[kernel-sec-discuss] r5568 - dsa-texts
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Sep 20 13:54:10 UTC 2017
Author: carnil
Date: 2017-09-20 13:54:10 +0000 (Wed, 20 Sep 2017)
New Revision: 5568
Added:
dsa-texts/4.9.30-2+deb9u5
Log:
Start drafting linux DSA
Overview will be removed, just needed to track jessie/stretch only
issues.
Added: dsa-texts/4.9.30-2+deb9u5
===================================================================
--- dsa-texts/4.9.30-2+deb9u5 (rev 0)
+++ dsa-texts/4.9.30-2+deb9u5 2017-09-20 13:54:10 UTC (rev 5568)
@@ -0,0 +1,73 @@
+Package : linux
+CVE ID : CVE-2017-7518 CVE-2017-7558 CVE-2017-10661 CVE-2017-11600 CVE-2017-12134 CVE-2017-12146 CVE-2017-12153 CVE-2017-12154 CVE-2017-14051 CVE-2017-14106 CVE-2017-14140 CVE-2017-14156 CVE-2017-14340 CVE-2017-14489 CVE-2017-14497 CVE-2017-1000111 CVE-2017-1000112 CVE-2017-1000251 CVE-2017-1000252 CVE-2017-1000370 CVE-2017-1000371 CVE-2017-1000380
+
+Several vulnerabilities have been discovered in the Linux kernel that
+may lead to a privilege escalation, denial of service or information
+leaks.
+
+CVE-2017-7518
+
+ Andy Lutomirski discovered that KVM is prone to an incorrect debug
+ exception(#DB) error occuring while emulating a syscall instruction.
+ A process inside a quest can take advantage of this flaw for
+ privilege escalation inside a guest.
+
+CVE-2017-7558 (stretch only)
+
+ Stefano Brivio of Red Hat discovered that sctp subsystem is prone to
+ a data leak vulnerability due to an out-of-bounds read flaw,
+ allowing to leak up to 100 uninitialized bytes to userspace.
+
+CVE-2017-10661 (jessie only)
+
+
+CVE-2017-11600
+CVE-2017-12134
+CVE-2017-12146 (stretch only)
+CVE-2017-12153
+CVE-2017-12154
+CVE-2017-14051
+CVE-2017-14106
+CVE-2017-14140
+CVE-2017-14156
+CVE-2017-14340
+CVE-2017-14489
+CVE-2017-14497 (stretch only)
+CVE-2017-1000111
+CVE-2017-1000112
+CVE-2017-1000251
+CVE-2017-1000252 (stretch only)
+CVE-2017-1000370
+CVE-2017-1000371
+CVE-2017-1000380
+
+jessie: 3.16.43-2+deb8u5
+stretch: 4.9.30-2+deb9u5
+
+Overview:
+
+ 3.16-jessie-security 4.9-stretch-security
+ CVE-2017-7518: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-7558: N/A "Vulnerable code pending (4.9.30-2+de
+ CVE-2017-10661: pending (3.16.43-2+d N/A "Fixed before in
+ CVE-2017-11600: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-12134: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-12146: N/A "Vulnerable code pending (4.9.30-2+de
+ CVE-2017-12153: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-12154: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-14051: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-14106: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-14140: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-14156: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-14340: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-14489: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-14497: N/A "Vulnerable code pending (4.9.30-2+de
+ CVE-2017-1000111: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-1000112: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-1000251: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-1000252: N/A 'Vulnerable code pending (4.9.30-2+de
+ CVE-2017-1000370: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-1000371: pending (3.16.43-2+d pending (4.9.30-2+de
+ CVE-2017-1000380: pending (3.16.43-2+d pending (4.9.30-2+de
+
+# vim:tw=72
More information about the kernel-sec-discuss
mailing list