From c5130173877a9f0979e6743afcc6791478c820a9 Mon Sep 17 00:00:00 2001
From: feld <feld@FreeBSD.org>
Date: Tue, 25 Oct 2016 17:56:09 +0000
Subject: Document revised FreeBSD-SA-16:15.sysarch

---
 security/vuxml/vuln.xml | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

(limited to 'security')

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index aaf742ed27c1..3232dbb13c29 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -3099,9 +3099,11 @@ and CVE-2013-0155.</p>
     <affects>
       <package>
 	<name>FreeBSD-kernel</name>
-	<range><ge>10.2</ge><lt>10.2_14</lt></range>
-	<range><ge>10.1</ge><lt>10.1_31</lt></range>
-	<range><ge>9.3</ge><lt>9.3_39</lt></range>
+	<range><ge>11.0</ge><lt>11.0_2</lt></range>
+	<range><ge>10.3</ge><lt>10.3_11</lt></range>
+	<range><ge>10.2</ge><lt>10.2_24</lt></range>
+	<range><ge>10.1</ge><lt>10.1_41</lt></range>
+	<range><ge>9.3</ge><lt>9.3_49</lt></range>
       </package>
     </affects>
     <description>
@@ -3110,10 +3112,10 @@ and CVE-2013-0155.</p>
 	<p>A special combination of sysarch(2) arguments, specify
 	a request to uninstall a set of descriptors from the LDT.
 	The start descriptor is cleared and the number of descriptors
-	are provided. Due to invalid use of a signed intermediate
-	value in the bounds checking during argument validity
-	verification, unbound zero'ing of the process LDT and
-	adjacent memory can be initiated from usermode.</p>
+	are provided. Due to lack of sufficient bounds checking
+	during argument validity verification, unbound zero'ing of
+	the process LDT and adjacent memory can be initiated from
+	usermode.</p>
 	<h1>Impact:</h1>
 	<p>This vulnerability could cause the kernel to panic. In
 	addition it is possible to perform a local Denial of Service
@@ -3127,6 +3129,7 @@ and CVE-2013-0155.</p>
     <dates>
       <discovery>2016-03-16</discovery>
       <entry>2016-08-11</entry>
+      <modified>2016-10-25</modified>
     </dates>
   </vuln>
 
-- 
cgit