diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-25 23:33:50 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-25 23:33:50 +0100 |
commit | f0034110200d65b388efc510866670f3629b421a (patch) | |
tree | ba6615360bfd31a8050ddac69293c6fdbda6c8d5 /retired/CVE-2017-16995 | |
parent | 819f46ab5c241a5a9a9e43ae3c1560871cecb2dc (diff) |
Retire CVE-2017-16995
Diffstat (limited to 'retired/CVE-2017-16995')
-rw-r--r-- | retired/CVE-2017-16995 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2017-16995 b/retired/CVE-2017-16995 new file mode 100644 index 00000000..5dfa33c3 --- /dev/null +++ b/retired/CVE-2017-16995 @@ -0,0 +1,16 @@ +Description: bpf: fix incorrect sign extension in check_alu_op() +References: + https://bugs.chromium.org/p/project-zero/issues/detail?id=1454 + http://www.openwall.com/lists/oss-security/2017/12/21/2 + https://github.com/brl/grlh/blob/master/get-rekt-linux-hardened.c +Notes: + carnil> Intorduced in 4.9-rc1 with 484611357c19f9e19ef742ebef4505a07d243cc9 +Bugs: +upstream: released (4.15-rc5) [95a762e2c8c942780948091f8f2a4f32fce1ac6f] +4.9-upstream-stable: released (4.9.72) [3695b3b18519099224efbc5875569d2cb6da256d] +3.16-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1" +3.2-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1" +sid: released (4.14.7-1) [bugfix/all/bpf-fix-incorrect-sign-extension-in-check_alu_op.patch] +4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-fix-incorrect-sign-extension-in-check_alu_op.patch] +3.16-jessie-security: N/A "Vulnerable code introduced later" +3.2-wheezy-security: N/A "Vulnerable code introduced later" |