Author: gilbert-guest Date: 2009-09-23 18:31:17 +0000 (Wed, 23 Sep 2009) New Revision: 12875 Modified: data/CVE/list Log: another round of kernel issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-09-23 16:36:58 UTC (rev 12874) +++ data/CVE/list 2009-09-23 18:31:17 UTC (rev 12875) @@ -1,3 +1,18 @@ +CVE-2009-3290 [linux-2.6: exploatable priviledge escalation in hypercall] + - linux-2.6 <unfixed> (high) + [etch] - linux-2.6 <not-affected> (introduced in 2.6.25) + - linux-2.6.24 <removed> + [etch] - linux-2.6.24 <not-affected> (introduced in 2.6.25) + NOTE: fixed in upstream 2.6.31 +CVE-2009-3288 [linux-2.6: scsi null ptr dereference] + - linux-2.6 <unfixed> (medium) + [etch] - linux-2.6 <not-affected> (introduced in 2.6.28) + [lenny] - linux-2.6 <not-affected> (introduced in 2.6.28) + - linux-2.6.24 <removed> + [etch] - linux-2.6.24 <not-affected> (introduced in 2.6.28) +CVE-2009-3286 [linux-2.6: O_EXCL creates on NFSv4] + - linux-2.6 2.6.30-1 (low) + - linux-2.6.24 <removed> CVE-2009-3270 (Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote ...) NOT-FOR-US: Microsoft Internet Explorer 7 CVE-2009-3269 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)