dsa-texts/4.9.110-3+deb9u5


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100

Package        : linux
CVE ID         : CVE-2018-6554 CVE-2018-6555 CVE-2018-7755 CVE-2018-9363 
                 CVE-2018-9516 CVE-2018-10902 CVE-2018-10938 CVE-2018-13099 
                 CVE-2018-14609 CVE-2018-14617 CVE-2018-14633 CVE-2018-14678 
                 CVE-2018-14734 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276 
                 CVE-2018-16658 CVE-2018-17182

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2018-6554

    A memory leak in the rda_bind function in the irda subsystem was
    discovered. A local user can take advantage of this flaw to cause a
    denial of service (memory consumption).

CVE-2018-6555

    A flaw was discovered in the irda_setsockopt function in the irda
    subsystem, allowing a local user to cause a denial of service
    (use-after-free and system crash).

CVE-2018-7755

    Brian Belleville discovered a flaw in the fd_locked_ioctl function
    in the floppy driver in the Linux kernel. The floppy driver copies a
    kernel pointer to user memory in response to the FDGETPRM ioctl. An
    attacker can take advantage of this flaw to discover the location
    kernel code and data.

CVE-2018-9363

    Description

CVE-2018-9516

    Description

CVE-2018-10902

    Description

CVE-2018-10938

    Description

CVE-2018-13099

    Description

CVE-2018-14609

    Description

CVE-2018-14617

    Description

CVE-2018-14633

    Vincent Pelletier discovered a stack-based buffer overflow flaw in
    the chap_server_compute_md5() function in the iSCSI target code. An
    unauthenticated remote attacker can take advantage of this flaw to
    cause a denial of service or possibly to get a non-authorized access
    to data exported by an iSCSI target.

CVE-2018-14678

    Description

CVE-2018-14734

    Description

CVE-2018-15572

    Description

CVE-2018-15594

    Description

CVE-2018-16276

    Description

CVE-2018-16658

    Description

CVE-2018-17182

    Jann Horn discovered that the vmacache_flush_all function mishandles
    sequence number overflows. An attacker can take advantage of this
    flaw to trigger a use-after-free and cause a denial of service or
    privilege escalation.

For the stable distribution (stretch), these problems have been fixed in
version 4.9.110-3+deb9u5.