[kernel-sec-discuss] r5804 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Dec 21 16:37:40 UTC 2017


Author: carnil
Date: 2017-12-21 16:37:40 +0000 (Thu, 21 Dec 2017)
New Revision: 5804

Added:
   active/CVE-2017-16996
Log:
Add CVE-2017-16996

Added: active/CVE-2017-16996
===================================================================
--- active/CVE-2017-16996	                        (rev 0)
+++ active/CVE-2017-16996	2017-12-21 16:37:40 UTC (rev 5804)
@@ -0,0 +1,14 @@
+Description: bpf: fix incorrect tracking of register size truncation
+References:
+ https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=0c17d1d2c61936401f4702e1846e2c19b200f958
+Notes:
+ carnil> Introduced in 4.14-rc1 with b03c9f9fdc37dab81ea04d5dacdc5995d4c224c2
+Bugs:
+upstream: needed
+4.9-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+sid: needed
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"




More information about the kernel-sec-discuss mailing list