[Secure-testing-commits] r30134 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 18 16:26:42 UTC 2014
Author: carnil
Date: 2014-11-18 16:26:42 +0000 (Tue, 18 Nov 2014)
New Revision: 30134
Modified:
data/CVE/list
Log:
Add CVE-2014-1421/mountall
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-18 15:53:03 UTC (rev 30133)
+++ data/CVE/list 2014-11-18 16:26:42 UTC (rev 30134)
@@ -18742,8 +18742,14 @@
RESERVED
CVE-2014-1422
RESERVED
-CVE-2014-1421
+CVE-2014-1421 [insecure mount permissions]
RESERVED
+ - mountall <unfixed>
+ NOTE: See https://bugs.launchpad.net/ubuntu/+source/partman-efi/+bug/1390183
+ NOTE: and http://www.ubuntu.com/usn/usn-2411-1
+ NOTE: There is a note in ubuntu's tracker mentioning that this is an issue
+ NOTE: only in combination with newer mount utilities.
+ TODO: check which combination vulnerable
CVE-2014-1420
RESERVED
CVE-2014-1419 (Race condition in the power policy functions in policy-funcs in ...)
More information about the Secure-testing-commits
mailing list