[Secure-testing-commits] r28255 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Aug 13 09:23:48 UTC 2014
Author: carnil
Date: 2014-08-13 09:23:48 +0000 (Wed, 13 Aug 2014)
New Revision: 28255
Modified:
data/CVE/list
Log:
Two CVEs for Linux issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-13 09:21:05 UTC (rev 28254)
+++ data/CVE/list 2014-08-13 09:23:48 UTC (rev 28255)
@@ -1,7 +1,15 @@
-CVE-2014-XXXX [ro bind mount bypass using user namespaces]
+CVE-2014-5207 [ro bind mount bypass using user namespaces]
- linux <unfixed>
- linux-2.6 <removed>
+ NOTE: https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=9566d6742852c527bf5af38af5cbb878dad75705
NOTE: Thread starting at http://www.openwall.com/lists/oss-security/2014/08/12/6
+ TODO: check
+CVE-2014-5206 [ro bind mount bypass using user namespaces]
+ - linux <unfixed>
+ - linux-2.6 <removed>
+ NOTE: https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c033328608299cd6fac06ea50130
+ NOTE: Thread starting at http://www.openwall.com/lists/oss-security/2014/08/12/6
+ TODO: check
CVE-2014-XXXX [cacti remote code execution]
- cacti <unfixed>
NOTE: CVE id requested via oss-sec, maintainer in the loop
More information about the Secure-testing-commits
mailing list