[kernel-sec-discuss] r5583 - dsa-texts
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Sep 20 19:34:05 UTC 2017
Author: carnil
Date: 2017-09-20 19:34:05 +0000 (Wed, 20 Sep 2017)
New Revision: 5583
Modified:
dsa-texts/4.9.30-2+deb9u5
Log:
Describe CVE-2017-100037{0,1}
Modified: dsa-texts/4.9.30-2+deb9u5
===================================================================
--- dsa-texts/4.9.30-2+deb9u5 2017-09-20 19:24:44 UTC (rev 5582)
+++ dsa-texts/4.9.30-2+deb9u5 2017-09-20 19:34:05 UTC (rev 5583)
@@ -148,8 +148,15 @@
CVE-2017-1000370
+ The Qualys Research Labs reported that a large argument or
+ environment list can result in ASLR bypass for 32-bit PIE binaries.
+
CVE-2017-1000371
+ The Qualys Research Labs reported that a large argument
+ orenvironment list can result in a stack/heap clash for 32-bit
+ PIE binaries.
+
CVE-2017-1000380
Alexander Potapenko of Google reported a race condition in the ALSA
More information about the kernel-sec-discuss
mailing list