[Secure-testing-commits] r12839 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Thu Sep 17 18:56:46 UTC 2009
Author: gilbert-guest
Date: 2009-09-17 18:56:46 +0000 (Thu, 17 Sep 2009)
New Revision: 12839
Modified:
data/CVE/list
Log:
more kernel issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-17 17:15:54 UTC (rev 12838)
+++ data/CVE/list 2009-09-17 18:56:46 UTC (rev 12839)
@@ -1,6 +1,8 @@
CVE-2009-3234 [Buffer overflow in performance counters]
- linux-2.6 <not-affected> (Introduced in 2.6.31)
- - linux-2.6.24 <not-affected> (Introduced in 2.6.31)
+ - linux-2.6.24 <removed>
+ [etch] - linux-2.6.24 <not-affected> (Introduced in 2.6.31)
+ TODO: check when 2.6.31 enters unstable; working exploit code exists [-linux-2.6 <unfixed> (high)]
CVE-2009-3227
NOT-FOR-US: AlmondSoft Almond Classifieds Ads Enterprise
CVE-2009-3226
@@ -2018,7 +2020,8 @@
CVE-2009-2696
RESERVED
CVE-2009-2695 (The Linux kernel before 2.6.31-rc7 does not properly prevent mmap ...)
- TODO: check
+ - linux-2.6 <unfixed> (medium)
+ - linux-2.6.24 <removed> (medium)
CVE-2009-2694 (The msn_slplink_process_msg function in ...)
{DSA-1870-1}
- pidgin 2.5.9-1 (medium; bug #542486)
@@ -14189,7 +14192,9 @@
NOTE: just a crasher, no security implications known so far
NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
CVE-2008-4609 (The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ...)
- TODO: check
+ - linux-2.6 <unfixed> (low)
+ - linux-2.6.24 <removed> (low)
+ NOTE: lots of speculation, nothing very definitive (but fixed recently my microsoft)
CVE-2008-4608
RESERVED
CVE-2008-4607
More information about the Secure-testing-commits
mailing list