[Secure-testing-commits] r22103 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Apr 30 13:11:48 UTC 2013 

Author: jmm
Date: 2013-04-30 13:11:48 +0000 (Tue, 30 Apr 2013)
New Revision: 22103

Modified:
   data/CVE/list
Log:
kernel updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-04-30 12:31:50 UTC (rev 22102)
+++ data/CVE/list	2013-04-30 13:11:48 UTC (rev 22103)
@@ -149,37 +149,37 @@
 	- linux-2.6 <not-affected> ((net/vmw_vsock/af_vsock.c not present)
 	- linux <not-affected> (net/vmw_vsock/af_vsock.c not present)
 	- open-vm-tools <unfixed>
-	TODO: check
+	TODO: check open-vm-tools
 CVE-2013-3236 (The vmci_transport_dgram_dequeue function in ...)
 	- linux-2.6 <not-affected> (VM Sockets only introduced in 3.9-rc1)
 	- linux <not-affected> (VM Sockets introduced in 3.9-rc1)
 CVE-2013-3235 (net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not ...)
-	- linux-2.6 <removed>
-	- linux <unfixed>
+	- linux-2.6 <removed> (low)
+	- linux <unfixed> (low)
 CVE-2013-3234 (The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel ...)
-	- linux-2.6 <unfixed>
-	- linux <unfixed>
+	- linux-2.6 <unfixed> (low)
+	- linux <unfixed> (low)
 CVE-2013-3233 (The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux ...)
-	- linux-2.6 <not-affected> (net/nfc/llcp/sock.c not present)
-	- linux <not-affected> (net/nfc/llcp/sock.c not present in 3.2 series)
+	- linux-2.6 <not-affected> (net/nfc/llcp/sock.c not present, introduced in 3.3)
+	- linux <not-affected> (net/nfc/llcp/sock.c not present, introduced in 3.3)
 CVE-2013-3232 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel ...)
-	- linux-2.6 <removed>
-	- linux <unfixed>
+	- linux-2.6 <removed> (low)
+	- linux <unfixed> (low)
 CVE-2013-3231 (The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel ...)
-	- linux-2.6 <removed>
-	- linux <unfixed>
+	- linux-2.6 <removed> (low)
+	- linux <unfixed> (low)
 CVE-2013-3230 (The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux ...)
 	- linux-2.6 <not-affected> (net/l2tp/l2tp_ip6.c not present)
 	- linux <not-affected> (net/l2tp/l2tp_ip6.c introduced in 3.5)
 CVE-2013-3229 (The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux ...)
-	- linux-2.6 <removed>
-	- linux <unfixed>
+	- linux-2.6 <removed> (low)
+	- linux <unfixed> (low)
 CVE-2013-3228 (The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux ...)
-	- linux-2.6 <removed>
-	- linux <unfixed>
+	- linux-2.6 <removed> (low)
+	- linux <unfixed> (low)
 CVE-2013-3227 (The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the ...)
 	- linux-2.6 <not-affected> (net/caif/caif_socket.c introduced in v2.6.35)
-	- linux <unfixed>
+	- linux <unfixed> (low)
 CVE-2013-3226 (The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux ...)
 	- linux-2.6 <not-affected> (Vulnerable code not yet present)
 	- linux <not-affected> (Vulnerable code not yet present)
@@ -500,9 +500,8 @@
 CVE-2013-3077
 	RESERVED
 CVE-2013-3076 (The crypto API in the Linux kernel through 3.9-rc8 does not initialize ...)
-	- linux <unfixed>
-	- linux-2.6 <not-affected>
-	TODO: check
+	- linux <unfixed> (low)
+	- linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2013-3075 (Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX ...)
 	NOT-FOR-US: Mitsubishi MX Component 3
 CVE-2013-3074

More information about the Secure-testing-commits mailing list