[Secure-testing-commits] r39729 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-02-16 18:45:31 +0000 (Tue, 16 Feb 2016)
New Revision: 39729

Modified:
   data/CVE/list
Log:
Add CVE-2016-2392/qemu

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-16 17:53:02 UTC (rev 39728)
+++ data/CVE/list	2016-02-16 18:45:31 UTC (rev 39729)
@@ -1,3 +1,9 @@
+CVE-2016-2392 [usb: null pointer dereference in remote NDIS control message handling]
+	- qemu <unfixed>
+	- qemu-kvm <removed>
+	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg02553.html
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1302299
+	TODO: check affected versions
 CVE-2016-2391 [usb: multiple eof_timers in ohci leads to null  pointer dereference]
 	- qemu <unfixed>
 	[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)