blob: 8bd3be704d28df1562ce74e971d27b5d9537683e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
Package : linux
CVE ID : CVE-2017-8824 CVE-2017-16538 CVE-2017-16644 CVE-2017-16995
CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558
CVE-2017-17712 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806
CVE-2017-17807 CVE-2017-1000407 CVE-2017-1000410
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
CVE-2017-8824
Mohamed Ghannam discovered that the DCCP implementation did not
correctly manage resources when a socket is disconnected and
reconnected, potentially leading to a use-after-free. A local
user could use this for denial of service (crash or data
corruption) or possibly for privilege escalation. On systems that
do not already have the dccp module loaded, this can be mitigated
by disabling it:
echo >> /etc/modprobe.d/disable-dccp.conf install dccp false
CVE-2017-16538
CVE-2017-16644
CVE-2017-16995
CVE-2017-17448
CVE-2017-17449
CVE-2017-17450
CVE-2017-17558
CVE-2017-17712
CVE-2017-17741
CVE-2017-17805
CVE-2017-17806
CVE-2017-17807
CVE-2017-1000407
Andrew Honig reported that the KVM implementation for Intel
processors allowed direct access to host I/O port 0x80, which
is not generally safe. On some systems this allows a guest
VM to cause a denial of service (crash) of the host.
CVE-2017-1000410
For the stable distribution (stretch), these problems have been fixed
in 4.9.65-3+deb9u1.
For the unstable distribution (sid), these problems have been fixed in
4.14.7-1 or earlier versions.
|