[Secure-testing-commits] r41476 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri May 6 13:19:54 UTC 2016
Author: carnil
Date: 2016-05-06 13:19:53 +0000 (Fri, 06 May 2016)
New Revision: 41476
Modified:
data/CVE/list
Log:
Update information for new linux issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-06 13:06:20 UTC (rev 41475)
+++ data/CVE/list 2016-05-06 13:19:53 UTC (rev 41476)
@@ -1,6 +1,11 @@
CVE-2016-XXXX [UAF via double-fdput() in bpf(BPF_PROG_LOAD) error path]
- linux <unfixed> (bug #823603)
+ [jessie] - linux <not-affected> (Issue introduced later)
+ [wheezy] - linux <not-affected> (Issue introduced later)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=808
+ NOTE: Fixed by: https://git.kernel.org/linus/8358b02bf67d3a5d8a825070e1aa73f25fb2e4c7 (v4.6-rc6)
+ NOTE: Introduced by: https://git.kernel.org/linus/0246e64d9a5fcd4805198de59b9b5cf1f974eb41 (v3.18-rc1)
+ NOTE: Exploitable since: https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc (v4.4-rc1)
CVE-2016-4535 (Integer signedness error in the AV engine before DAT 8145, as used in ...)
TODO: check
CVE-2016-4534 (The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan ...)
More information about the Secure-testing-commits
mailing list