[Secure-testing-commits] r38457 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 21 17:42:57 UTC 2015
Author: carnil
Date: 2015-12-21 17:42:56 +0000 (Mon, 21 Dec 2015)
New Revision: 38457
Modified:
data/CVE/list
Log:
CVE-2015-8569: pptp_{connect,bind} introduced in v2.6.37-rc1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-21 16:48:56 UTC (rev 38456)
+++ data/CVE/list 2015-12-21 17:42:56 UTC (rev 38457)
@@ -630,8 +630,10 @@
RESERVED
- linux <unfixed>
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 <not-affected> (Vulnerable code introduced later)
NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/7
NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1 (v4.4-rc6)
+ NOTE: pptp_{connect,bind} introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=00959ade36acadc00e757f87060bf6e4501d545f (v2.6.37-rc1)
NOTE: https://twitter.com/grsecurity/status/676744240802750464
NOTE: https://lkml.org/lkml/2015/12/14/252
CVE-2015-8568 [net: vmxnet3: host memory leakage -- did not free the transmit & receive buffers while deactivating]
More information about the Secure-testing-commits
mailing list