diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2018-12-09 09:30:10 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2018-12-09 09:30:10 +0100 |
commit | c9cc46880afc9e38610f3c2014b18a8e16e0153f (patch) | |
tree | 44d7578324f67f300142f5a9c8a4a40de9f61155 /retired/CVE-2018-7740 | |
parent | 50de7b0fb31cff39486b040c2a033117447f7342 (diff) |
Retire CVE-2018-7740
Diffstat (limited to 'retired/CVE-2018-7740')
-rw-r--r-- | retired/CVE-2018-7740 | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/retired/CVE-2018-7740 b/retired/CVE-2018-7740 new file mode 100644 index 00000000..edbf0740 --- /dev/null +++ b/retired/CVE-2018-7740 @@ -0,0 +1,21 @@ +Description: hugetlb: Offset overflow and BUG() in remap_file_pages() +References: + https://bugzilla.novell.com/show_bug.cgi?id=1084353 +Notes: + carnil> fir 4.15.x fixed in 4.15.14 with e0fdb5385c4bf26b4be60c0042344c315c039aeb + carnil> SUSE report suggests (if missing, but not checked) to backport as well + carnil> ff8c0c53c475 and 045c7a3f53d9 where missing. + bwh> As I read the description of commit 045c7a3f53d9, commit ff8c0c53c475 + bwh> in Linux 4.11 introduced (or exacerbated) this vulnerability - + bwh> previously if an overflow occurred the mmap operation would fail. + bwh> So earlier branches have a somewhat different vulnerability. +Bugs: + https://bugzilla.kernel.org/show_bug.cgi?id=199037 +upstream: released (4.16-rc7) [63489f8e821144000e0bdca7e65a8d1cc23a7ee7] +4.9-upstream-stable: released (4.9.144) [3d101f33acb2312ad544106212e0b9ff0d9917f3, 447effd30f9d12f7925595ba9a6ffb01969d6cce] +3.16-upstream-stable: released (3.16.57) [363ed2044f82d8997e9ea8231dc1abeab4993755, 8cca49ea37415645203520bff04309c8a87f7677] +3.2-upstream-stable: released (3.2.102) [4cba2554682469496ff48536d50c399110d20043, 131802b8292d35e8a407469c485565b199ed79cf] +sid: released (4.15.17-1) +4.9-stretch-security: released (4.9.88-1) [bugfix/all/hugetlbfs-fix-offset-overflow-in-hugetlbfs-mmap.patch, bugfix/all/hugetlbfs-check-for-pgoff-value-overflow.patch] +3.16-jessie-security: released (3.16.56-1) [bugfix/all/hugetlbfs-fix-offset-overflow-in-hugetlbfs-mmap.patch, bugfix/all/hugetlbfs-check-for-pgoff-value-overflow.patch] +3.2-wheezy-security: released (3.2.101-1) [bugfix/all/hugetlbfs-fix-offset-overflow-in-hugetlbfs-mmap.patch, bugfix/all/hugetlbfs-check-for-pgoff-value-overflow.patch] |