This repository has been archived by the owner on Mar 16, 2022. It is now read-only.
1.275.0
cf-buildpacks-eng
released this
18 Mar 18:15
·
11 commits
to master
since this release
Notably, this release addresses:
USN-3910-2 USN-3910-2: Linux kernel (Xenial HWE) vulnerabilities:
- CVE-2017-18241: fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users tocause a denial of service (NULL pointer dereference and panic) by using anoflush_merge option that triggers a NULL value for a flush_cmd_controldata structure.
- CVE-2018-1120: A flaw was found affecting the Linux kernel before version 4.17. Bymmap()ing a FUSE-backed file onto a process's memory containing commandline arguments (or environment strings), an attacker can cause utilitiesfrom psutils or procps (such as ps, w) or any other program which makes aread() call to the /proc//cmdline (or /proc//environ) files toblock indefinitely (denial of service) or for some controlled time (as asynchronization primitive for other attacks).
- CVE-2018-19985: USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data
- CVE-2018-7740: The resv_map_release function in mm/hugetlb.c in the Linux kernel through4.15.7 allows local users to cause a denial of service (BUG) via a craftedapplication that makes mmap system calls and has a large pgoff argument tothe remap_file_pages system call.
- CVE-2019-6133: In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism canbe bypassed because fork() is not atomic, and therefore authorizationdecisions are improperly cached. This is related to lack of uid checking inpolkitbackend/polkitbackendinteractiveauthority.c.
-ii linux-libc-dev:amd64 3.13.0-165.215 amd64 Linux Kernel Headers for development
+ii linux-libc-dev:amd64 3.13.0-167.217 amd64 Linux Kernel Headers for development