summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2017-17863
blob: c802e2ca4a6c4d9b479bdc3d56ff1b5ebe7f27f9 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Description: bpf: reject out-of-bounds stack pointer calculation
References:
 https://www.spinics.net/lists/stable/msg206985.html
Notes:
 carnil> Introduced by 7bca0a9702edfc8d0e7e46f984ca422ffdbe0498 (4.9.28)
 carnil> which is 332270fdc8b6fba07d059a9ad44df9e1a2ad4529 (4.12-rc1) in
 carnil> mainline. Quoting commit message: "This is a fix specifically
 carnil> for the v4.9 stable tree because the mainline code looks very
 carnil> different at this point."
 carnil> The 4.9 specific fix is done via d75d3ee237cee9068022117e059b64bbab617f3d
Bugs:
upstream: released (4.15-rc5) [bb7f0f989ca7de1153bd128a40a71709e339fa03]
4.9-upstream-stable: released (4.9.72) [d75d3ee237cee9068022117e059b64bbab617f3d]
3.16-upstream-stable: N/A "Vulnerable code introduced later"
3.2-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.14.7-1) [bugfix/all/bpf-fix-integer-overflows.patch]
4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-reject-out-of-bounds-stack-pointer-calculation.patch]
3.16-jessie-security: N/A "Vulnerable code introduced later"
3.2-wheezy-security: N/A "Vulnerable code introduced later"

© 2014-2024 Faster IT GmbH | imprint | privacy policy