diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2018-05-02 08:01:27 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2018-05-02 08:01:27 +0200 |
commit | 3f1ac495684211f5c6c8bd5e8eac8d2b405dee68 (patch) | |
tree | 0bc18e11dc4f10760a099c6a1c90fa10dd1ccd96 /retired/CVE-2017-0861 | |
parent | 658830538c79baf34e713b9d5c5e533168a65321 (diff) |
Retire several CVEs
Diffstat (limited to 'retired/CVE-2017-0861')
-rw-r--r-- | retired/CVE-2017-0861 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2017-0861 b/retired/CVE-2017-0861 new file mode 100644 index 00000000..c5befe2b --- /dev/null +++ b/retired/CVE-2017-0861 @@ -0,0 +1,17 @@ +Description: ALSA: pcm: prevent UAF in snd_pcm_info +References: +Notes: + bwh> Commit 362bca57f5d7 "ALSA: pcm: prevent UAF in snd_pcm_info" claims to + bwh> fix this, but the UAF was already removed in 4.13 by commit e11f0f90a626 + bwh> "ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command". Based on + bwh> the latter commit message it appears that the UAF is totally harmless + bwh> in practice. +Bugs: +upstream: released (4.13-rc1) [e11f0f90a626f93899687b1cc909ee37dd6c5809] +4.9-upstream-stable: released (4.9.69) [45ddff3ce4e9a3d7e935d5b596686d9e176ed4a9] +3.16-upstream-stable: released (3.16.55) [da7bce9e41266e17c98a997c154cb126a7ed8e98] +3.2-upstream-stable: released (3.2.100) [c51f80d4d3a47dbc97b9b1b67d81e763afe9c398] +sid: released (4.13.4-1) +4.9-stretch-security: released (4.9.80-1) +3.16-jessie-security: released (3.16.56-1) +3.2-wheezy-security: released (3.2.101-1) |