retired/CVE-2017-14051


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: Integer overflow in qla2xxx sysfs code
References:
 https://patchwork.kernel.org/patch/9929625/
Notes:
 bwh> Requires CAP_SYS_ADMIN, so not a real vulnerability in the absence
 bwh> of Lockdown.
Bugs:
 https://bugzilla.kernel.org/show_bug.cgi?id=194061
upstream: released (4.14-rc1) [e6f77540c067b48dee10f1e33678415bfcc89017]
4.9-upstream-stable: released (4.9.52) [2a913aecc4f746ce15eb1bec98b134aff4190ae2]
3.16-upstream-stable: released (3.16.51) [71ee8480093a46d245f61e2c2c5cfb0d5a6bc61d]
3.2-upstream-stable: released (3.2.96) [1714a066d71dc00bc336aa1565ec86551e388704]
sid: released (4.12.13-1) [bugfix/all/scsi-qla2xxx-Fix-an-integer-overflow-in-sysfs-code.patch]
4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
3.2-wheezy-security: released (3.2.96-1)