[kernel-sec-discuss] r5116 - active
Ben Hutchings
benh at moszumanska.debian.org
Wed Mar 29 21:22:15 UTC 2017
Author: benh
Date: 2017-03-29 21:22:14 +0000 (Wed, 29 Mar 2017)
New Revision: 5116
Added:
active/CVE-2017-7308
Log:
Add CVE-2017-7308
Added: active/CVE-2017-7308
===================================================================
--- active/CVE-2017-7308 (rev 0)
+++ active/CVE-2017-7308 2017-03-29 21:22:14 UTC (rev 5116)
@@ -0,0 +1,16 @@
+Description: AF_PACKET missing/incorrect range checks allow heap buffer overflow
+References:
+ https://patchwork.ozlabs.org/patch/744811/
+ https://patchwork.ozlabs.org/patch/744812/
+ https://patchwork.ozlabs.org/patch/744813/
+Notes:
+ bwh> 3.2 is also missing an earlier related fix, commit dc808110bb62
+ bwh> "packet: handle too big packets for PACKET_V3"
+Bugs:
+upstream: needed
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
More information about the kernel-sec-discuss
mailing list