=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata61.html,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- www/errata61.html 2017/07/05 15:56:53 1.17 +++ www/errata61.html 2017/08/03 16:48:08 1.18 @@ -253,6 +253,131 @@ A source code patch exists which remedies this problem.

+

  • + +015: RELIABILITY FIX: August 3, 2017All architectures +
    +A SIGIO-related use-after-free can occur in two drivers. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +016: RELIABILITY FIX: August 3, 2017All architectures +
    +A missing length check in sendsyslog() may result in a kernel panic. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +017: SECURITY FIX: August 3, 2017All architectures +
    +An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE) +may result in a kernel panic or info leak. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +018: SECURITY FIX: August 3, 2017All architectures +
    +An alignment issue in recv() may result in an info leak via ktrace(). +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +019: SECURITY FIX: August 3, 2017All architectures +
    +With an invalid address family, tcp_usrreq() may take an unintended code path. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +020: SECURITY FIX: August 3, 2017All architectures +
    +Missing socket address validation from userland may result in an info leak. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +021: SECURITY FIX: August 3, 2017All architectures +
    +An uninitialized variable in ptrace() may result in an info leak. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +022: SECURITY FIX: August 3, 2017All architectures +
    +An uninitialized variable in fcntl() may result in an info leak. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +023: RELIABILITY FIX: August 3, 2017All architectures +
    +An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds +read. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +024: SECURITY FIX: August 3, 2017All architectures +
    +A race condition in sosplice() may result in a kernel memory leak. +
    + +A source code patch exists which remedies this problem. +

    + +

  • + +025: SECURITY FIX: August 3, 2017All architectures +
    +An out of bounds read could occur during processing of EAPOL frames in +the wireless stack. Information from kernel memory could be leaked to +root in userland via an ieee80211(9) ioctl. +
    + +A source code patch exists which remedies this problem. +

    +