retired/CVE-2017-7482


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Description: rxrpc: Fix several cases where a padded len isn't checked in ticket decode
References:
Notes:
 bwh> Introduced by commits 339412841d76 "RxRPC: Allow key payloads to be
 bwh> passed in XDR form" and 99455153d067 "RxRPC: Parse security index 5 keys
 bwh> (Kerberos 5)".
Bugs:
upstream: released (4.12-rc7) [5f2f97656ada8d811d3c1bef503ced266fcd53a0]
4.9-upstream-stable: released (4.9.35) [f2060387421109ac389dd209355918b566fc6f84]
3.16-upstream-stable: released (3.16.45) [e3378be9d9cbe1f77ecfc03b4350991be58f3f82]
3.2-upstream-stable: released (3.2.90) [09c9faacebb3c1e279ec962cff3072995328ca29]
sid: released (4.11.11-1)
4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/all/rxrpc-Fix-several-cases-where-a-padded-len-isn-t-che.patch]
3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/all/rxrpc-Fix-several-cases-where-a-padded-len-isn-t-che.patch]
3.2-wheezy-security: released (3.2.93-1)