[Secure-testing-commits] r38333 - data/CVE

Salvatore Bonaccorso Tue, 15 Dec 2015 11:24:21 -0800

Author: carnil
Date: 2015-12-15 18:29:11 +0000 (Tue, 15 Dec 2015)
New Revision: 38333


Modified:
   data/CVE/list
Log:
Two CVEs assigned for qemu

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-12-15 18:26:09 UTC (rev 38332)
+++ data/CVE/list       2015-12-15 18:29:11 UTC (rev 38333)
@@ -5,11 +5,18 @@
        NOTE: Upstream commit (not yet in Linus tree): 
http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1
        NOTE: https://twitter.com/grsecurity/status/676744240802750464
        NOTE: https://lkml.org/lkml/2015/12/14/252
-CVE-2015-XXXX [net: vmxnet3: host memory leakage]
+CVE-2015-8568 [net: vmxnet3: host memory leakage -- did not free the transmit 
& receive buffers while deactivating]
        - qemu <unfixed>
        - qemu-kvm <removed>
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/12/15/4
+       NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html
+       NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
        TODO: check
+CVE-2015-8567 [net: vmxnet3: host memory leakage -- does not check if the 
device is active before activating it]
+       - qemu <unfixed>
+       - qemu-kvm <removed>
+       NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html
+       NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
+       TODO: check
 CVE-2015-8559 [knife bootstrap leaks validator privkey into system logs]
        - chef <unfixed>
        NOTE: https://github.com/chef/chef/issues/3871


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r38333 - data/CVE

Reply via email to