retired/CVE-2017-13305


1
2
3
4
5
6
7
8
9
10
11
12
13
14

Description: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker
References:
 https://source.android.com/security/bulletin/pixel/2018-04-01
 https://bugzilla.redhat.com/show_bug.cgi?id=1581637
Notes:
 carnil> Possibly only affecting 3.18+ but needs check.
Bugs:
upstream: released (4.12-rc5) [794b4bc292f5d31739d89c0202c54e7dc9bc3add]
4.19-upstream-stable: N/A "Fixed before branch point"
4.9-upstream-stable: released (4.9.81) [9692602ab850eec484d8cc5a740803d34f00016c]
3.16-upstream-stable: released (3.16.62) [bfe535bf4ab73e41922c7a58d6a858a2c435ff29]
sid: released (4.12.6-1)
4.9-stretch-security: released (4.9.82-1+deb9u1)
3.16-jessie-security: released (3.16.64-1)