diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-30 08:01:04 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-30 08:01:04 +0100 |
commit | 23eba1e52c37e8d50913f4f871d7d3a8a9317593 (patch) | |
tree | db720b45dcd03769fecc479c0daaa29106a6daf2 /retired/CVE-2017-17864 | |
parent | 0bc45dc5c24620f74bd9f2b59a23341465af652a (diff) |
Retire CVE-2017-17864
Diffstat (limited to 'retired/CVE-2017-17864')
-rw-r--r-- | retired/CVE-2017-17864 | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/retired/CVE-2017-17864 b/retired/CVE-2017-17864 new file mode 100644 index 00000000..fb727027 --- /dev/null +++ b/retired/CVE-2017-17864 @@ -0,0 +1,23 @@ +Description: bpf/verifier: Fix states_equal() comparison of pointer and UNKNOWN +References: +Notes: + carnil> Ben's commit message states "This was fixed differently upstream, + carnil> but the code around here waslargely rewritten in 4.14 by commit + carnil> f1174f77b50c "bpf/verifier: rework value tracking". The bug can be + carnil> detected by the bpf/verifier sub-test "pointer/scalar confusion in + carnil> state equality check (way 1)"." + carnil> how was it fixed? Which upstream commit? + carnil> So needs to be checked if 179d1c5602997fef5a940c6ddcf31212cbfebd14 + carnil> fixed that problem. + bwh> I know that the test case was fixed upstream and in sid by the recent + bwh> series of fixes, so have marked this as released even though I'm not + bwh> absolutely certain that this is the specific commit that fixed it. +Bugs: +upstream: released (4.15-rc5) [179d1c5602997fef5a940c6ddcf31212cbfebd14] +4.9-upstream-stable: released (4.9.73) [37435f7e80ef9adc32a69013c18f135e3f434244] +3.16-upstream-stable: N/A "Vulnerable code introduced later" +3.2-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (4.14.7-1) [bugfix/all/bpf-don-t-prune-branches-when-a-scalar-is-replaced-w.patch] +4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-verifier-fix-states_equal-comparison-of-pointer-and-unknown.patch] +3.16-jessie-security: N/A "Vulnerable code introduced later" +3.2-wheezy-security: N/A "Vulnerable code introduced later" |