[Secure-testing-commits] r26915 - data/CVE

Wed May 14 04:56:36 UTC 2014

Author: carnil
Date: 2014-05-14 04:55:28 +0000 (Wed, 14 May 2014)
New Revision: 26915

Modified:
   data/CVE/list
Log:
Linux issues fixed in unstable

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-05-13 21:36:03 UTC (rev 26914)
+++ data/CVE/list	2014-05-14 04:55:28 UTC (rev 26915)
@@ -437,14 +437,14 @@
 	TODO: check
 CVE-2014-3145 [linux: filter: prevent nla extensions to peek beyond the end of the message]
 	RESERVED
-	- linux <unfixed>
+	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
 	NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
 	NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
 CVE-2014-3144 [linux: filter: prevent nla extensions to peek beyond the end of the message]
 	RESERVED
-	- linux <unfixed>
+	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
 	NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
@@ -996,7 +996,7 @@
 CVE-2014-3122 [mm: try_to_unmap_cluster() should lock_page() before mlocking]
 	RESERVED
 	{DSA-2926-1}
-	- linux <unfixed> (bug #747326)
+	- linux 3.14.4-1 (bug #747326)
 	- linux-2.6 <removed>
 	NOTE: Introduced by https://git.kernel.org/linus/b291f000393f5a0b679012b39d79fbc85c018233
 	NOTE: Fixed by https://git.kernel.org/linus/57e68e9cd65b4b8eb4045a1e0d0746458502554c (v3.15-rc1)
@@ -1627,7 +1627,7 @@
 	NOTE: https://nodesecurity.io/advisories/marked_multiple_content_injection_vulnerabilities
 CVE-2014-2851 (Integer overflow in the ping_init_sock function in net/ipv4/ping.c in ...)
 	{DSA-2926-1}
-	- linux <unfixed> (low)
+	- linux 3.14.4-1 (low)
 	- linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: https://lkml.org/lkml/2014/4/10/736
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=b04c46190219a4f845e46a459e3102137b7f6cac
@@ -4324,13 +4324,13 @@
 CVE-2014-1738
 	RESERVED
 	{DSA-2926-1}
-	- linux <unfixed>
+	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2145e15e0557a01b9195d1c7199a1b92cb9be81f
 CVE-2014-1737
 	RESERVED
 	{DSA-2926-1}
-	- linux <unfixed>
+	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c
 CVE-2014-1736 (Integer overflow in api.cc in Google V8, as used in Google Chrome ...)
@@ -8635,7 +8635,7 @@
 	RESERVED
 CVE-2014-0196 (The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel ...)
 	{DSA-2926-1}
-	- linux <unfixed> (bug #747166)
+	- linux 3.14.4-1 (bug #747166)
 	- linux-2.6 <removed>
 	NOTE: PoC: http://pastebin.com/yTSFUBgZ
 CVE-2014-0195
@@ -8747,7 +8747,7 @@
 CVE-2014-0156
 	RESERVED
 CVE-2014-0155 (The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel ...)
-	- linux <unfixed> (low)
+	- linux 3.14.4-1 (low)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60


