Add possible description for CVE-2016-8405

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4981 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2017-02-22 07:29:24 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-02-22 07:29:24 +0000
commit: 54f3f387f8e3c9254ebb66c754cda02235feb307 (patch)
tree: e08093382c6594eda0fe937026800fb24e5d609f /dsa-texts/3.16.39-1+deb8u1
parent: 6672aebed2c77ab75865baccf63e5032a4563376 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/dsa-texts/3.16.39-1+deb8u1 b/dsa-texts/3.16.39-1+deb8u1
index de63a92e..64ccdc4d 100644
--- a/dsa-texts/3.16.39-1+deb8u1
+++ b/dsa-texts/3.16.39-1+deb8u1
@@ -15,6 +15,12 @@ CVE-2016-6786 / CVE-2016-6787
     escalate his privileges.
 
 CVE-2016-8405
+
+    Peter Pi of Trend Micro discovered that the frame buffer video
+    subsystem does not properly check bounds while copying color maps to
+    userspace, causing a heap buffer out-of-bounds read, leading to
+    information disclosure.
+
 CVE-2016-9191
 CVE-2017-2583
 CVE-2017-2584
author	Salvatore Bonaccorso <carnil@debian.org>	2017-02-22 07:29:24 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-02-22 07:29:24 +0000
commit	54f3f387f8e3c9254ebb66c754cda02235feb307 (patch)
tree	e08093382c6594eda0fe937026800fb24e5d609f /dsa-texts/3.16.39-1+deb8u1
parent	6672aebed2c77ab75865baccf63e5032a4563376 (diff)