[Git][security-tracker-team/security-tracker][master] Correct entry for CVE-2018-12904

Fri Jul 27 08:42:49 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43ab6371 by Salvatore Bonaccorso at 2018-07-27T09:41:32+02:00
Correct entry for CVE-2018-12904

The issue was introduced in 4.12-rc1 upstream and the fix included in
4.16.16-1 for sid (upstream in 4.18-rc1).

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3975,7 +3975,9 @@ CVE-2017-18342 (In PyYAML before 4.1, the yaml.load() API could execute arbitrar
 	NOTE: awareness (and 4.1 now fixes the default behaviour as well)
 	NOTE: https://github.com/yaml/pyyaml/pull/74
 CVE-2018-12904 (In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested ...)
-	- linux <not-affected> (Vulnerability introduced later)
+	- linux 4.16.16-1
+	[stretch] - linux <not-affected> (Vulnerability introduced later)
+	[jessie] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1589
 	NOTE: https://git.kernel.org/linus/727ba748e110b4de50d142edca9d6a9b7e6111d8
 CVE-2018-12903 (In CyberArk Endpoint Privilege Manager (formerly Viewfinity) ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43ab63715cad00d239458bccad3599fa33760979

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43ab63715cad00d239458bccad3599fa33760979
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180727/bf51c480/attachment.html>
