Add initial description for CVE-2018-7755

author: Salvatore Bonaccorso <carnil@debian.org> 2018-09-30 20:21:30 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2018-09-30 20:21:30 +0200
commit: 6069ff23a209da96f457746b2f93ca5d6a3bbd3f (patch)
tree: 0c6a73dae90bbdc7c9bf92e401571d262e612e00 /dsa-texts/4.9.110-3+deb9u5
parent: b88e2e6adda8cced758733834fb174cb3c4ce654 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/dsa-texts/4.9.110-3+deb9u5 b/dsa-texts/4.9.110-3+deb9u5
index 1cc0e3d9..d7f199c5 100644
--- a/dsa-texts/4.9.110-3+deb9u5
+++ b/dsa-texts/4.9.110-3+deb9u5
@@ -23,7 +23,11 @@ CVE-2018-6555
 
 CVE-2018-7755
 
-    Description
+    Brian Belleville discovered a flaw in the fd_locked_ioctl function
+    in the floppy driver in the Linux kernel. The floppy driver copies a
+    kernel pointer to user memory in response to the FDGETPRM ioctl. An
+    attacker can take advantage of this flaw to discover the location
+    kernel code and data.
 
 CVE-2018-9363
author	Salvatore Bonaccorso <carnil@debian.org>	2018-09-30 20:21:30 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2018-09-30 20:21:30 +0200
commit	6069ff23a209da96f457746b2f93ca5d6a3bbd3f (patch)
tree	0c6a73dae90bbdc7c9bf92e401571d262e612e00 /dsa-texts/4.9.110-3+deb9u5
parent	b88e2e6adda8cced758733834fb174cb3c4ce654 (diff)