[Git][security-tracker-team/security-tracker][master] Update CVE-2017-13305/linux

Salvatore Bonaccorso carnil at debian.org
Mon Oct 15 15:45:46 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c76bdf4 by Salvatore Bonaccorso at 2018-10-15T14:42:14Z
Update CVE-2017-13305/linux

It turned out that it is not Android specific, but rather an issue in
the keys subsystem and fixed upstream in 4.12-rc5 with upstream commit
794b4bc292f5d31739d89c0202c54e7dc9bc3add .

The fix was as well backported to 4.9-upstream-stable for 4.9.81 and
thus included in 4.9.82-1+deb9u1.

Thanks: nsl (Nicholas)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61370,7 +61370,9 @@ CVE-2017-13307 (A elevation of privilege vulnerability in the Upstream kernel pc
 CVE-2017-13306 (A elevation of privilege vulnerability in the Upstream kernel mnh ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
 CVE-2017-13305 (A information disclosure vulnerability in the Upstream kernel ...)
-	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
+	- linux 4.12.6-1
+	[stretch] - linux 4.9.82-1+deb9u1
+	NOTE: Fixed by: https://git.kernel.org/linus/794b4bc292f5d31739d89c0202c54e7dc9bc3add
 CVE-2017-13304 (A information disclosure vulnerability in the Upstream kernel mnh_sm ...)
 	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
 CVE-2017-13303 (A information disclosure vulnerability in the Broadcom bcmdhd driver. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c76bdf44cc731096e964c4c09deb26158e193aa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c76bdf44cc731096e964c4c09deb26158e193aa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181015/e0231b76/attachment.html>

More information about the debian-security-tracker-commits mailing list