[Secure-testing-commits] r28477 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Aug 27 05:24:40 UTC 2014
Author: carnil
Date: 2014-08-27 05:24:40 +0000 (Wed, 27 Aug 2014)
New Revision: 28477
Modified:
data/CVE/list
Log:
Two CVEs assigned for linux issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-26 23:58:48 UTC (rev 28476)
+++ data/CVE/list 2014-08-27 05:24:40 UTC (rev 28477)
@@ -144,12 +144,18 @@
TODO: check
CVE-2009-5142 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb ...)
TODO: check
-CVE-2014-XXXX [unbound recursion in ISOFS]
+CVE-2014-5472 [unbound recursion in ISOFS - causes a deadlock in the mount process in "inode_wait"]
- linux <unfixed>
- linux-2.6 <removed>
NOTE: https://code.google.com/p/google-security-research/issues/detail?id=88
NOTE: https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
NOTE: commit contained first in v3.17-rc2
+CVE-2014-5471 [unbound recursion in ISOFS - crashes / reboots a kernel due to kernel stack overflow / corruption]
+ - linux <unfixed>
+ - linux-2.6 <removed>
+ NOTE: https://code.google.com/p/google-security-research/issues/detail?id=88
+ NOTE: https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
+ NOTE: commit contained first in v3.17-rc2
CVE-2014-XXXX [XSS injection using monitored network traffic]
- ntopng <unfixed>
NOTE: http://seclists.org/fulldisclosure/2014/Aug/65
More information about the Secure-testing-commits
mailing list