[kernel-sec-discuss] [Git][kernel-team/kernel-sec][master] 2 commits: Add CVE-2017-13166

Ben Hutchings gitlab at salsa.debian.org
Thu Feb 15 14:43:31 UTC 2018 

Ben Hutchings pushed to branch master at Debian kernel team / kernel-sec


Commits:
571ee607 by Ben Hutchings at 2018-02-15T14:41:49+00:00
Add CVE-2017-13166

- - - - -
a9a7374a by Ben Hutchings at 2018-02-15T14:43:09+00:00
Merge remote-tracking branch 'origin/master'

- - - - -


1 changed file:

- active/CVE-2017-13166


Changes:

=====================================
active/CVE-2017-13166
=====================================
--- a/active/CVE-2017-13166
+++ b/active/CVE-2017-13166
@@ -1,12 +1,17 @@
-Description: media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic
+Description: An elevation of privilege vulnerability in the kernel v4l2 video driver
 References:
+ https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13166.html
 Notes:
+ bwh> Introduced in 2.6.32 by commit fdf82dc2e2d4 "V4L/DVB (12549): v4l2: video
+ bwh> device: Add FM TX controls default configurations" and extended in 3.17
+ bwh> by commit 7e6a68210784 "[media] videodev2.h: add initial support for
+ bwh> compound controls".  Hans Verkuil is working on stable backports.
 Bugs:
-upstream: released (4.16-rc1) [a1dfb4c48cc1e64eeb7800a27c66a6f7e88d075a]
-4.9-upstream-stable:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-4.9-stretch-security:
-3.16-jessie-security:
-3.2-wheezy-security:
+upstream: released (4.16-rc1) [b2469c814fbc8f1f19676dd4912717b798df511e, 181a4a2d5a0a7b43cab08a70710d727e7764ccdd, 3ee6d040719ae09110e5cdf24d5386abe5d1b776, b7b957d429f601d6d1942122b339474f31191d75, 486c521510c44a04cd756a9267e7d1e271c8a4ba, 333b1e9f96ce05f7498b581509bb30cde03018bf, 8ed5a59dcb47a6f76034ee760b36e089f3e82529, b8c601e8af2d08f733d74defa8465303391bb930, a751be5b142ef6bcbbb96d9899516f4d9c8d0ef4, 169f24ca68bf0f247d111aef07af00dd3a02ae88, d83a8243aaefe62ace433e4384a4f077bed86acb, a1dfb4c48cc1e64eeb7800a27c66a6f7e88d075a, 273caa260035c03d89ad63d72d8cd3d9e5c5e3f1]
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+sid: needed
+4.9-stretch-security: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed



View it on GitLab: https://salsa.debian.org/kernel-team/kernel-sec/compare/1b56932327cbc12e619473799c921ea99717227c...a9a7374aadd1ab71258396e7fd3f7a2aac2dbaa0

---
View it on GitLab: https://salsa.debian.org/kernel-team/kernel-sec/compare/1b56932327cbc12e619473799c921ea99717227c...a9a7374aadd1ab71258396e7fd3f7a2aac2dbaa0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/kernel-sec-discuss/attachments/20180215/2a2542c9/attachment.html>

More information about the kernel-sec-discuss mailing list