[kernel-sec-discuss] r4992 - dsa-texts

Ben Hutchings benh at moszumanska.debian.org
Wed Feb 22 13:32:21 UTC 2017 

Author: benh
Date: 2017-02-22 13:32:21 +0000 (Wed, 22 Feb 2017)
New Revision: 4992

Modified:
   dsa-texts/3.16.39-1+deb8u1
Log:
Improve some descriptions in DSA text for 3.16.39-1+deb8u1


Modified: dsa-texts/3.16.39-1+deb8u1
===================================================================
--- dsa-texts/3.16.39-1+deb8u1	2017-02-22 12:18:58 UTC (rev 4991)
+++ dsa-texts/3.16.39-1+deb8u1	2017-02-22 13:32:21 UTC (rev 4992)
@@ -10,9 +10,9 @@
 
 CVE-2016-6786 / CVE-2016-6787
 
-    It was discovered that the performance subsystem does not properly
-    manage locks during certain migrations, allowing a local attacker to
-    escalate privileges.
+    It was discovered that the performance events subsystem does not
+    properly manage locks during certain migrations, allowing a local
+    attacker to escalate privileges.
 
 CVE-2016-8405
 
@@ -24,22 +24,24 @@
 CVE-2016-9191
 
     CAI Qian discovered that reference counting is not properly handled
-    within proc_sys_readdir in the sysctl implementation, resulting in a
-    denial of service (system hang).
+    within proc_sys_readdir in the sysctl implementation, allowing a
+    local denial of service (system hang) or possibly privilege
+    escalation.
 
 CVE-2017-2583
 CVE-2017-2584
 CVE-2017-2596
 CVE-2017-2618
 
-    It was discovered that an off-by-one in the handling of selinux
+    It was discovered that an off-by-one in the handling of SELinux
     attributes in /proc/pid/attr could result in local denial of
     service.
 
 CVE-2017-5549
 
-    It was discovered that the KLSI KL5KUSB105 serial USB device driver
-    could leak kernel memory, resulting in an information leak.
+    It was discovered that the KLSI KL5KUSB105 serial USB device
+    driver could log the contents of uninitialised kernel memory,
+    resulting in an information leak.
 
 CVE-2017-5551
 
@@ -51,20 +53,22 @@
 
 CVE-2017-5897
 
-    Andrey Konovalov discovered an out-of-bounds access flaw in the
+    Andrey Konovalov discovered an out-of-bounds read flaw in the
     ip6gre_err function in the IPv6 networking code.
 
 CVE-2017-5970
 
     Andrey Konovalov discovered a denial-of-service flaw in the IPv4
-    networking code, triggerable by sending bad IP options on a socket.
+    networking code.  This can be triggered by a local or remote
+    attacker if a local UDP or raw socket has the IP_RETOPTS option
+    enabled.
 
 CVE-2017-6001
 
-    Di Shen discovered a race condition between concurrent
-    sys_perf_event_open() calls in the performance subsystem, allowing a
-    local attacker to escalate privileges. This flaw exists because of
-    an incomplete fix of CVE-2016-6786.
+    Di Shen discovered a race condition between concurrent calls to
+    the performance events subsystem, allowing a local attacker to
+    escalate privileges. This flaw exists because of an incomplete fix
+    of CVE-2016-6786.
 
 CVE-2017-6074

More information about the kernel-sec-discuss mailing list