Author: carnil
Date: 2017-12-21 16:41:15 +0000 (Thu, 21 Dec 2017)
New Revision: 58805
Modified:
data/CVE/list
Log:
Add CVE-2017-16995
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-21 16:37:27 UTC (rev 58804)
+++ data/CVE/list 2017-12-21 16:41:15 UTC (rev 58805)
@@ -8357,6 +8357,12 @@
NOTE:
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=0c17d1d2c61936401f4702e1846e2c19b200f958
CVE-2017-16995
RESERVED
+ - linux <unfixed>
+ [jessie] - linux <not-affected> (Vulnerable code introduced later)
+ [wheezy] - linux <not-affected> (Vulnerable code introduced later)
+ NOTE:
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f
+ NOTE: Starting with v4.14, this is exploitable by unprivileged users as
long as
+ NOTE: the unprivileged_bpf_disabled sysctl isn't set.
CVE-2016-10702 (Pebble Smartwatch devices through 4.3 mishandle UUID storage,
which ...)
NOT-FOR-US: Pebble
CVE-2016-10701 (In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF
issue exists ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
