From 6d07b78865932cfa96bbd7e962c878faf508928a Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 23 Dec 2017 17:00:11 +0000 Subject: CVE-CVE-2017-1786{2,3,4} assigned git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5829 e094ebfe-e918-0410-adfb-c712417f3574 --- dsa-texts/4.9.65-3+deb9u1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'dsa-texts/4.9.65-3+deb9u1') diff --git a/dsa-texts/4.9.65-3+deb9u1 b/dsa-texts/4.9.65-3+deb9u1 index 7228db7d..4cebe959 100644 --- a/dsa-texts/4.9.65-3+deb9u1 +++ b/dsa-texts/4.9.65-3+deb9u1 @@ -2,7 +2,8 @@ Package : linux CVE ID : CVE-2017-8824 CVE-2017-16538 CVE-2017-16644 CVE-2017-16995 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-17712 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 - CVE-2017-17807 CVE-2017-1000407 CVE-2017-1000410 + CVE-2017-17807 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 + CVE-2017-1000407 CVE-2017-1000410 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information @@ -40,7 +41,7 @@ CVE-2017-16995 correctly model the behaviour of 32-bit load instructions. A local user can use this for privilege escalation. -CVE-2017-XXXXX +CVE-2017-17862 Alexei Starovoitov discovered that the Extended BPF verifier ignored unreachable code, even though it would still be processed @@ -48,13 +49,13 @@ CVE-2017-XXXXX denial of service. It also increases the severity of bugs in determining unreachable code. -CVE-2017-XXXXX +CVE-2017-17863 Jann Horn discovered that the Extended BPF verifier did not correctly model pointer arithmetic on the stack frame pointer. A local user can use this for privilege escalation. -CVE-2017-XXXXX +CVE-2017-17864 Jann Horn discovered that the Extended BPF verifier could fail to detect pointer leaks from conditional code. A local user could -- cgit v1.2.3