[kernel-sec-discuss] r3652 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jan 26 23:30:28 UTC 2015
Author: jmm
Date: 2015-01-26 23:30:28 +0000 (Mon, 26 Jan 2015)
New Revision: 3652
Added:
active/CVE-2013-7421
active/CVE-2014-9644
Log:
new crypto API issue
Added: active/CVE-2013-7421
===================================================================
--- active/CVE-2013-7421 (rev 0)
+++ active/CVE-2013-7421 2015-01-26 23:30:28 UTC (rev 3652)
@@ -0,0 +1,13 @@
+Description: crypto api unprivileged arbitrary module load
+References:
+Notes:
+ jmm> The thread at http://www.openwall.com/lists/oss-security/2015/01/24/4
+ jmm> provides some hairsplitting, but essentially CVE-2013-7421 and CVE-2014-9644 are identical
+Bugs:
+upstream: released (3.19-rc1) [5d26a105b5a73e5635eae0629b42fa0a90e07b7b, 4943ba16bbc2db05115707b3ff7b4874e9e3c560]
+2.6.32-upstream-stable: N/A "Introduced in 2.6.38"
+sid: needed
+3.2-wheezy-security:
+2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
+3.16-upstream-stable: needed
+3.2-upstream-stable:
Added: active/CVE-2014-9644
===================================================================
--- active/CVE-2014-9644 (rev 0)
+++ active/CVE-2014-9644 2015-01-26 23:30:28 UTC (rev 3652)
@@ -0,0 +1,13 @@
+Description: crypto api unprivileged arbitrary module load
+References:
+Notes:
+ jmm> The thread at http://www.openwall.com/lists/oss-security/2015/01/24/4
+ jmm> provides some hairsplitting, but essentially CVE-2013-7421 and CVE-2014-9644 are identical
+Bugs:
+upstream: released (3.19-rc1) [5d26a105b5a73e5635eae0629b42fa0a90e07b7b, 4943ba16bbc2db05115707b3ff7b4874e9e3c560]
+2.6.32-upstream-stable: N/A "Introduced in 2.6.38"
+sid: needed
+3.2-wheezy-security:
+2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
+3.16-upstream-stable: needed
+3.2-upstream-stable:
More information about the kernel-sec-discuss
mailing list