diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-06-06 09:43:25 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-06-06 09:43:25 +0000 |
commit | 05e144f5efb3f82e93da6f2fa0283cf10f5662c5 (patch) | |
tree | 21da5aba7295fd76da23f65b845b8c46be428976 /retired/CVE-2017-7184 | |
parent | 746bd81de6f5b86cc825f4d7ed1565bc1a7f8ff6 (diff) |
Retire several CVEs
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5347 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2017-7184')
-rw-r--r-- | retired/CVE-2017-7184 | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2017-7184 b/retired/CVE-2017-7184 new file mode 100644 index 00000000..8e29f474 --- /dev/null +++ b/retired/CVE-2017-7184 @@ -0,0 +1,15 @@ +Description: Missing range checks in xfrm_user allow heap buffer overflow and privilege escalation +References: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7184 +Notes: + bwh> xfrm_user is only accessible with CAP_NET_ADMIN capability (in any + bwh> user namespace). So this is not exploitable by unprivileged users + bwh> in a default Debian configuration. +Bugs: +upstream: released (4.11-rc5) [677e806da4d916052585301785d847c3b3e6186a, f843ee6dd019bcece3e74e76ad9df0155655d0df] +4.9-upstream-stable: released (4.9.20) [64a5465799ee40e3d54d9da3037934cd4b7b502f, 79191ea36dc9be10a9c9b03d6b341ed2d2f76045] +3.16-upstream-stable: released (3.16.44) [811f5600db1a0a9c4f1abad5017e09f43d7088f3, fda265baa45b630675359db3699bb68350c4b907] +3.2-upstream-stable: released (3.2.89) [04dba730e9d4798184b4769f74ef14c20f8c6f9a, 4d09fd3505c59374e599a29918ca40059be3d554] +sid: released (4.9.18-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch] +3.16-jessie-security: released (3.16.43-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch] +3.2-wheezy-security: released (3.2.88-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch] |