- - linux <unfixed>
+ - linux 4.9.13-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=7892032cfe67f4bde6fc2ee967e45a8fbaf33756
NOTE: Introduced by: https://github.com/torvalds/linux/commit/c12b395a46646bab69089ce7016ac78177f6001f (3.7-rc1)
@@ -1885,7 +1885,7 @@
CVE-2017-5670
RESERVED
CVE-2017-5669 (The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 ...)
- - linux <unfixed>
+ - linux 4.9.13-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=192931
CVE-2017-5666 [invalid free in free_options (options_manager.c)]
RESERVED
@@ -10359,7 +10359,7 @@
RESERVED
CVE-2017-2596 (The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux ...)
{DSA-3791-1}
- - linux <unfixed>
+ - linux 4.9.13-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: https://www.spinics.net/lists/kvm/msg144319.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417812
More information about the Secure-testing-commits
mailing list