diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-23 17:00:11 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-23 17:00:11 +0000 |
commit | 6d07b78865932cfa96bbd7e962c878faf508928a (patch) | |
tree | e7ea64b0ae17b110fc8e47f1f20327fbbf594a25 /dsa-texts/4.9.65-3+deb9u1 | |
parent | b77b124eec62f1c4ba7af4001b4dc68d57225b68 (diff) |
CVE-CVE-2017-1786{2,3,4} assigned
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5829 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/4.9.65-3+deb9u1')
-rw-r--r-- | dsa-texts/4.9.65-3+deb9u1 | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/dsa-texts/4.9.65-3+deb9u1 b/dsa-texts/4.9.65-3+deb9u1 index 7228db7d..4cebe959 100644 --- a/dsa-texts/4.9.65-3+deb9u1 +++ b/dsa-texts/4.9.65-3+deb9u1 @@ -2,7 +2,8 @@ Package : linux CVE ID : CVE-2017-8824 CVE-2017-16538 CVE-2017-16644 CVE-2017-16995 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-17712 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 - CVE-2017-17807 CVE-2017-1000407 CVE-2017-1000410 + CVE-2017-17807 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 + CVE-2017-1000407 CVE-2017-1000410 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information @@ -40,7 +41,7 @@ CVE-2017-16995 correctly model the behaviour of 32-bit load instructions. A local user can use this for privilege escalation. -CVE-2017-XXXXX +CVE-2017-17862 Alexei Starovoitov discovered that the Extended BPF verifier ignored unreachable code, even though it would still be processed @@ -48,13 +49,13 @@ CVE-2017-XXXXX denial of service. It also increases the severity of bugs in determining unreachable code. -CVE-2017-XXXXX +CVE-2017-17863 Jann Horn discovered that the Extended BPF verifier did not correctly model pointer arithmetic on the stack frame pointer. A local user can use this for privilege escalation. -CVE-2017-XXXXX +CVE-2017-17864 Jann Horn discovered that the Extended BPF verifier could fail to detect pointer leaks from conditional code. A local user could |