diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2018-10-10 16:08:10 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2018-10-10 16:08:10 +0200 |
commit | e58840f1b07272348f16568187550f5c219ee2eb (patch) | |
tree | b971c0cfbc0ac9ff0560015a7861cbb6560c73ae /retired/CVE-2018-14634 | |
parent | 57b924820eb68766ff307bf9efd9f1d318dd0a34 (diff) |
retire more issues
Diffstat (limited to 'retired/CVE-2018-14634')
-rw-r--r-- | retired/CVE-2018-14634 | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2018-14634 b/retired/CVE-2018-14634 new file mode 100644 index 00000000..82c3b977 --- /dev/null +++ b/retired/CVE-2018-14634 @@ -0,0 +1,15 @@ +Description: Integer overflow in Linux's create_elf_tables() +References: + https://www.openwall.com/lists/oss-security/2018/09/25/4 +Notes: + carnil> Kernels with commit b6a2fea39318 ("mm: variable length argument + carnil> support"), but without commit da029c11e6b1 ("exec: Limit arg + carnil> stack to at most 75% of _STK_LIM") are exploitable. + carnil> For sid branch fixed in 4.12.6, as the fix landed in 4.12.3 +Bugs: +upstream: released (4.13-rc1) [da029c11e6b12f321f36dac8771e833b65cec962] +4.9-upstream-stable: released (4.9.39) [f31c4f65dd09319ba21cf825fa36daf0c1ddf958] +3.16-upstream-stable: released (3.16.59) [exec-limit-arg-stack-to-at-most-75-of-_stk_lim.patch] +sid: released (4.12.6-1) +4.9-stretch-security: released (4.9.47-1) +3.16-jessie-security: released (3.16.59-1) |