[Secure-testing-commits] r46727 - data/CVE

Luciano Bello luciano at moszumanska.debian.org
Sat Dec 3 04:28:41 UTC 2016


Author: luciano
Date: 2016-12-03 04:28:41 +0000 (Sat, 03 Dec 2016)
New Revision: 46727

Modified:
   data/CVE/list
Log:
linux issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-03 03:11:19 UTC (rev 46726)
+++ data/CVE/list	2016-12-03 04:28:41 UTC (rev 46727)
@@ -5224,6 +5224,12 @@
 	RESERVED
 CVE-2017-0381
 	RESERVED
+CVE-2016-9794 [Linux kernel: ALSA: use-after-free in,kill_fasync]
+	- linux <unfixed>
+	NOTE: http://seclists.org/oss-sec/2016/q4/576
+CVE-2016-9793 [Linux: signed overflows for SO_{SND|RCV}BUFFORCE]
+	- linux <unfixed>
+	NOTE: http://seclists.org/oss-sec/2016/q4/574
 CVE-2016-9775 [tomcat8: privilege escalation during package removal]
 	{DLA-729-1 DLA-728-1}
 	- tomcat8 8.5.8-2 (bug #845385)
@@ -37783,6 +37789,10 @@
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/92cd6d7fe0d01c61cf68ac4ef65ef388ee252415/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/9cbca25ff7f20c432b61eb9f4cae43a946502b66/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/e0dd1114c82d372dd905c029ddbee4e81ed01a89/
+CVE-2012-6704 [Linux: signed overflows for SO_SNDBUF and SO_RCVBUF that affects "before 3.5" kernels]
+	- linux 3.16.36-1+deb8u1
+	NOTE: TODO
+	NOTE: http://seclists.org/oss-sec/2016/q4/574
 CVE-2012-6703 (Integer overflow in the snd_compr_allocate_buffer function in ...)
 	- linux 3.8.11-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)




More information about the Secure-testing-commits mailing list