[Secure-testing-commits] r48311 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jan 23 21:55:37 UTC 2017
Author: jmm
Date: 2017-01-23 21:55:37 +0000 (Mon, 23 Jan 2017)
New Revision: 48311
Modified:
data/CVE/list
Log:
three linux issues n/a
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-23 21:10:12 UTC (rev 48310)
+++ data/CVE/list 2017-01-23 21:55:37 UTC (rev 48311)
@@ -105,10 +105,14 @@
CVE-2016-10154 [cifs: Fix smbencrypt() to stop pointing a scatterlist at the stack]
RESERVED
- linux 4.9.2-1
+ [jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
+ [wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
NOTE: Fixed by: https://git.kernel.org/linus/06deeec77a5a689cc94b21a8a91a76e42176685d (v4.10-rc1)
CVE-2016-10153 [libceph: introduce ceph_crypt() for in-place en/decryption]
RESERVED
- linux <unfixed>
+ [jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
+ [wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
NOTE: Fixed by: https://git.kernel.org/linus/a45f795c65b479b4ba107b6ccde29b896d51ee98 (v4.10-rc1)
CVE-2016-10152 [Use of hard-coded DNS domain if configuration file cannot be read]
RESERVED
@@ -160,6 +164,8 @@
CVE-2017-5548 [ieee802154: atusb: do not use the stack for buffers to make them DMA able]
RESERVED
- linux <unfixed>
+ [jessie] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
+ [wheezy] - linux <not-affected> (Introduced in 4.9 in combination with VMAP_STACK)
NOTE: Fixed by: https://git.kernel.org/linus/05a974efa4bdf6e2a150e3f27dc6fcf0a9ad5655
CVE-2017-5547 [HID: corsair: fix DMA buffers on stack]
RESERVED
More information about the Secure-testing-commits
mailing list