[kernel-sec-discuss] r5574 - dsa-texts
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Sep 20 17:57:06 UTC 2017
Author: jmm
Date: 2017-09-20 17:57:06 +0000 (Wed, 20 Sep 2017)
New Revision: 5574
Modified:
dsa-texts/4.9.30-2+deb9u5
Log:
add one more issue
Modified: dsa-texts/4.9.30-2+deb9u5
===================================================================
--- dsa-texts/4.9.30-2+deb9u5 2017-09-20 17:54:01 UTC (rev 5573)
+++ dsa-texts/4.9.30-2+deb9u5 2017-09-20 17:57:06 UTC (rev 5574)
@@ -75,6 +75,10 @@
CVE-2017-14140
+ Otto Ebeling discovered that the move_pages() syscall performed
+ insufficient validation of the effective UID of the target process
+ which result in a partial ASLR bypass.
+
CVE-2017-14156
"sohu0106" reported an information leak in the atyfb video driver.
More information about the kernel-sec-discuss
mailing list