[Pkg-fglrx-devel] Bug#803517: fglrx-driver: CVE-2015-7723, CVE-2015-7724: Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions
Andreas Beckmann
anbe at debian.org
Fri Oct 30 22:20:47 UTC 2015
Source: fglrx-driver
Severity: serious
Tags: security
Control: fixed -1 1:15.9-1
CVE-2015-7723, CVE-2015-7724:
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7723/
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7724/
squeeze, wheezy, jessie affected
stretch/sid already has a fixed version
no squeeze security update (non-free)
probably no dsa for wheezy/jessie as well
regular pu would be possible, but requires a new upstream version
Andreas
More information about the Pkg-fglrx-devel
mailing list