[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-18222 as unfixed and follow kernel-sec

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18c2831e by Salvatore Bonaccorso at 2018-03-14T20:55:38+01:00
Mark CVE-2017-18222 as unfixed and follow kernel-sec

It might be possible to get a 'incomplete fix' CVE, but the original
commit is just far from complete from the real solution. Ben Hutchings
proposed a proper patch in

https://patchwork.ozlabs.org/patch/885547/

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -825,10 +825,9 @@ CVE-2018-7757 (Memory leak in the sas_smp_get_phy_events function in ...)
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/4a491b1ab11ca0556d2fda1ff1301e862a2d44c4 (4.16-rc1)
 CVE-2017-18222 (In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does ...)
-	- linux 4.12.6-1
+	- linux <unfixed>
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-	NOTE: Fixed by: https://git.kernel.org/linus/412b65d15a7f8a93794653968308fc100f2aa87c
 CVE-2018-7756
 	RESERVED
 CVE-2018-7755 (An issue was discovered in the fd_locked_ioctl function in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18c2831e9b4d53b04fc33db9c4e81173d30236bc

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18c2831e9b4d53b04fc33db9c4e81173d30236bc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180314/3ca9b180/attachment.html>