[Secure-testing-commits] r26915 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed May 14 04:56:36 UTC 2014
Author: carnil
Date: 2014-05-14 04:55:28 +0000 (Wed, 14 May 2014)
New Revision: 26915
Modified:
data/CVE/list
Log:
Linux issues fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-13 21:36:03 UTC (rev 26914)
+++ data/CVE/list 2014-05-14 04:55:28 UTC (rev 26915)
@@ -437,14 +437,14 @@
TODO: check
CVE-2014-3145 [linux: filter: prevent nla extensions to peek beyond the end of the message]
RESERVED
- - linux <unfixed>
+ - linux 3.14.4-1
- linux-2.6 <removed>
NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
CVE-2014-3144 [linux: filter: prevent nla extensions to peek beyond the end of the message]
RESERVED
- - linux <unfixed>
+ - linux 3.14.4-1
- linux-2.6 <removed>
NOTE: Upstream fix https://git.kernel.org/linus/05ab8f2647e4221cbdb3856dd7d32bd5407316b3
NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
@@ -996,7 +996,7 @@
CVE-2014-3122 [mm: try_to_unmap_cluster() should lock_page() before mlocking]
RESERVED
{DSA-2926-1}
- - linux <unfixed> (bug #747326)
+ - linux 3.14.4-1 (bug #747326)
- linux-2.6 <removed>
NOTE: Introduced by https://git.kernel.org/linus/b291f000393f5a0b679012b39d79fbc85c018233
NOTE: Fixed by https://git.kernel.org/linus/57e68e9cd65b4b8eb4045a1e0d0746458502554c (v3.15-rc1)
@@ -1627,7 +1627,7 @@
NOTE: https://nodesecurity.io/advisories/marked_multiple_content_injection_vulnerabilities
CVE-2014-2851 (Integer overflow in the ping_init_sock function in net/ipv4/ping.c in ...)
{DSA-2926-1}
- - linux <unfixed> (low)
+ - linux 3.14.4-1 (low)
- linux-2.6 <not-affected> (Introduced in 3.0)
NOTE: https://lkml.org/lkml/2014/4/10/736
NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=b04c46190219a4f845e46a459e3102137b7f6cac
@@ -4324,13 +4324,13 @@
CVE-2014-1738
RESERVED
{DSA-2926-1}
- - linux <unfixed>
+ - linux 3.14.4-1
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2145e15e0557a01b9195d1c7199a1b92cb9be81f
CVE-2014-1737
RESERVED
{DSA-2926-1}
- - linux <unfixed>
+ - linux 3.14.4-1
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c
CVE-2014-1736 (Integer overflow in api.cc in Google V8, as used in Google Chrome ...)
@@ -8635,7 +8635,7 @@
RESERVED
CVE-2014-0196 (The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel ...)
{DSA-2926-1}
- - linux <unfixed> (bug #747166)
+ - linux 3.14.4-1 (bug #747166)
- linux-2.6 <removed>
NOTE: PoC: http://pastebin.com/yTSFUBgZ
CVE-2014-0195
@@ -8747,7 +8747,7 @@
CVE-2014-0156
RESERVED
CVE-2014-0155 (The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel ...)
- - linux <unfixed> (low)
+ - linux 3.14.4-1 (low)
[wheezy] - linux <not-affected> (Vulnerable code not present)
- linux-2.6 <not-affected> (Vulnerable code not present)
NOTE: fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60
More information about the Secure-testing-commits
mailing list