From ddc82f2280ac19660b7cf233e8044bf57de945ef Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 16 Aug 2017 19:57:20 +0000 Subject: Add DSA text for 4.9.30-2+deb9u3 git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5480 e094ebfe-e918-0410-adfb-c712417f3574 --- dsa-texts/4.9.30-2+deb9u3 | 79 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 dsa-texts/4.9.30-2+deb9u3 (limited to 'dsa-texts/4.9.30-2+deb9u3') diff --git a/dsa-texts/4.9.30-2+deb9u3 b/dsa-texts/4.9.30-2+deb9u3 new file mode 100644 index 00000000..a3beb726 --- /dev/null +++ b/dsa-texts/4.9.30-2+deb9u3 @@ -0,0 +1,79 @@ +Package : linux +CVE ID : CVE-2017-7346 CVE-2017-7482 CVE-2017-7533 CVE-2017-7541 + CVE-2017-7542 CVE-2017-9605 CVE-2017-10810 CVE-2017-10911 + CVE-2017-11176 CVE-2017-1000365 + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a privilege escalation, denial of service or information +leaks. + +CVE-2017-7346 + + Li Qiang discovered that the DRM driver for VMware virtual GPUs does + not properly check user-controlled values in the + vmw_surface_define_ioctl() functions for upper limits. A local user + can take advantage of this flaw to cause a denial of service. + +CVE-2017-7482 + + Shi Lei discovered that RxRPC Kerberos 5 ticket handling code does + not properly verify metadata, leading to information disclosure, + denial of service or potentially execution of arbitrary code. + +CVE-2017-7533 + + Fan Wu and Shixiong Zhao discovered a race condition between inotify + events and VFS rename operations allowing an unprivileged local + attacker to cause a denial of service or escalate privileges. + +CVE-2017-7541 + + A buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN + driver could allow a local user to cause kernel memory corruption, + leading to a denial of service or potentially privilege escalation. + +CVE-2017-7542 + + An integer overflow vulnerability in the ip6_find_1stfragopt() + function was found allowing a local attacker with privileges to open + raw sockets to cause a denial of service. + +CVE-2017-9605 + + Murray McAllister discovered that the DRM driver for VMware virtual + GPUs does not properly initialize memory, potentially allowing a + local attacker to obtain sensitive information from uninitialized + kernel memory via a crafted ioctl call. + +CVE-2017-10810 + + Li Qiang discovered a memory leak flaw within the VirtIO GPU driver + resulting in denial of service (memory consumption). + +CVE-2017-10911 / XSA-216 + + Anthony Perard of Citrix discovered an information leak flaw in Xen + blkif response handling, allowing a malicious unprivileged guest to + obtain sensitive information from the host or other guests. + +CVE-2017-11176 + + It was discovered that the mq_notify() function does not set the + sock pointer to NULL upon entry into the retry logic. An attacker + can take advantage of this flaw during a user-space close of a + Netlink socket to cause a denial of service or potentially cause + other impact. + +CVE-2017-1000365 + + It was discovered that argument and environment pointers are not + taken properly into account to the imposed size restrictions on + arguments and environmental strings passed through + RLIMIT_STACK/RLIMIT_INFINITY. A local attacker can take advantage of + this flaw in conjunction with other flaws to execute arbitrary code. + +For the oldstable distribution (jessie), these problems will be fixed in +a subsequent DSA. + +For the stable distribution (stretch), these problems have been fixed in +version 4.9.30-2+deb9u3. -- cgit v1.2.3