[Secure-testing-commits] r28791 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Sep 15 17:37:40 UTC 2014
Author: carnil
Date: 2014-09-15 17:37:40 +0000 (Mon, 15 Sep 2014)
New Revision: 28791
Modified:
data/CVE/list
Log:
Three CVE assigned for linux/libceph issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-15 17:35:19 UTC (rev 28790)
+++ data/CVE/list 2014-09-15 17:37:40 UTC (rev 28791)
@@ -1,9 +1,14 @@
-CVE-2014-XXXX [libceph: do not hard code max auth ticket len]
- - linux <unfixed>
- - linux-2.6 <removed>
- NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
- NOTE: http://tracker.ceph.com/issues/8979
- TODO: check
+CVE-2014-6418 [libceph: missing validation of the auth reply]
+ - linux <unfixed>
+ - linux-2.6 <removed>
+ NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit
+ NOTE: http://tracker.ceph.com/issues/8979
+CVE-2014-6417 [libceph: incorrect handling of kmalloc failures]
+ - linux <unfixed>
+ - linux-2.6 <removed>
+ NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit
+ NOTE: http://tracker.ceph.com/issues/8979
+CVE-2014-6416 [libceph: buffer overflow]
CVE-2014-6410 [udf: Avoid infinite loop when processing indirect ICBs]
- linux <unfixed>
- linux-2.6 <removed>
More information about the Secure-testing-commits
mailing list