[Secure-testing-commits] r12875 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Wed Sep 23 18:31:17 UTC 2009
Author: gilbert-guest
Date: 2009-09-23 18:31:17 +0000 (Wed, 23 Sep 2009)
New Revision: 12875
Modified:
data/CVE/list
Log:
another round of kernel issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-23 16:36:58 UTC (rev 12874)
+++ data/CVE/list 2009-09-23 18:31:17 UTC (rev 12875)
@@ -1,3 +1,18 @@
+CVE-2009-3290 [linux-2.6: exploatable priviledge escalation in hypercall]
+ - linux-2.6 <unfixed> (high)
+ [etch] - linux-2.6 <not-affected> (introduced in 2.6.25)
+ - linux-2.6.24 <removed>
+ [etch] - linux-2.6.24 <not-affected> (introduced in 2.6.25)
+ NOTE: fixed in upstream 2.6.31
+CVE-2009-3288 [linux-2.6: scsi null ptr dereference]
+ - linux-2.6 <unfixed> (medium)
+ [etch] - linux-2.6 <not-affected> (introduced in 2.6.28)
+ [lenny] - linux-2.6 <not-affected> (introduced in 2.6.28)
+ - linux-2.6.24 <removed>
+ [etch] - linux-2.6.24 <not-affected> (introduced in 2.6.28)
+CVE-2009-3286 [linux-2.6: O_EXCL creates on NFSv4]
+ - linux-2.6 2.6.30-1 (low)
+ - linux-2.6.24 <removed>
CVE-2009-3270 (Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote ...)
NOT-FOR-US: Microsoft Internet Explorer 7
CVE-2009-3269 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)
More information about the Secure-testing-commits
mailing list