[kernel-sec-discuss] r3344 - active
Ben Hutchings
benh at moszumanska.debian.org
Sat May 10 21:02:47 UTC 2014
Author: benh
Date: 2014-05-10 21:02:47 +0000 (Sat, 10 May 2014)
New Revision: 3344
Modified:
active/CVE-2014-0196
active/CVE-2014-1737
active/CVE-2014-1738
active/CVE-2014-2851
active/CVE-2014-3122
Log:
Update for patches pending in wheezy-security
Modified: active/CVE-2014-0196
===================================================================
--- active/CVE-2014-0196 2014-05-10 20:41:45 UTC (rev 3343)
+++ active/CVE-2014-0196 2014-05-10 21:02:47 UTC (rev 3344)
@@ -5,6 +5,6 @@
upstream: released (3.15-rc5) [4291086b1f081b869c6d79e5b7441633dc3ace00]
2.6.32-upstream-stable:
sid:
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.57-3+deb7u1) [bugfix/all/n_tty-Fix-n_tty_write-crash-when-echoing-in-raw-mode.patch]
2.6.32-squeeze-security:
3.2-upstream-stable:
Modified: active/CVE-2014-1737
===================================================================
--- active/CVE-2014-1737 2014-05-10 20:41:45 UTC (rev 3343)
+++ active/CVE-2014-1737 2014-05-10 21:02:47 UTC (rev 3344)
@@ -5,6 +5,6 @@
upstream: released (3.15-rc4) [ef87dbe7614341c2e7bfe8d32fcb7028cc97442c]
2.6.32-upstream-stable: needed
sid: needed
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.57-3+deb7u1) [bugfix/all/floppy-ignore-kernel-only-members-in-FDRAWCMD-ioctl-.patch]
2.6.32-squeeze-security: needed
3.2-upstream-stable: needed
Modified: active/CVE-2014-1738
===================================================================
--- active/CVE-2014-1738 2014-05-10 20:41:45 UTC (rev 3343)
+++ active/CVE-2014-1738 2014-05-10 21:02:47 UTC (rev 3344)
@@ -5,6 +5,6 @@
upstream: released (3.15-rc4) [2145e15e0557a01b9195d1c7199a1b92cb9be81f]
2.6.32-upstream-stable: needed
sid: needed
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.57-3+deb7u1) [bugfix/all/floppy-don-t-write-kernel-only-members-to-FDRAWCMD-i.patch]
2.6.32-squeeze-security: needed
3.2-upstream-stable: needed
Modified: active/CVE-2014-2851
===================================================================
--- active/CVE-2014-2851 2014-05-10 20:41:45 UTC (rev 3343)
+++ active/CVE-2014-2851 2014-05-10 21:02:47 UTC (rev 3344)
@@ -3,11 +3,12 @@
https://lkml.org/lkml/2014/4/10/736
Notes:
raphael: Appears to have been introduced with the support for IPPROTO_ICMP in 3.0-rc1
- bwh> This doesn't seem very serious as by default no-one can create ping sockets
+ bwh> Bug is in permission checks for creating ping sockets, so is exploitable
+ bwh> even though the default permissions prevent them being created.
Bugs:
upstream: released (3.15-rc2) [b04c46190219a4f845e46a459e3102137b7f6cac]
2.6.32-upstream-stable: N/A "Vulnerable code not present"
sid:
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.57-3+deb7u1) [bugfix/all/net-ipv4-current-group_info-should-be-put-after-usin.patch]
2.6.32-squeeze-security: N/A "Vulnerable code not present"
3.2-upstream-stable:
Modified: active/CVE-2014-3122
===================================================================
--- active/CVE-2014-3122 2014-05-10 20:41:45 UTC (rev 3343)
+++ active/CVE-2014-3122 2014-05-10 21:02:47 UTC (rev 3344)
@@ -5,6 +5,6 @@
upstream: released (3.15-rc1) [57e68e9cd65b4b8eb4045a1e0d0746458502554c]
2.6.32-upstream-stable: needed
sid: needed
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.57-3+deb7u1) [bugfix/all/mm-try_to_unmap_cluster-should-lock_page-before-mloc.patch]
2.6.32-squeeze-security: needed
3.2-upstream-stable: released (3.2.58)
More information about the kernel-sec-discuss
mailing list