Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 23 Dec 2017 09:10:28 +0100
From: Salvatore Bonaccorso <>
Subject: Re: Linux >=4.9: eBPF memory corruption bugs


MITRE has assigned 6 more CVEs for:

CVE-2017-17857 [bpf: fix missing error return in check_stack_boundary()]
Fixed by:

CVE-2017-17856 [bpf: force strict alignment checks for stack pointers]
Fixed by:

CVE-2017-17855 [bpf: don't prune branches when a scalar is replaced with a pointer]
Fixed by:

CVE-2017-17854 [bpf: fix integer overflows]
Fixed by:

CVE-2017-17853 [bpf/verifier: fix bounds calculation on BPF_RSH]
Fixed by:

CVE-2017-17852 [bpf: fix 32-bit ALU op verification]
Fixed by:


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.