[Secure-testing-commits] r44651 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Sep 16 15:34:18 UTC 2016
Author: carnil
Date: 2016-09-16 15:34:18 +0000 (Fri, 16 Sep 2016)
New Revision: 44651
Modified:
data/CVE/list
Log:
Add another qemu issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-16 15:34:06 UTC (rev 44650)
+++ data/CVE/list 2016-09-16 15:34:18 UTC (rev 44651)
@@ -1,3 +1,13 @@
+CVE-2016-XXXX [scsi: mptsas: OOB access when freeing MPTSASRequest object]
+ - qemu <unfixed>
+ [jessie] - qemu <not-affected> (Vulnerable code introduced later)
+ [wheezy] - qemu <not-affected> (Vulnerable code introduced later)
+ - qemu-kvm <not-affected> (Vulnerable code introduced later)
+ NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03604.html
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1376776
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/09/16/5
+ NOTE: LSI SAS1068 (mptsas) device support added in
+ NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=e351b82611293683c4cabe4b69b7552bde5d4e2a (v2.6.0-rc0)
CVE-2016-XXXX [virtio: null pointer dereference in virtqueue_map_desc]
- qemu <unfixed>
[jessie] - qemu <not-affected> (Vulnerable code introduced later)
More information about the Secure-testing-commits
mailing list