diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-09-20 19:18:13 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-09-20 19:18:13 +0000 |
commit | 14c3bd1e8de9e5a6b6f42105a3075e8e20b4dab7 (patch) | |
tree | ca8c16b026bf402736ff4c6d10fabf8dccc7d77a | |
parent | d47cbf24a70e9bfa6770ec49350ae1484ece0a97 (diff) |
Add description for CVE-2017-1000112
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5581 e094ebfe-e918-0410-adfb-c712417f3574
-rw-r--r-- | dsa-texts/4.9.30-2+deb9u5 | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/dsa-texts/4.9.30-2+deb9u5 b/dsa-texts/4.9.30-2+deb9u5 index 6372ca14..dccf4f8c 100644 --- a/dsa-texts/4.9.30-2+deb9u5 +++ b/dsa-texts/4.9.30-2+deb9u5 @@ -122,6 +122,14 @@ CVE-2017-1000111 CVE-2017-1000112 + Andrey Konovalov of Google reported a race condition flaw in the UDP + Fragmentation Offload (UFO) code. A local user with the + CAP_NET_ADMIN capability can use this flaw for denial of service or + possibly to execute arbitrary code. Debian disables unprivileged + user namespaces by default, if locally enabled with the + kernel.unprivileged_userns_clone sysctl, this allows privilege + escalation. + CVE-2017-1000251 / #875881 Armis Labs discovered that the Bluetooth subsystem does not |