diff options
| author | Ben Hutchings <benh@debian.org> | 2017-02-22 13:32:21 +0000 |
|---|---|---|
| committer | Ben Hutchings <benh@debian.org> | 2017-02-22 13:32:21 +0000 |
| commit | 616076d68bb79629c232cf61fe91170ed59ee292 (patch) | |
| tree | 3a973183c7c17bebb7afeac0041a1863705ae594 | |
| parent | 9e203b28684545851b042a5dcc1e6dcf091a8f3d (diff) | |
Improve some descriptions in DSA text for 3.16.39-1+deb8u1
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4992 e094ebfe-e918-0410-adfb-c712417f3574
| -rw-r--r-- | dsa-texts/3.16.39-1+deb8u1 | 32 |
1 files changed, 18 insertions, 14 deletions
diff --git a/dsa-texts/3.16.39-1+deb8u1 b/dsa-texts/3.16.39-1+deb8u1 index 0426cd29..fe6970c2 100644 --- a/dsa-texts/3.16.39-1+deb8u1 +++ b/dsa-texts/3.16.39-1+deb8u1 @@ -10,9 +10,9 @@ impacts. CVE-2016-6786 / CVE-2016-6787 - It was discovered that the performance subsystem does not properly - manage locks during certain migrations, allowing a local attacker to - escalate privileges. + It was discovered that the performance events subsystem does not + properly manage locks during certain migrations, allowing a local + attacker to escalate privileges. CVE-2016-8405 @@ -24,22 +24,24 @@ CVE-2016-8405 CVE-2016-9191 CAI Qian discovered that reference counting is not properly handled - within proc_sys_readdir in the sysctl implementation, resulting in a - denial of service (system hang). + within proc_sys_readdir in the sysctl implementation, allowing a + local denial of service (system hang) or possibly privilege + escalation. CVE-2017-2583 CVE-2017-2584 CVE-2017-2596 CVE-2017-2618 - It was discovered that an off-by-one in the handling of selinux + It was discovered that an off-by-one in the handling of SELinux attributes in /proc/pid/attr could result in local denial of service. CVE-2017-5549 - It was discovered that the KLSI KL5KUSB105 serial USB device driver - could leak kernel memory, resulting in an information leak. + It was discovered that the KLSI KL5KUSB105 serial USB device + driver could log the contents of uninitialised kernel memory, + resulting in an information leak. CVE-2017-5551 @@ -51,20 +53,22 @@ CVE-2017-5551 CVE-2017-5897 - Andrey Konovalov discovered an out-of-bounds access flaw in the + Andrey Konovalov discovered an out-of-bounds read flaw in the ip6gre_err function in the IPv6 networking code. CVE-2017-5970 Andrey Konovalov discovered a denial-of-service flaw in the IPv4 - networking code, triggerable by sending bad IP options on a socket. + networking code. This can be triggered by a local or remote + attacker if a local UDP or raw socket has the IP_RETOPTS option + enabled. CVE-2017-6001 - Di Shen discovered a race condition between concurrent - sys_perf_event_open() calls in the performance subsystem, allowing a - local attacker to escalate privileges. This flaw exists because of - an incomplete fix of CVE-2016-6786. + Di Shen discovered a race condition between concurrent calls to + the performance events subsystem, allowing a local attacker to + escalate privileges. This flaw exists because of an incomplete fix + of CVE-2016-6786. CVE-2017-6074 |