Updated security report.

Added new CVE fixes. Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
author: Sona Sarmadi <sona.sarmadi@enea.com> 2018-01-29 08:45:31 +0100
committer: Sona Sarmadi <sona.sarmadi@enea.com> 2018-01-29 08:45:31 +0100
commit: b566b491d4003efd31631a893bc3434fc670189f (patch)
tree: dbada4640ddff9a1b2c92adce5b8f866b5e9ba28
parent: 6958afa02e6903fd270383e281b578633458ee95 (diff)
download: el_releases-standard-b566b491d4003efd31631a893bc3434fc670189f.tar.gz
1 files changed, 24 insertions, 20 deletions
diff --git a/doc/book-enea-linux-security-report b/doc/book-enea-linux-security-report
index d1d4bdb..72a8f34 100644
--- a/doc/book-enea-linux-security-report
+++ b/doc/book-enea-linux-security-report
@@ -1,14 +1,32 @@
+CVE-i2017-1000380
+Package: kernel
+Score: 2.1 (Low)
+Description: sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.
+Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1000380
 CVE-2017-1000253
 Package: kernel
 Score: 8.0 (High)
 Description: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.Upstream patch:https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86
 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2017-1000253
-CVE-1000380
+CVE-2017-1000250
-Package: kernel
+Package: bluez5
-Score: 2.1 (Low)
+Score: 3.3 (Minor)
-Description: sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.
+Description: All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.
-Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1000380
+Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250 
+CVE-2017-13081
+Package: linux-firmware
+Score: 2.9 (Minor)
+Description: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
+Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081
+CVE-2017-13080
+Package: linux-firmware
+Score: 2.9 (Minor)
+Description: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
+Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080
 CVE-2017-9955
 Package: GNU Binutils
@@ -1034,18 +1052,4 @@ CVE-2014-9365
 Package: python
 Score: 5.8 (Medium)
 Description: The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. 
-Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365 
+Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365
-CVE-1000380
-Package: kernel
-Score: 2.1 (Low)
-Description: sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.
-Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1000380
- CVE-2017-1000253
-Package: kernel
-Score: 8.0 (High)
-Description: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.Upstream patch:https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86
-Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2017-1000253
author	Sona Sarmadi <sona.sarmadi@enea.com>	2018-01-29 08:45:31 +0100
committer	Sona Sarmadi <sona.sarmadi@enea.com>	2018-01-29 08:45:31 +0100
commit	b566b491d4003efd31631a893bc3434fc670189f (patch)
tree	dbada4640ddff9a1b2c92adce5b8f866b5e9ba28
parent	6958afa02e6903fd270383e281b578633458ee95 (diff)
download	el_releases-standard-b566b491d4003efd31631a893bc3434fc670189f.tar.gz