[kernel-sec-discuss] r3390 - active

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jun 16 06:26:21 UTC 2014


Author: jmm
Date: 2014-06-16 06:26:20 +0000 (Mon, 16 Jun 2014)
New Revision: 3390

Added:
   active/CVE-2014-1739
Log:
harmless info leak


Added: active/CVE-2014-1739
===================================================================
--- active/CVE-2014-1739	                        (rev 0)
+++ active/CVE-2014-1739	2014-06-16 06:26:20 UTC (rev 3390)
@@ -0,0 +1,11 @@
+Description: infoleak in ioctl media_enum_entities()
+References:
+Notes:
+ jmm> If /dev/media is world-readable, there's a far bigger info leak...
+Bugs:
+upstream: released (3.15-rc6) [e6a623460e5fc960ac3ee9f946d3106233fd28d8]
+2.6.32-upstream-stable: N/A "Affected code introduced in 2.6.38"
+sid: needed
+3.2-wheezy-security: needed
+2.6.32-squeeze-security: N/A "Affected code introduced in 2.6.38"
+3.2-upstream-stable: released (3.2.60)




More information about the kernel-sec-discuss mailing list