[Secure-testing-commits] r30015 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Nov 13 08:39:32 UTC 2014


Author: carnil
Date: 2014-11-13 08:39:18 +0000 (Thu, 13 Nov 2014)
New Revision: 30015

Modified:
   data/CVE/list
Log:
Add CVE-2014-7841/linux, not checked yet

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-13 08:36:56 UTC (rev 30014)
+++ data/CVE/list	2014-11-13 08:39:18 UTC (rev 30015)
@@ -1830,8 +1830,12 @@
 	RESERVED
 CVE-2014-7842
 	RESERVED
-CVE-2014-7841
+CVE-2014-7841 [net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet]
 	RESERVED
+	- linux <unfixed>
+	- linux-2.6 <removed>
+	NOTE: Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=e40607cbe270a9e8360907cb1e62ddf0736e4864
+	TODO: check
 CVE-2014-7840 [insufficient parameter validation during ram load]
 	RESERVED
 	- qemu <unfixed>




More information about the Secure-testing-commits mailing list