retired/CVE-2017-14497


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Description: packet: Don't write vnet header beyond end of buffer
References:
 https://marc.info/?t=150394517700001&r=1&w=2
Notes:
 carnil> commit claims to fix 58d19b19cd99 and as such the issue
 carnil> was introduced only in v4.6-rc1
Bugs:
upstream: released (4.13) [edbd58be15a957f6a760c4a514cd475217eb97fd]
4.9-upstream-stable: released (4.9.51) [8c623e5d03692dc478277185a0b907d53aea1b43]
3.16-upstream-stable: N/A "Vulnerable code introduced later"
3.2-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.12.13-1) [bugfix/all/packet-don-t-write-vnet-header-beyond-end-of-buffer.patch]
4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/packet-don-t-write-vnet-header-beyond-end-of-buffer.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"