diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2018-10-08 21:30:31 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2018-10-08 21:30:31 +0200 |
commit | d38a1be4844e034c42d5bfc592c1e654439e24c9 (patch) | |
tree | e18a1a7221c09302e7b6246902d95fedcf093e1b /dsa-texts/4.9.110-3+deb9u6 | |
parent | d72da714d42cb9e6bc236e25f5bf2717605ed0fe (diff) |
Add draft for 4.9.110-3+deb9u6 update
Diffstat (limited to 'dsa-texts/4.9.110-3+deb9u6')
-rw-r--r-- | dsa-texts/4.9.110-3+deb9u6 | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/dsa-texts/4.9.110-3+deb9u6 b/dsa-texts/4.9.110-3+deb9u6 new file mode 100644 index 000000000..dfa8d78b4 --- /dev/null +++ b/dsa-texts/4.9.110-3+deb9u6 @@ -0,0 +1,28 @@ +Package : linux +CVE ID: : CVE-2018-15471 CVE-2018-18021 + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a privilege escalation, denial of service or information +leaks. + +CVE-2018-15471 (XSA-270) + + Felix Wilhelm of Google Project Zero discovered a flaw in the hash + handling of the xen-netback Linux kernel module. A malicious or + buggy frontend may cause the (usually privileged) backend to make + out of bounds memory accesses, potentially resulting in privilege + escalation, denial of service, or information leaks. + + https://xenbits.xen.org/xsa/advisory-270.html + +CVE-2018-18021 + + It was discovered that the KVM subsystem on the arm64 platform does + not properly handle the KVM_SET_ON_REG ioctl. An attacker who can + create KVM based virtual machines can take advantage of this flaw + for denial of service (hypervisor panic) or privilege escalation + (arbitrarily redirect the hypervisor flow of control with full + register control). + +For the stable distribution (stretch), these problems have been fixed in +version 4.9.110-3+deb9u6. |