[Secure-testing-commits] r58379 - in data: . CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Dec 9 09:04:21 UTC 2017
Author: carnil
Date: 2017-12-09 09:04:21 +0000 (Sat, 09 Dec 2017)
New Revision: 58379
Modified:
data/CVE/list
data/next-point-update.txt
Log:
Merge already 4.9.65-1 fixes (sync with kernel-sec)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-09 08:35:30 UTC (rev 58378)
+++ data/CVE/list 2017-12-09 09:04:21 UTC (rev 58379)
@@ -3651,6 +3651,7 @@
RESERVED
CVE-2017-16994 (The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel ...)
- linux 4.14.2-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/373c4557d2aa362702c4c2d41288fb1e54990b7c (4.15-rc1)
CVE-2017-16993
RESERVED
@@ -3780,6 +3781,7 @@
RESERVED
CVE-2017-16939 (The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/1137b5e2529a8f5ca8ee709288ecba3e68044df2
CVE-2017-16938 (A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to ...)
{DSA-4058-1 DLA-1196-1}
@@ -3945,6 +3947,7 @@
NOT-FOR-US: OpenDayLight
CVE-2017-1000405 (The Linux Kernel versions 2.6.38 through 4.14 have a problematic use ...)
- linux 4.14.2-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/a8f97366452ed491d13cf1e44241bc0b5740b1f0
NOTE: http://www.openwall.com/lists/oss-security/2017/11/30/1
NOTE: https://github.com/bindecy/HugeDirtyCowPOC
@@ -4992,21 +4995,26 @@
NOTE: https://github.com/roundcube/roundcubemail/issues/6026
CVE-2017-16650 (The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
CVE-2017-16649 (The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
CVE-2017-16648 (The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c ...)
- linux <not-affected> (Vulnerable code not present)
CVE-2017-16647 (drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
CVE-2017-16646 (drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
CVE-2017-16645 (The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c ...)
- linux 4.14.2-1
+ [stretch] - linux 4.9.65-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
CVE-2017-16644 (The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the ...)
- linux <unfixed>
@@ -5014,6 +5022,7 @@
[wheezy] - linux <not-affected> (Vulnerable code not present)
CVE-2017-16643 (The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
CVE-2017-16642 (In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an ...)
- php7.1 7.1.11-1
- php7.0 7.0.25-1
@@ -5298,45 +5307,58 @@
[wheezy] - linux <not-affected> (Vulnerable code not present)
CVE-2017-16537 (The imon_probe function in drivers/media/rc/imon.c in the Linux kernel ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
CVE-2017-16536 (The cx231xx_usb_probe function in ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
CVE-2017-16535 (The usb_get_bos_descriptor function in drivers/usb/core/config.c in the ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/1c0edc3633b56000e18d82fc241e3995ca18a69e
CVE-2017-16534 (The cdc_parse_cdc_header function in drivers/usb/core/message.c in the ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linus/2e1c42391ff2556387b3cb6308b24f6f65619feb
CVE-2017-16533 (The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/f043bfc98c193c284e2cd768fefabe18ac2fed9b
CVE-2017-16532 (The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/7c80f9e4a588f1925b07134bb2e3689335f6c6d8
CVE-2017-16531 (drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb
CVE-2017-16530 (The uas driver in the Linux kernel before 4.13.6 allows local users to ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linus/786de92b3cb26012d3d0f00ee37adf14527f35c4
CVE-2017-16529 (The snd_usb_create_streams function in sound/usb/card.c in the Linux ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991
CVE-2017-16528 (sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local ...)
- linux 4.13.4-1
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linus/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57
CVE-2017-16527 (sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/124751d5e63c823092060074bd0abaae61aaa9c4
CVE-2017-16526 (drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/bbf26183b7a6236ba602f4d6a2f7cade35bba043
CVE-2017-16525 (The usb_serial_console_disconnect function in ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
CVE-2017-16524 (Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an ...)
NOT-FOR-US: Samsung SRN-1670D devices
CVE-2017-16523 (MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ...)
@@ -7050,6 +7072,7 @@
RESERVED
CVE-2017-15951 (The KEYS subsystem in the Linux kernel before 4.13.10 does not ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/363b02dab09b3226f3bd1420dad9c72b79a42a76 (v4.14-rc6)
@@ -7770,6 +7793,7 @@
NOT-FOR-US: PRTG Network Monitor
CVE-2017-15649 (net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/008ba2a13f2d04c947adc536d19debb8fe66f110
NOTE: Fixed by: https://git.kernel.org/linus/4971613c1639d8e5f102c4e797c3bf8f83a5a69e
CVE-2017-15648 (In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the ...)
@@ -8118,6 +8142,7 @@
NOTE: upstream fixed in 3.2.3
CVE-2017-15537 (The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/814fb7bb7db5433757d76f4c4502c96fc53b0b5e (v4.14-rc3)
@@ -8677,6 +8702,7 @@
RESERVED
CVE-2017-15306 (The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/ac64115a66c18c01745bbd3c47a36b124e5fd8c0 (4.14-rc7)
@@ -8694,6 +8720,7 @@
NOT-FOR-US: EWBF Cuda Zcash Miner
CVE-2017-15299 (The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: Fixed by: https://git.kernel.org/linus/60ff5b2f547af3828aebafd54daded44cfb0807a (4.14-rc6)
CVE-2017-15298 (Git through 2.14.2 mishandles layers of tree objects, which allows ...)
- git <unfixed> (unimportant)
@@ -8858,6 +8885,7 @@
NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=b577d5452c5c4ee9d552da62a24b95f461551fe2
CVE-2017-15265 (Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 ...)
- linux 4.13.4-2
+ [stretch] - linux 4.9.65-1
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1062520
NOTE: http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html
CVE-2017-15264 (IrfanView version 4.44 (32bit) allows attackers to cause a denial of ...)
@@ -9257,6 +9285,7 @@
- linux 4.2.1-1
CVE-2017-15115 (The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
NOTE: https://git.kernel.org/linus/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 (v4.14-rc6)
CVE-2017-15114 (When libvirtd is configured by OSP director (tripleo-heat-templates) ...)
- tripleo-heat-templates <not-affected> (Vulnerability introduced later)
@@ -9472,6 +9501,7 @@
NOTE: Fixed by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=441d3eb6d1be940a67ce45a286602a967601b157 (master)
CVE-2017-1000255 (On Linux running on PowerPC hardware (Power8 or later) a user process ...)
- linux 4.13.4-2
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/265e60a170d0a0ecfc2d20490134ed2c48dd45ab
@@ -14923,6 +14953,7 @@
{DSA-3999-1 DLA-1150-1}
- wpa 2:2.4-1.1
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
NOTE: https://w1.fi/security/2017-1/
NOTE: https://git.kernel.org/linus/fdf7cb4185b60c68e1a75e61691c4afdc15dea0e (v4.14-rc6)
CVE-2017-13079 (Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w ...)
@@ -17956,11 +17987,13 @@
RESERVED
CVE-2017-12193 (The assoc_array_insert_into_terminal_node function in lib/assoc_array.c ...)
- linux 4.13.13-1
+ [stretch] - linux 4.9.65-1
[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.13-rc1)
NOTE: Fixed by: https://git.kernel.org/linus/ea6789980fdaa610d7eb63602c746bf6ec70cd2b (4.14-rc7)
NOTE: Introduced by: https://git.kernel.org/linus/3cb989501c2688cacbb7dc4b0d353faf838f53a1 (3.13-rc1)
CVE-2017-12192 (The keyctl_read_key function in security/keys/keyctl.c in the Key ...)
- linux 4.13.4-2
+ [stretch] - linux 4.9.65-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/37863c43b2c6464f252862bf2e9768264e961678 (4.14-rc3)
NOTE: Introduced by: https://git.kernel.org/linus/61ea0c0ba904a55f55317d850c1072ff7835ac92 (3.13-rc1)
@@ -17968,11 +18001,13 @@
RESERVED
CVE-2017-12190 (The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the ...)
- linux 4.13.10-1
+ [stretch] - linux 4.9.65-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1495089
CVE-2017-12189
RESERVED
CVE-2017-12188 (arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested ...)
- linux 4.13.4-2
+ [stretch] - linux 4.9.65-1
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500380
@@ -51504,6 +51539,7 @@
NOT-FOR-US: Broadcom driver for Android
CVE-2017-0786 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
- linux 4.13.4-2
+ [stretch] - linux 4.9.65-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linus/17df6453d4be17910456e99c5a85025aa1b7a246 (v4.14-rc4)
CVE-2017-0785 (A information disclosure vulnerability in the Android system ...)
Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt 2017-12-09 08:35:30 UTC (rev 58378)
+++ data/next-point-update.txt 2017-12-09 09:04:21 UTC (rev 58379)
@@ -42,78 +42,6 @@
[stretch] - pdns-recursor 4.0.4-1+deb9u2
CVE-2017-16899
[stretch] - fig2dev 1:3.2.6a-2+deb9u1
-CVE-2017-0786
- [stretch] - linux 4.9.65-1
-CVE-2017-12188
- [stretch] - linux 4.9.65-1
-CVE-2017-12190
- [stretch] - linux 4.9.65-1
-CVE-2017-12192
- [stretch] - linux 4.9.65-1
-CVE-2017-12193
- [stretch] - linux 4.9.65-1
-CVE-2017-13080
- [stretch] - linux 4.9.65-1
-CVE-2017-15115
- [stretch] - linux 4.9.65-1
-CVE-2017-15265
- [stretch] - linux 4.9.65-1
-CVE-2017-15299
- [stretch] - linux 4.9.65-1
-CVE-2017-15306
- [stretch] - linux 4.9.65-1
-CVE-2017-15537
- [stretch] - linux 4.9.65-1
-CVE-2017-15649
- [stretch] - linux 4.9.65-1
-CVE-2017-15951
- [stretch] - linux 4.9.65-1
-CVE-2017-16525
- [stretch] - linux 4.9.65-1
-CVE-2017-16526
- [stretch] - linux 4.9.65-1
-CVE-2017-16527
- [stretch] - linux 4.9.65-1
-CVE-2017-16528
- [stretch] - linux 4.9.65-1
-CVE-2017-16529
- [stretch] - linux 4.9.65-1
-CVE-2017-16530
- [stretch] - linux 4.9.65-1
-CVE-2017-16531
- [stretch] - linux 4.9.65-1
-CVE-2017-16532
- [stretch] - linux 4.9.65-1
-CVE-2017-16533
- [stretch] - linux 4.9.65-1
-CVE-2017-16534
- [stretch] - linux 4.9.65-1
-CVE-2017-16535
- [stretch] - linux 4.9.65-1
-CVE-2017-16536
- [stretch] - linux 4.9.65-1
-CVE-2017-16537
- [stretch] - linux 4.9.65-1
-CVE-2017-16643
- [stretch] - linux 4.9.65-1
-CVE-2017-16645
- [stretch] - linux 4.9.65-1
-CVE-2017-16646
- [stretch] - linux 4.9.65-1
-CVE-2017-16647
- [stretch] - linux 4.9.65-1
-CVE-2017-16649
- [stretch] - linux 4.9.65-1
-CVE-2017-16650
- [stretch] - linux 4.9.65-1
-CVE-2017-16939
- [stretch] - linux 4.9.65-1
-CVE-2017-16994
- [stretch] - linux 4.9.65-1
-CVE-2017-1000255
- [stretch] - linux 4.9.65-1
-CVE-2017-1000405
- [stretch] - linux 4.9.65-1
CVE-2017-12424
[stretch] - shadow 1:4.4-4.1+deb9u1
CVE-2017-9951
More information about the Secure-testing-commits
mailing list