[Secure-testing-commits] r45308 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 14 15:10:55 UTC 2016
Author: carnil
Date: 2016-10-14 15:10:55 +0000 (Fri, 14 Oct 2016)
New Revision: 45308
Modified:
data/CVE/list
Log:
Update status for CVE-2016-7466 as confirmed by maintainer
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-14 13:51:29 UTC (rev 45307)
+++ data/CVE/list 2016-10-14 15:10:55 UTC (rev 45308)
@@ -833,13 +833,14 @@
CVE-2016-7466 [usb: xhci memory leakage during device unplug]
RESERVED
- qemu <unfixed> (bug #838687)
- - qemu-kvm <removed>
+ [jessie] - qemu <not-affected> (Introduced in v2.2.0-rc0)
+ [wheezy] - qemu <not-affected> (Introduced in v2.2.0-rc0)
+ - qemu-kvm <not-affected> (Introduced in v2.2.0-rc0)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg02773.html
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=b53dd4495ced2432a0b652ea895e651d07336f7e
NOTE: The usb_xhci_exit and thus the patched code was introduced in:
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=53c30545fb34c43c84d62ea1c2b0dc6b53303c34 (v2.2.0-rc0)
NOTE: http://www.openwall.com/lists/oss-security/2016/09/19/8
- TODO: check if older versions are affected even due to lack of usb_xhci_exit
CVE-2016-8280 (Directory traversal vulnerability in Huawei eSight before ...)
TODO: check
CVE-2016-8279 (The video driver in Huawei Mate S smartphones with software CRR-TL00 ...)
More information about the Secure-testing-commits
mailing list