Add description for CVE-2017-1000112

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5581 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2017-09-20 19:18:13 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-09-20 19:18:13 +0000
commit: 14c3bd1e8de9e5a6b6f42105a3075e8e20b4dab7 (patch)
tree: ca8c16b026bf402736ff4c6d10fabf8dccc7d77a
parent: d47cbf24a70e9bfa6770ec49350ae1484ece0a97 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/dsa-texts/4.9.30-2+deb9u5 b/dsa-texts/4.9.30-2+deb9u5
index 6372ca14..dccf4f8c 100644
--- a/dsa-texts/4.9.30-2+deb9u5
+++ b/dsa-texts/4.9.30-2+deb9u5
@@ -122,6 +122,14 @@ CVE-2017-1000111
 
 CVE-2017-1000112
 
+    Andrey Konovalov of Google reported a race condition flaw in the UDP
+    Fragmentation Offload (UFO) code. A local user with the
+    CAP_NET_ADMIN capability can use this flaw for denial of service or
+    possibly to execute arbitrary code. Debian disables unprivileged
+    user namespaces by default, if locally enabled with the
+    kernel.unprivileged_userns_clone sysctl, this allows privilege
+    escalation.
+
 CVE-2017-1000251 / #875881
 
     Armis Labs discovered that the Bluetooth subsystem does not
author	Salvatore Bonaccorso <carnil@debian.org>	2017-09-20 19:18:13 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-09-20 19:18:13 +0000
commit	14c3bd1e8de9e5a6b6f42105a3075e8e20b4dab7 (patch)
tree	ca8c16b026bf402736ff4c6d10fabf8dccc7d77a
parent	d47cbf24a70e9bfa6770ec49350ae1484ece0a97 (diff)