[kernel-sec-discuss] r5805 - active
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 21 16:40:10 UTC 2017
Author: carnil
Date: 2017-12-21 16:40:09 +0000 (Thu, 21 Dec 2017)
New Revision: 5805
Added:
active/CVE-2017-16995
Log:
Add CVE-2017-16995
Added: active/CVE-2017-16995
===================================================================
--- active/CVE-2017-16995 (rev 0)
+++ active/CVE-2017-16995 2017-12-21 16:40:09 UTC (rev 5805)
@@ -0,0 +1,16 @@
+Description: bpf: fix incorrect sign extension in check_alu_op()
+References:
+ https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f
+Notes:
+ carnil> Intorduced in 4.9-rc1 with 484611357c19f9e19ef742ebef4505a07d243cc9
+ carnil> Starting with v4.14, this is exploitable by unprivileged users as
+ carnil> long as the unprivileged_bpf_disabled sysctl isn't set.
+Bugs:
+upstream: needed
+4.9-upstream-stable: needed
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1"
+sid: needed
+4.9-stretch-security: needed
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"
More information about the kernel-sec-discuss
mailing list