diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-23 17:00:12 +0000 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-23 17:00:12 +0000 |
| commit | ad58b483f383eedd491395040edb12baccabf63d (patch) | |
| tree | b1b1a697b23ae9f29bef32a0f724ebaa5026196d /dsa-texts/4.9.65-3+deb9u1 | |
| parent | 6d07b78865932cfa96bbd7e962c878faf508928a (diff) | |
Sort CVEs after assignment
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5830 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/4.9.65-3+deb9u1')
| -rw-r--r-- | dsa-texts/4.9.65-3+deb9u1 | 42 |
1 files changed, 21 insertions, 21 deletions
diff --git a/dsa-texts/4.9.65-3+deb9u1 b/dsa-texts/4.9.65-3+deb9u1 index 4cebe959..d58d592a 100644 --- a/dsa-texts/4.9.65-3+deb9u1 +++ b/dsa-texts/4.9.65-3+deb9u1 @@ -41,27 +41,6 @@ CVE-2017-16995 correctly model the behaviour of 32-bit load instructions. A local user can use this for privilege escalation. -CVE-2017-17862 - - Alexei Starovoitov discovered that the Extended BPF verifier - ignored unreachable code, even though it would still be processed - by JIT compilers. This could possibly be used by local users for - denial of service. It also increases the severity of bugs in - determining unreachable code. - -CVE-2017-17863 - - Jann Horn discovered that the Extended BPF verifier did not - correctly model pointer arithmetic on the stack frame pointer. - A local user can use this for privilege escalation. - -CVE-2017-17864 - - Jann Horn discovered that the Extended BPF verifier could fail to - detect pointer leaks from conditional code. A local user could - use this to obtain sensitive information in order to exploit - other vulnerabilities. - CVE-2017-17448 Kevin Cernekee discovered that the netfilter subsystem allowed @@ -127,6 +106,27 @@ CVE-2017-17807 A local user could use this to cause a denial of service or to obtain sensitive information. +CVE-2017-17862 + + Alexei Starovoitov discovered that the Extended BPF verifier + ignored unreachable code, even though it would still be processed + by JIT compilers. This could possibly be used by local users for + denial of service. It also increases the severity of bugs in + determining unreachable code. + +CVE-2017-17863 + + Jann Horn discovered that the Extended BPF verifier did not + correctly model pointer arithmetic on the stack frame pointer. + A local user can use this for privilege escalation. + +CVE-2017-17864 + + Jann Horn discovered that the Extended BPF verifier could fail to + detect pointer leaks from conditional code. A local user could + use this to obtain sensitive information in order to exploit + other vulnerabilities. + CVE-2017-1000407 Andrew Honig reported that the KVM implementation for Intel |