blob: d94636ecac51340212263fc31649e5d3bdfd0c90 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
Description: Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
References:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1650
https://lore.kernel.org/lkml/20180828154901.112726-1-jannh@google.com/T/
https://www.openwall.com/lists/oss-security/2018/10/04/1
Notes:
carnil> Introduced by 7cccf0725cf7 (4.18-rc1) and ba54d856a9d8 (4.18-rc1)
Bugs:
upstream: released (4.19-rc2) [342db04ae71273322f0011384a9ed414df8bdae4]
4.9-upstream-stable: N/A "Vulnerable code introduced later"
3.16-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.18.6-1)
4.9-stretch-security: N/A "Vulnerable code not present"
3.16-jessie-security: N/A "Vulnerable code not present"
|
