[Secure-testing-commits] r34691 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Jun 3 18:13:13 UTC 2015 

Author: carnil
Date: 2015-06-03 18:13:13 +0000 (Wed, 03 Jun 2015)
New Revision: 34691

Modified:
   data/CVE/list
Log:
One linux issue will get two CVEs according to MITRE

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-03 17:48:44 UTC (rev 34690)
+++ data/CVE/list	2015-06-03 18:13:13 UTC (rev 34691)
@@ -56,7 +56,7 @@
 	RESERVED
 CVE-2015-4127 (Cross-site scripting (XSS) vulnerability in the church_admin plugin ...)
 	NOT-FOR-US: church_admin plugin for WordPress
-CVE-2015-XXXX [ns: user namespaces panic]
+CVE-2015-XXXX [ns: user namespaces panic -- lack of internal consistency of a data structure]
 	- linux <not-affected> (Commit was applied to 4.0.2 as well but fixed in Debian by two subsequent commits)
 	NOTE: Debian both applies "mnt: Fail collect_mounts when applied to unmounted mounts"
 	NOTE: and "fs_pin: Allow for the possibility that m_list or s_list go unused." in
@@ -64,6 +64,14 @@
 	- linux-2.6 <not-affected> (Introduced and fixed in 4.1-rc1 upstream)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce07d891a0891d3c0d0c2d73d577490486b809e1 (v4.1-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953 (v4.1-rc1)
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/29/5
+CVE-2015-XXXX [ns: user namespaces panic -- lack of state identification]
+	- linux <not-affected> (Commit was applied to 4.0.2 as well but fixed in Debian by two subsequent commits)
+	NOTE: Debian both applies "mnt: Fail collect_mounts when applied to unmounted mounts"
+	NOTE: and "fs_pin: Allow for the possibility that m_list or s_list go unused." in
+	NOTE: 4.0.2-1
+	- linux-2.6 <not-affected> (Introduced and fixed in 4.1-rc1 upstream)
+	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce07d891a0891d3c0d0c2d73d577490486b809e1 (v4.1-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cd4a40174b71acd021877341684d8bb1dc8ea4ae (v4.1-rc1)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/29/5
 CVE-2015-4126

More information about the Secure-testing-commits mailing list