[Secure-testing-commits] r22447 - data/CVE
Michael Gilbert
mgilbert at alioth.debian.org
Sun Jun 2 19:04:18 UTC 2013
Author: mgilbert
Date: 2013-06-02 19:04:17 +0000 (Sun, 02 Jun 2013)
New Revision: 22447
Modified:
data/CVE/list
Log:
qemu issue researched
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-06-02 18:43:56 UTC (rev 22446)
+++ data/CVE/list 2013-06-02 19:04:17 UTC (rev 22447)
@@ -4044,13 +4044,14 @@
NOTE: http://marc.info/?l=linux-netdev&m=127310770900442&w=3
CVE-2013-2016 [qemu: virtio: out-of-bounds config space access]
RESERVED
- - qemu <undetermined>
- - qemu-kvm <undetermined>
+ - qemu <unfixed> (bug #710822)
+ [wheezy] - qemu <not-affected> (vulnerability introduced in 1.3.0)
+ [squeeze] - qemu <not-affected> (vulnerability introduced in 1.3.0)
+ - qemu-kvm <not-affected> (vulnerability introduced in 1.3.0)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2013-04/msg05013.html
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2013-04/msg05254.html
NOTE: http://marc.info/?l=oss-security&m=136722323931507&w=2
NOTE: Only pratically affects virtio-rng according to oss-reference (and if mmap_min_addr = 0)
- TODO: check
CVE-2013-2015 (The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel ...)
{DSA-2669-1 DSA-2668-1}
- linux 3.8-1 (low)
More information about the Secure-testing-commits
mailing list