[Secure-testing-commits] r48436 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jan 26 21:03:40 UTC 2017 

Author: carnil
Date: 2017-01-26 21:03:40 +0000 (Thu, 26 Jan 2017)
New Revision: 48436

Modified:
   data/CVE/list
Log:
Mark CVE-2016-840{1,2,3,4,6,7} as undetermined for src:linux

Unfortunately the Android advisory does not give much details, just a
"information disclosure vulnerablity" in the kernel components. For
CVE-2016-8405 a commit is associated, for the other CVE's still details
are unclear. Thus for now mark those as undetermined and do not yet
track them in kernel-sec repository.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-26 21:01:13 UTC (rev 48435)
+++ data/CVE/list	2017-01-26 21:03:40 UTC (rev 48436)
@@ -17197,20 +17197,20 @@
 CVE-2016-8408 (An information disclosure vulnerability in the NVIDIA video driver ...)
 	NOT-FOR-US: NVIDIA driver for Android
 CVE-2016-8407 (An information disclosure vulnerability in kernel components including ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2016-8406 (An information disclosure vulnerability in kernel components including ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2016-8405 (An information disclosure vulnerability in kernel components including ...)
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/2dc705a9930b4806250fbf5a76e55266e59389f2
 CVE-2016-8404 (An information disclosure vulnerability in kernel components including ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2016-8403 (An information disclosure vulnerability in kernel components including ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2016-8402 (An information disclosure vulnerability in kernel components including ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2016-8401 (An information disclosure vulnerability in kernel components including ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2016-8400 (An information disclosure vulnerability in the NVIDIA librm library ...)
 	NOT-FOR-US: NVIDIA driver for Android
 CVE-2016-8399 (An elevation of privilege vulnerability in the kernel networking ...)

More information about the Secure-testing-commits mailing list