[kernel-sec-discuss] r5581 - dsa-texts
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Sep 20 19:18:13 UTC 2017
Author: carnil
Date: 2017-09-20 19:18:13 +0000 (Wed, 20 Sep 2017)
New Revision: 5581
Modified:
dsa-texts/4.9.30-2+deb9u5
Log:
Add description for CVE-2017-1000112
Modified: dsa-texts/4.9.30-2+deb9u5
===================================================================
--- dsa-texts/4.9.30-2+deb9u5 2017-09-20 19:02:36 UTC (rev 5580)
+++ dsa-texts/4.9.30-2+deb9u5 2017-09-20 19:18:13 UTC (rev 5581)
@@ -122,6 +122,14 @@
CVE-2017-1000112
+ Andrey Konovalov of Google reported a race condition flaw in the UDP
+ Fragmentation Offload (UFO) code. A local user with the
+ CAP_NET_ADMIN capability can use this flaw for denial of service or
+ possibly to execute arbitrary code. Debian disables unprivileged
+ user namespaces by default, if locally enabled with the
+ kernel.unprivileged_userns_clone sysctl, this allows privilege
+ escalation.
+
CVE-2017-1000251 / #875881
Armis Labs discovered that the Bluetooth subsystem does not
More information about the kernel-sec-discuss
mailing list