[Secure-testing-commits] r46614 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 28 09:18:34 UTC 2016
Author: carnil
Date: 2016-11-28 09:18:29 +0000 (Mon, 28 Nov 2016)
New Revision: 46614
Modified:
data/CVE/list
Log:
Update status for CVE-2016-9178 and CVE-2016-9644
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-28 06:24:13 UTC (rev 46613)
+++ data/CVE/list 2016-11-28 09:18:29 UTC (rev 46614)
@@ -1753,15 +1753,22 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/4
NOTE: Slight mitigation and documentation improvement was done in 2.8.9dev.10 upstream
NOTE: the uplaod to unstable as 2.8.9dev10-1
-CVE-2016-9178 [privilege escalation in exception table handling]
- RESERVED
- - linux <not-affected> (Vulnerable code not present, see NOTE)
+CVE-2016-9644 [privilege escalation in exception table handling]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: No incorrect backport of CVE-2016-9178 done in Debian
NOTE: This is only an issue if 1c109fabbd51863475cd12ac206bdd249aee35af
NOTE: (added in 4.8) is backported without also backporting
NOTE: 548acf19234dbda5a52d5a8e7e205af46e9da840 (added in 4.6), as such
NOTE: src:linux was never affected. 1c109fabbd5 also wasn't backported to
NOTE: the 3.2 and 3.16 LTS series
NOTE: http://www.openwall.com/lists/oss-security/2016/11/03/2
+CVE-2016-9178 [information leak]
+ RESERVED
+ - linux 4.7.5-1
+ [jessie] - linux <no-dsa> (Minor issue)
+ [wheezy] - linux <no-dsa> (Minor issue)
+ NOTE: Fixed by: https://git.kernel.org/linus/1c109fabbd51863475cd12ac206bdd249aee35af (4.8-rc7)
+ NOTE: If this issue is fixed for older versions be careful to not open same issue as CVE-2016-9644
CVE-2016-9146
RESERVED
CVE-2016-9145
More information about the Secure-testing-commits
mailing list