[Secure-testing-commits] r58306 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 6 20:03:30 UTC 2017
Author: carnil
Date: 2017-12-06 20:03:30 +0000 (Wed, 06 Dec 2017)
New Revision: 58306
Modified:
data/CVE/list
Log:
Reevaluate CVE-2017-0861/linux
Seems to not have been Android specific, even though at first glance the
Nexus Security Bulletin of 2017-11 did mention it as A-36006981*
indicating this is not an upstream kernel issue.
Apparently upstrem has adressed it, so update the CVE to match
src:linux.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-06 19:33:03 UTC (rev 58305)
+++ data/CVE/list 2017-12-06 20:03:30 UTC (rev 58306)
@@ -50796,7 +50796,8 @@
CVE-2017-0862 (An elevation of privilege vulnerability in the Upstream kernel kernel. ...)
NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
CVE-2017-0861 (An elevation of privilege vulnerability in the Upstream kernel audio ...)
- NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/362bca57f5d78220f8b5907b875961af9436e229
CVE-2017-0860 (An elevation of privilege vulnerability in the Android system ...)
NOT-FOR-US: Android
CVE-2017-0859 (Another vulnerability in the Android media framework (n/a). Product: ...)
More information about the Secure-testing-commits
mailing list