[kernel-sec-discuss] r4610 - active
Ben Hutchings
benh at moszumanska.debian.org
Wed Aug 31 13:09:00 UTC 2016
Author: benh
Date: 2016-08-31 13:09:00 +0000 (Wed, 31 Aug 2016)
New Revision: 4610
Modified:
active/CVE-2016-7118
Log:
Add details for CVE-2016-7118
Modified: active/CVE-2016-7118
===================================================================
--- active/CVE-2016-7118 2016-08-31 12:35:59 UTC (rev 4609)
+++ active/CVE-2016-7118 2016-08-31 13:09:00 UTC (rev 4610)
@@ -1,11 +1,14 @@
-Description:
+Description: Null pointer dereference when fcntl() called on aufs directory
References:
http://www.openwall.com/lists/oss-security/2016/08/31/1
Notes:
+ bwh> Debian-specific bug, introduced while making the check for the new
+ bwh> setfl operation ABI-backward-compatible. Affects 3.2.81-1
+ bwh> (wheezy-security) and 3.16.36-1 (jessie-proposed-updates) only.
Bugs:
-upstream:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+upstream: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: needed
More information about the kernel-sec-discuss
mailing list