[Secure-testing-commits] r55944 - data/CVE

Salvatore Bonaccorso Wed, 20 Sep 2017 14:03:07 -0700

Author: carnil
Date: 2017-09-20 21:02:39 +0000 (Wed, 20 Sep 2017)
New Revision: 55944


Modified:
   data/CVE/list
Log:
Remove note for CVE-2017-1000112

Ben looked at it, and it turns out that this is not the case for 4.5
onwards, but rather exploitable by any local user.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-20 20:33:26 UTC (rev 55943)
+++ data/CVE/list       2017-09-20 21:02:39 UTC (rev 55944)
@@ -5193,7 +5193,6 @@
        - linux 4.12.6-1 (low)
        NOTE: Introduced by: 
https://git.kernel.org/linus/e89e9cf539a28df7d0eb1d0a545368e9920b34ac 
(2.6.15-rc1)
        NOTE: Fixed by: 
https://git.kernel.org/linus/85f1bd9a7b5a79d5baa8bf44af19658f7bf77bfa
-       NOTE: Harmless in Debian since unprivileged user namespaces are disabled
 CVE-2017-1000111 [heap out-of-bounds in AF_PACKET sockets]
        {DLA-1099-1}
        - linux 4.12.6-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r55944 - data/CVE

Reply via email to