Re: CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem

To: debian-security@lists.debian.org
Subject: Re: CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem
From: Felix Knecht <debian@felixknecht.de>
Date: Tue, 4 Oct 2016 19:40:23 +0200
Message-id: <[🔎] fdec9413-db10-3657-2fb0-456f59641487@felixknecht.de>
In-reply-to: <[🔎] e8d1f1cc-523f-660d-449a-e8a43f66091f@jluehr.de>
References: <[🔎] e8d1f1cc-523f-660d-449a-e8a43f66091f@jluehr.de>

On 10/04/2016 06:38 PM, Jan Lühr wrote:
> CVE-2016-7117 was patched in Android today.I don't see much information
> right now. The title is rather frightening - the issue appears to be urgent.

The following upstream kernel commit is referenced in the security bulletin:

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d

No idea if this is fixed in Debian though.

Felix

Reply to:

Follow-Ups:
- Re: CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem
  - From: Nicholas Luedtke <nicholas.luedtke@hpe.com>

References:
- CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem
  - From: Jan Lühr <jan@jluehr.de>

Prev by Date: CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem
Next by Date: Re: CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem
Previous by thread: CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem
Next by thread: Re: CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem
Index(es):
- Date
- Thread