[kernel-sec-discuss] r5579 - dsa-texts

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Sep 20 19:00:27 UTC 2017


Author: carnil
Date: 2017-09-20 19:00:27 +0000 (Wed, 20 Sep 2017)
New Revision: 5579

Modified:
   dsa-texts/4.9.30-2+deb9u5
Log:
Add description for CVE-2017-14497

Modified: dsa-texts/4.9.30-2+deb9u5
===================================================================
--- dsa-texts/4.9.30-2+deb9u5	2017-09-20 18:43:21 UTC (rev 5578)
+++ dsa-texts/4.9.30-2+deb9u5	2017-09-20 19:00:27 UTC (rev 5579)
@@ -107,6 +107,11 @@
 
 CVE-2017-14497 (stretch only)
 
+    Benjamin Poirier reported that vnet headers are not properly handled
+    within the tpacket_rcv() function in the raw packet (af_packet)
+    feature. A local user can take advantage of this flaw to cause a
+    denial of service (buffer overflow, and disk and memory corruption).
+
 CVE-2017-1000111
 
     Andrey Konovalov of Google reported that a race condition in the




More information about the kernel-sec-discuss mailing list