From 00c553936854dc1f18ccd73ff6461b47bcec374f Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 20 Sep 2017 13:54:10 +0000 Subject: Start drafting linux DSA Overview will be removed, just needed to track jessie/stretch only issues. git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5568 e094ebfe-e918-0410-adfb-c712417f3574 --- dsa-texts/4.9.30-2+deb9u5 | 73 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 dsa-texts/4.9.30-2+deb9u5 (limited to 'dsa-texts/4.9.30-2+deb9u5') diff --git a/dsa-texts/4.9.30-2+deb9u5 b/dsa-texts/4.9.30-2+deb9u5 new file mode 100644 index 00000000..a9d150f6 --- /dev/null +++ b/dsa-texts/4.9.30-2+deb9u5 @@ -0,0 +1,73 @@ +Package : linux +CVE ID : CVE-2017-7518 CVE-2017-7558 CVE-2017-10661 CVE-2017-11600 CVE-2017-12134 CVE-2017-12146 CVE-2017-12153 CVE-2017-12154 CVE-2017-14051 CVE-2017-14106 CVE-2017-14140 CVE-2017-14156 CVE-2017-14340 CVE-2017-14489 CVE-2017-14497 CVE-2017-1000111 CVE-2017-1000112 CVE-2017-1000251 CVE-2017-1000252 CVE-2017-1000370 CVE-2017-1000371 CVE-2017-1000380 + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a privilege escalation, denial of service or information +leaks. + +CVE-2017-7518 + + Andy Lutomirski discovered that KVM is prone to an incorrect debug + exception(#DB) error occuring while emulating a syscall instruction. + A process inside a quest can take advantage of this flaw for + privilege escalation inside a guest. + +CVE-2017-7558 (stretch only) + + Stefano Brivio of Red Hat discovered that sctp subsystem is prone to + a data leak vulnerability due to an out-of-bounds read flaw, + allowing to leak up to 100 uninitialized bytes to userspace. + +CVE-2017-10661 (jessie only) + + +CVE-2017-11600 +CVE-2017-12134 +CVE-2017-12146 (stretch only) +CVE-2017-12153 +CVE-2017-12154 +CVE-2017-14051 +CVE-2017-14106 +CVE-2017-14140 +CVE-2017-14156 +CVE-2017-14340 +CVE-2017-14489 +CVE-2017-14497 (stretch only) +CVE-2017-1000111 +CVE-2017-1000112 +CVE-2017-1000251 +CVE-2017-1000252 (stretch only) +CVE-2017-1000370 +CVE-2017-1000371 +CVE-2017-1000380 + +jessie: 3.16.43-2+deb8u5 +stretch: 4.9.30-2+deb9u5 + +Overview: + + 3.16-jessie-security 4.9-stretch-security + CVE-2017-7518: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-7558: N/A "Vulnerable code pending (4.9.30-2+de + CVE-2017-10661: pending (3.16.43-2+d N/A "Fixed before in + CVE-2017-11600: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-12134: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-12146: N/A "Vulnerable code pending (4.9.30-2+de + CVE-2017-12153: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-12154: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-14051: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-14106: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-14140: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-14156: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-14340: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-14489: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-14497: N/A "Vulnerable code pending (4.9.30-2+de + CVE-2017-1000111: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-1000112: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-1000251: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-1000252: N/A 'Vulnerable code pending (4.9.30-2+de + CVE-2017-1000370: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-1000371: pending (3.16.43-2+d pending (4.9.30-2+de + CVE-2017-1000380: pending (3.16.43-2+d pending (4.9.30-2+de + +# vim:tw=72 -- cgit v1.2.3