diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2018-09-30 23:38:28 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2018-09-30 23:38:28 +0100 |
commit | 4a8d4c8359fbe217f0f56a933f923118f473080d (patch) | |
tree | 2979f61a458ca0b8df6e1b74c3d6ccee99950618 /dsa-texts/4.9.110-3+deb9u5 | |
parent | 5233cf497d6adc41da0a6a7ae1e669ebf28fbd98 (diff) |
Improve DSA wording for some issues fixed in 4.9.110-3+deb9u5
Diffstat (limited to 'dsa-texts/4.9.110-3+deb9u5')
-rw-r--r-- | dsa-texts/4.9.110-3+deb9u5 | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/dsa-texts/4.9.110-3+deb9u5 b/dsa-texts/4.9.110-3+deb9u5 index 6f17c384e..ab689bc3f 100644 --- a/dsa-texts/4.9.110-3+deb9u5 +++ b/dsa-texts/4.9.110-3+deb9u5 @@ -11,7 +11,7 @@ leaks. CVE-2018-6554 - A memory leak in the rda_bind function in the irda subsystem was + A memory leak in the irda_bind function in the irda subsystem was discovered. A local user can take advantage of this flaw to cause a denial of service (memory consumption). @@ -25,9 +25,9 @@ CVE-2018-7755 Brian Belleville discovered a flaw in the fd_locked_ioctl function in the floppy driver in the Linux kernel. The floppy driver copies a - kernel pointer to user memory in response to the FDGETPRM ioctl. An - attacker can take advantage of this flaw to discover the location - kernel code and data. + kernel pointer to user memory in response to the FDGETPRM ioctl. A + local user with access to a floppy drive device can take advantage + of this flaw to discover the location kernel code and data. CVE-2018-9363 @@ -95,9 +95,9 @@ CVE-2018-16658 CVE-2018-17182 Jann Horn discovered that the vmacache_flush_all function mishandles - sequence number overflows. An attacker can take advantage of this - flaw to trigger a use-after-free and cause a denial of service or - privilege escalation. + sequence number overflows. A local user can take advantage of this + flaw to trigger a use-after-free, causing a denial of service + (crash or memory corruption) or privilege escalation. For the stable distribution (stretch), these problems have been fixed in version 4.9.110-3+deb9u5. |