diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-25 18:37:09 +0000 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-25 18:37:09 +0000 |
| commit | 819f46ab5c241a5a9a9e43ae3c1560871cecb2dc (patch) | |
| tree | ba5f93e3630144b9834ecd080f769cf438a890f6 /retired/CVE-2017-17863 | |
| parent | 973104954e793510f34601747ccefadd0be16bd0 (diff) | |
Retire CVE-2017-17863
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5839 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2017-17863')
| -rw-r--r-- | retired/CVE-2017-17863 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2017-17863 b/retired/CVE-2017-17863 new file mode 100644 index 00000000..c802e2ca --- /dev/null +++ b/retired/CVE-2017-17863 @@ -0,0 +1,19 @@ +Description: bpf: reject out-of-bounds stack pointer calculation +References: + https://www.spinics.net/lists/stable/msg206985.html +Notes: + carnil> Introduced by 7bca0a9702edfc8d0e7e46f984ca422ffdbe0498 (4.9.28) + carnil> which is 332270fdc8b6fba07d059a9ad44df9e1a2ad4529 (4.12-rc1) in + carnil> mainline. Quoting commit message: "This is a fix specifically + carnil> for the v4.9 stable tree because the mainline code looks very + carnil> different at this point." + carnil> The 4.9 specific fix is done via d75d3ee237cee9068022117e059b64bbab617f3d +Bugs: +upstream: released (4.15-rc5) [bb7f0f989ca7de1153bd128a40a71709e339fa03] +4.9-upstream-stable: released (4.9.72) [d75d3ee237cee9068022117e059b64bbab617f3d] +3.16-upstream-stable: N/A "Vulnerable code introduced later" +3.2-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (4.14.7-1) [bugfix/all/bpf-fix-integer-overflows.patch] +4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-reject-out-of-bounds-stack-pointer-calculation.patch] +3.16-jessie-security: N/A "Vulnerable code introduced later" +3.2-wheezy-security: N/A "Vulnerable code introduced later" |