diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2018-01-02 11:39:07 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2018-01-02 11:39:07 +0100 |
commit | 34931cb0d3850a032ae3d5930dbf0885fabc808f (patch) | |
tree | 45bc95537e6676ea2afabc54d2656bd091f60eef /retired/CVE-2017-1000405 | |
parent | b2cfa1f1b22cd89043ce35c412b1dccccc1ede05 (diff) |
Retire CVE-2017-1000405
Diffstat (limited to 'retired/CVE-2017-1000405')
-rw-r--r-- | retired/CVE-2017-1000405 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2017-1000405 b/retired/CVE-2017-1000405 new file mode 100644 index 00000000..6d781181 --- /dev/null +++ b/retired/CVE-2017-1000405 @@ -0,0 +1,19 @@ +Description: "Dirty COW" variant on transparent huge pages +References: + http://www.openwall.com/lists/oss-security/2017/11/30/1 + https://github.com/bindecy/HugeDirtyCowPOC +Notes: + carnil> The upstream commit 8310d48b125d19fcd9521d83b8293e63eb1646aa + carnil> allows the race condition, and was backported to 3.2.87, + carnil> 3.16.42 and 4.9.7. + bwh> But in 3.2 dirty bits didn't work on s390, so the backported version of + bwh> can_follow_write_pmd() doesn't use them. +Bugs: +upstream: released (4.15-rc2) [a8f97366452ed491d13cf1e44241bc0b5740b1f0] +4.9-upstream-stable: released (4.9.67) [7031ae2ab37d3df53c4a4e9903329a5d38c745ec] +3.16-upstream-stable: released (3.16.52) [ec041ea68228f2d025e2fa1b5c90a801605d063b] +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.14.2-1) [bugfix/all/mm-thp-Do-not-make-page-table-dirty-unconditionally-.patch] +4.9-stretch-security: released (4.9.65-1) +3.16-jessie-security: released (3.16.51-1) +3.2-wheezy-security: N/A "Vulnerable code not present" |