[kernel-sec-discuss] r4042 - active
Ben Hutchings
benh at moszumanska.debian.org
Mon Dec 14 21:24:33 UTC 2015
Author: benh
Date: 2015-12-14 21:24:33 +0000 (Mon, 14 Dec 2015)
New Revision: 4042
Modified:
active/CVE-2015-8543
Log:
Add patch references for CVE-2015-8543
Modified: active/CVE-2015-8543
===================================================================
--- active/CVE-2015-8543 2015-12-14 20:10:19 UTC (rev 4041)
+++ active/CVE-2015-8543 2015-12-14 21:24:33 UTC (rev 4042)
@@ -1,6 +1,7 @@
-Description: Connecting unbound raw socket causes oops
+Description: Connecting raw socket with invalid protocol number causes oops
References:
http://www.openwall.com/lists/oss-security/2015/12/09/3
+ http://article.gmane.org/gmane.linux.network/391482
Notes:
bwh> Only exploitable with CAP_NET_RAW. Since Linux 3.8 the capability
bwh> checks use ns_capable() and containers can also exploit this.
@@ -10,7 +11,7 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
2.6.32-upstream-stable: needed
-sid: needed
-3.16-jessie-security: needed
+sid: pending (4.3.1-2) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u1) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
3.2-wheezy-security: needed
2.6.32-squeeze-security: needed
More information about the kernel-sec-discuss
mailing list