[Secure-testing-commits] r30103 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 17 20:41:10 UTC 2014
Author: carnil
Date: 2014-11-17 20:41:10 +0000 (Mon, 17 Nov 2014)
New Revision: 30103
Modified:
data/CVE/list
Log:
Update information for CVE-2014/8485/binutils
Add description for CVE.
Adjust fixed version to 2.24.90.20141104-1 as the relevant commit was
included in 2.24.90.20141104-1.
Reference upstream commit for this CVE.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-17 20:22:34 UTC (rev 30102)
+++ data/CVE/list 2014-11-17 20:41:10 UTC (rev 30103)
@@ -758,10 +758,11 @@
- linux-2.6 <not-affected> (Introduced in 3.17)
NOTE: The NULL pointer dereference was introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=41061cdb98a0bec464278b4db8e894a3121671f5 (v3.17-rc1)
NOTE: Fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=3f6f1480d86bf9fc16c160d803ab1d006e3058d5
-CVE-2014-8485
+CVE-2014-8485 [lack of range checking leading to controlled write in _bfd_elf_setup_sections()]
RESERVED
- - binutils 2.24.90.20141111-1
+ - binutils 2.24.90.20141104-1
NOTE: http://lcamtuf.blogspot.com.au/2014/10/psa-dont-run-strings-on-untrusted-files.html
+ NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=493a33860c71cac998f1a56d6d87d6faa801fbaa
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510
CVE-2014-8484 [Invalid read flaw in libbfd]
RESERVED
More information about the Secure-testing-commits
mailing list