[kernel-sec-discuss] r3341 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu May 8 06:42:32 UTC 2014
Author: jmm
Date: 2014-05-08 06:42:32 +0000 (Thu, 08 May 2014)
New Revision: 3341
Added:
active/CVE-2014-1737
active/CVE-2014-1738
Log:
two floppy issues
Added: active/CVE-2014-1737
===================================================================
--- active/CVE-2014-1737 (rev 0)
+++ active/CVE-2014-1737 2014-05-08 06:42:32 UTC (rev 3341)
@@ -0,0 +1,10 @@
+Description: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
+References:
+Notes:
+Bugs:
+upstream: released (3.15-rc4) [ef87dbe7614341c2e7bfe8d32fcb7028cc97442c]
+2.6.32-upstream-stable: needed
+sid: needed
+3.2-wheezy-security: needed
+2.6.32-squeeze-security: needed
+3.2-upstream-stable: needed
Added: active/CVE-2014-1738
===================================================================
--- active/CVE-2014-1738 (rev 0)
+++ active/CVE-2014-1738 2014-05-08 06:42:32 UTC (rev 3341)
@@ -0,0 +1,10 @@
+Description: floppy: don't write kernel-only members to FDRAWCMD ioctl output
+References:
+Notes:
+Bugs:
+upstream: released (3.15-rc4) [2145e15e0557a01b9195d1c7199a1b92cb9be81f]
+2.6.32-upstream-stable: needed
+sid: needed
+3.2-wheezy-security: needed
+2.6.32-squeeze-security: needed
+3.2-upstream-stable: needed
More information about the kernel-sec-discuss
mailing list