[Secure-testing-commits] r48361 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 25 09:56:25 UTC 2017
Author: carnil
Date: 2017-01-25 09:56:25 +0000 (Wed, 25 Jan 2017)
New Revision: 48361
Modified:
data/CVE/list
Log:
Add CVE-2017-5578/qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-25 09:54:53 UTC (rev 48360)
+++ data/CVE/list 2017-01-25 09:56:25 UTC (rev 48361)
@@ -39,6 +39,12 @@
- tigervnc <unfixed> (bug #852213)
NOTE: https://github.com/TigerVNC/tigervnc/pull/399
NOTE: https://github.com/TigerVNC/tigervnc/commit/18c020124ff1b2441f714da2017f63dba50720ba
+CVE-2017-5578 [display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing]
+ - qemu <unfixed>
+ - qemu-kvm <removed>
+ NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=204f01b30975923c64006f8067f0937b91eea68b
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415795
+ TODO: check affected versions
CVE-2017-5577 [drm/vc4: Return -EINVAL on the overflow checks failing]
- linux <unfixed>
[jessie] - linux <not-affected> (Vulnerable code introduced later)
More information about the Secure-testing-commits
mailing list