[Secure-testing-commits] r42589 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jun 17 04:20:27 UTC 2016
Author: carnil
Date: 2016-06-17 04:20:27 +0000 (Fri, 17 Jun 2016)
New Revision: 42589
Modified:
data/CVE/list
Log:
Make workaround entry for CVE-2016-285{3,4}
NOTE: since not affected would mark as well lower suites as
not-affected.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-17 03:06:30 UTC (rev 42588)
+++ data/CVE/list 2016-06-17 04:20:27 UTC (rev 42589)
@@ -7759,16 +7759,18 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1296567
NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/9
CVE-2016-2854 (The aufs module for the Linux kernel 3.x and 4.x does not properly ...)
- - linux <not-affected> (Vulnerable code is not present)
+ - linux 3.18-1~exp1
[jessie] - linux <no-dsa> (Not exploitable in default configuration)
+ [wheezy] - linux <no-dsa> (User namespaces are non-functional)
NOTE: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
NOTE: https://sourceforge.net/p/aufs/mailman/message/34864744/
NOTE: This depends on a user namespace creator being able to mount aufs.
NOTE: jessie: Unprivileged users are not allowed to create user namespaces by default; aufs is not allowed to be mounted from a new user namespace by default.
NOTE: wheezy: User namespaces are non-functional.
CVE-2016-2853 (The aufs module for the Linux kernel 3.x and 4.x does not properly ...)
- - linux <not-affected> (Vulnerable code is not present)
+ - linux 3.18-1~exp1
[jessie] - linux <no-dsa> (Not exploitable in default configuration)
+ [wheezy] - linux <no-dsa> (User namespaces are non-functional)
NOTE: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
NOTE: https://sourceforge.net/p/aufs/mailman/message/34864744/
NOTE: This depends on a user namespace creator being able to mount aufs.
More information about the Secure-testing-commits
mailing list