[Git][security-tracker-team/security-tracker][master] Add CVE-2018-18397/linux

Wed Nov 28 07:09:32 GMT 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1f62689a by Salvatore Bonaccorso at 2018-11-28T07:08:47Z
Add CVE-2018-18397/linux

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5860,8 +5860,10 @@ CVE-2018-18398 (Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-
 	- thunar <unfixed> (unimportant)
 	NOTE: https://0xd0ff9.wordpress.com/2018/10/18/cve-2018-18398/
 	NOTE: no security impact, crash in end user tool
-CVE-2018-18397
+CVE-2018-18397 [userfaultfd bypasses tmpfs file permissions]
 	RESERVED
+	- linux <unfixed>
+	NOTE: https://lore.kernel.org/lkml/20181126173452.26955-1-aarcange@redhat.com/T/#u
 CVE-2018-18396 (Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device ...)
 	NOT-FOR-US: Moxa
 CVE-2018-18395 (Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f62689a2855c58e6e9c129c7c8c9b27295b11c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f62689a2855c58e6e9c129c7c8c9b27295b11c3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181128/dcee1356/attachment.html>
