[Secure-testing-commits] r12875 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Wed Sep 23 18:31:17 UTC 2009


Author: gilbert-guest
Date: 2009-09-23 18:31:17 +0000 (Wed, 23 Sep 2009)
New Revision: 12875

Modified:
   data/CVE/list
Log:
another round of kernel issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-09-23 16:36:58 UTC (rev 12874)
+++ data/CVE/list	2009-09-23 18:31:17 UTC (rev 12875)
@@ -1,3 +1,18 @@
+CVE-2009-3290 [linux-2.6: exploatable priviledge escalation in hypercall]
+	- linux-2.6 <unfixed> (high)
+	[etch] - linux-2.6 <not-affected> (introduced in 2.6.25)
+	- linux-2.6.24 <removed>
+	[etch] - linux-2.6.24 <not-affected> (introduced in 2.6.25)
+	NOTE: fixed in upstream 2.6.31
+CVE-2009-3288 [linux-2.6: scsi null ptr dereference]
+	- linux-2.6 <unfixed> (medium)
+	[etch] - linux-2.6 <not-affected> (introduced in 2.6.28)
+	[lenny] - linux-2.6 <not-affected> (introduced in 2.6.28)
+	- linux-2.6.24 <removed>
+	[etch] - linux-2.6.24 <not-affected> (introduced in 2.6.28)
+CVE-2009-3286 [linux-2.6: O_EXCL creates on NFSv4]
+	- linux-2.6 2.6.30-1 (low)
+	- linux-2.6.24 <removed>
 CVE-2009-3270 (Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote ...)
 	NOT-FOR-US: Microsoft Internet Explorer 7
 CVE-2009-3269 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)




More information about the Secure-testing-commits mailing list