[Secure-testing-commits] r58399 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Dec 9 19:35:22 UTC 2017
Author: carnil
Date: 2017-12-09 19:35:22 +0000 (Sat, 09 Dec 2017)
New Revision: 58399
Modified:
data/CVE/list
Log:
Sync CVE-2017-0861 with kernel-sec
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-09 19:28:38 UTC (rev 58398)
+++ data/CVE/list 2017-12-09 19:35:22 UTC (rev 58399)
@@ -51432,8 +51432,12 @@
CVE-2017-0862 (An elevation of privilege vulnerability in the Upstream kernel kernel. ...)
NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
CVE-2017-0861 (Use-after-free vulnerability in the snd_pcm_info function in the ALSA ...)
- - linux <unfixed>
+ - linux 4.13.4-1
+ [stretch] - linux <ignored> (Minor issue, cf. kernel-sec information)
+ [jessie] - linux <ignored> (Minor issue, cf. kernel-sec information)
+ [wheezy] - linux <ignored> (Minor issue, cf. kernel-sec information)
NOTE: https://git.kernel.org/linus/362bca57f5d78220f8b5907b875961af9436e229
+ NOTE: UAF actually already removed in https://git.kernel.org/linus/e11f0f90a626f93899687b1cc909ee37dd6c5809
CVE-2017-0860 (An elevation of privilege vulnerability in the Android system ...)
NOT-FOR-US: Android
CVE-2017-0859 (Another vulnerability in the Android media framework (n/a). Product: ...)
More information about the Secure-testing-commits
mailing list