[kernel-sec-discuss] r3409 - active

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Jun 27 09:27:29 UTC 2014


Author: jmm
Date: 2014-06-27 09:27:29 +0000 (Fri, 27 Jun 2014)
New Revision: 3409

Added:
   active/CVE-2014-4608
Log:
new lzo issue


Added: active/CVE-2014-4608
===================================================================
--- active/CVE-2014-4608	                        (rev 0)
+++ active/CVE-2014-4608	2014-06-27 09:27:29 UTC (rev 3409)
@@ -0,0 +1,11 @@
+Description: lzo integer overflow 
+References:
+Notes:
+ jmm> Not exploiable according to http://fastcompression.blogspot.fr/2014/06/debunking-lz4-20-years-old-bug-myth.html
+Bugs:
+upstream: pending [206a81c18401c0cde6e579164f752c4b147324ce]
+2.6.32-upstream-stable:
+sid:
+3.2-wheezy-security:
+2.6.32-squeeze-security:
+3.2-upstream-stable:




More information about the kernel-sec-discuss mailing list