Bug#875881: linux: CVE-2017-1000251

To: Ben Hutchings <ben@decadent.org.uk>
Cc: Christoph Anton Mitterer <calestyo@scientia.net>, 875881@bugs.debian.org
Subject: Bug#875881: linux: CVE-2017-1000251
From: Julien Aubin <julien.aubin@gmail.com>
Date: Fri, 15 Sep 2017 20:24:13 +0200
Message-id: <[🔎] CAB=k8WLt6RaZBK3HiaOzVg2USVBx0PRnWphpZJiz5G1ySmBg-g@mail.gmail.com>
Reply-to: Julien Aubin <julien.aubin@gmail.com>, 875881@bugs.debian.org
In-reply-to: <[🔎] 1505499487.2825.51.camel@decadent.org.uk>
References: <[🔎] 150548587317.6313.17012204153956018761.reportbug@heisenberg.scientia.net> <[🔎] 1505499487.2825.51.camel@decadent.org.uk> <[🔎] 150548587317.6313.17012204153956018761.reportbug@heisenberg.scientia.net>

Still, it can lead to system crashes from a remote device.

See https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BlueBorne

2017-09-15 20:18 GMT+02:00 Ben Hutchings <ben@decadent.org.uk>:

On Fri, 15 Sep 2017 16:31:13 +0200 Christoph Anton Mitterer
<calestyo@scientia.net> wrote:
> Source: linux
> Version: 4.12.12-2
> Severity: critical
> Tags: security
> Justification: root security hole
>
>
> Hi.
>
> Any chance to get CVE-2017-1000251, which seems to be quite critical fixed
> anytime soon? :-)
>
> https://security-tracker.debian.org/tracker/CVE-2017-1000251

Probably less critical than you think, since we enable
CONFIG_CC_STACKPROTECTOR.

Ben.

--
Ben Hutchings
Kids! Bringing about Armageddon can be dangerous. Do not attempt it in
your own home. - Terry Pratchett and Neil Gaiman, `Good Omens'

Reply to:

References:
- Bug#875881: linux: CVE-2017-1000251
  - From: Christoph Anton Mitterer <calestyo@scientia.net>
- Bug#875881: linux: CVE-2017-1000251
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Processed: notfound 875881 in 4.9.0-3
Next by Date: Bug#875781: initramfs-tools-core: /etc/initramfs-tools/initramfs.conf is not modified on upgrade/install/reconfigure
Previous by thread: Bug#875881: linux: CVE-2017-1000251
Next by thread: Bug#875881: linux: CVE-2017-1000251
Index(es):
- Date
- Thread