[Secure-testing-commits] r34753 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jun 6 08:10:16 UTC 2015
Author: carnil
Date: 2015-06-06 08:10:16 +0000 (Sat, 06 Jun 2015)
New Revision: 34753
Modified:
data/CVE/list
Log:
Add CVE-2015-4002/linux
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-06 08:03:48 UTC (rev 34752)
+++ data/CVE/list 2015-06-06 08:10:16 UTC (rev 34753)
@@ -526,8 +526,16 @@
RESERVED
CVE-2015-4003
RESERVED
-CVE-2015-4002
+CVE-2015-4002 [ozwpan: lack of a check for whether a length value (elt->length or len) was too small]
RESERVED
+ - linux <unfixed> (unimportant)
+ [wheezy] - linux <not-affected> (ozwpan driver not present)
+ - linux-2.6 <not-affected> (ozwpan driver not present)
+ NOTE: https://lkml.org/lkml/2015/5/13/740
+ NOTE: https://git.kernel.org/cgit/linux/kernel/git/gregkh/staging.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e
+ NOTE: https://lkml.org/lkml/2015/5/13/742
+ NOTE: https://git.kernel.org/cgit/linux/kernel/git/gregkh/staging.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8
+ NOTE: Not enabled in Debian kernels; staging drivers are not supported
CVE-2015-4001 [ozwpan: Use unsigned ints to prevent heap overflow]
RESERVED
- linux <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list