Triage linux/linux-2.6 issues

Various issues are in code we don't ship, or were fixed without a DSA.

Several unimportant, unfixed issues in linux-2.6 still apply to linux.


git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@36825 e39458fd-73e7-0310-bf30-c45bca0a0e42

11 files changed, 17 insertions, 6 deletions

diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index 86a033c0e8..f4769b27a2 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -5660,6 +5660,7 @@ CVE-2004-0231 (Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0,
 	{DSA-497}
 	- mc 1:4.6.0-4.6.1-pre1-2
 CVE-2004-0230 (TCP, when using a large Window Size, makes it easier for remote ...)
+	- linux <unfixed> (unimportant)
 	- linux-2.6 <unfixed> (unimportant)
 	- linux-2.6.24 <removed> (unimportant)
 	NOTE: the attack works with a certain non-negligible probability, but even
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index cebbdd9536..d7191c435c 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -2723,6 +2723,7 @@ CVE-2005-3662 (Off-by-one buffer overflow in pnmtopng before 2.39, when using th
 CVE-2005-3661 (Dell TrueMobile 2300 Wireless Broadband Router running firmware ...)
 	NOT-FOR-US: Dell hardware issue
 CVE-2005-3660 (Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ...)
+	- linux <unfixed> (unimportant)
 	- linux-2.6 <unfixed> (unimportant)
 	NOTE: Design limitation, for rare corner cases, where this poses a problem advanced
 	NOTE: resource management systems can be deployed
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index 8f12221b88..1a310d9e64 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -2519,8 +2519,10 @@ CVE-2006-XXXX [smb4k security issue]
 CVE-2006-6129 (Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2006-6128 (The ReiserFS functionality in Linux kernel 2.6.18, and possibly other ...)
-	- linux-2.6 <unfixed> (unimportant)
-	NOTE: Mounting filesystem partitions should be limited to root
+	- linux <not-affected> (Kernel rejects the malformed filesystem)
+	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <not-affected> (Kernel rejects the malformed filesystem)
+	NOTE: It's not obvious when or how this was fixed
 CVE-2006-6127 (Apple Mac OS X kernel allows local users to cause a denial of service ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2006-6126 (Apple Mac OS X allows local users to cause a denial of service (memory ...)
@@ -3463,7 +3465,7 @@ CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in tiki-featured_link.ph
 CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information ...)
 	- tikiwiki 1.9.6+dfsg-1 (medium)
 CVE-2006-5701 (Double free vulnerability in squashfs module in the Linux kernel ...)
-	- linux-2.6 <unfixed> (unimportant)
+	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- squashfs 1:3.1r2-6.1
 	NOTE: Mounting filesystem partitions should be limited to root
 CVE-2006-5700
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 434658f5d1..7c1053e0a8 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -7257,6 +7257,7 @@ CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives preference
 CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs scheduling ...)
 	- linux-2.6 <not-affected> (There's a separate ID for 2.6, see CVE-2007-3719)
 CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...)
+	- linux <unfixed> (unimportant)
 	- linux-2.6 <unfixed> (unimportant)
 	NOTE: This is the existing default behaviour of the scheduler, can be tuned
 	NOTE: to suit individual needs
diff --git a/data/CVE/2008.list b/data/CVE/2008.list
index 3ec9f57eac..a1c54c1c4b 100644
--- a/data/CVE/2008.list
+++ b/data/CVE/2008.list
@@ -6144,6 +6144,7 @@ CVE-2008-4610 (MPlayer allows remote attackers to cause a denial of service ...)
 	NOTE: just a crasher, no security implications known so far
 	NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
 CVE-2008-4609 (The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ...)
+	- linux <unfixed> (unimportant)
 	- linux-2.6 <unfixed> (unimportant)
 	- linux-2.6.24 <removed> (unimportant)
 	NOTE: this is a design flaw in TCP itself; maximum impact is a denial-of-service
diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index 019dd35ba9..0f523156a9 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -3062,9 +3062,8 @@ CVE-2009-3889 (The dbg_lvl file for the megaraid_sas driver in the Linux kernel
 	[lenny] - linux-2.6 2.6.26-21
 	- linux-2.6.24 <removed> (low)
 CVE-2009-3888 (The do_mmap_pgoff function in mm/nommu.c in the Linux kernel before ...)
-	- linux-2.6 <unfixed> (unimportant)
-	- linux-2.6.24 <unfixed> (unimportant)
-	NOTE: All Debian kernels have MMU support enabled
+	- linux-2.6 <not-affected> (Vulnerable code not built)
+	- linux-2.6.24 <not-affected> (Vulnerable code not built)
 CVE-2009-3887 [ytnef path traversal]
 	RESERVED
 	- ytnef <removed> (bug #567631)
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index b9590d97eb..db19a4fb8d 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -1737,6 +1737,7 @@ CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast Mana
 CVE-2010-4564
 	RESERVED
 CVE-2010-4563 (The Linux kernel, when using IPv6, allows remote attackers to ...)
+	- linux <unfixed> (unimportant)
 	- linux-2.6 <unfixed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2011/Apr/254
 CVE-2010-4562 (Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, ...)
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index eb699d064c..528deb3ee5 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -962,12 +962,14 @@ CVE-2011-4918 (Multiple cross-site scripting (XSS) vulnerabilities in Elxis CMS
 	NOT-FOR-US: Elxis CMS, Aphrodite
 CVE-2011-4917
 	RESERVED
+	- linux <unfixed> (unimportant)
 	- linux-2.6 <unfixed> (unimportant)
 	NOTE: Minor info leak, unlikely to be fixed upstream
 CVE-2011-4916
 	RESERVED
 CVE-2011-4915
 	RESERVED
+	- linux <unfixed> (unimportant)
 	- linux-2.6 <unfixed> (unimportant)
 	NOTE: Minor info leak, unlikely to be fixed upstream
 CVE-2011-4914 (The ROSE protocol implementation in the Linux kernel before 2.6.39 ...)
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index ae1a2a43db..e7400d7968 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -1145,6 +1145,7 @@ CVE-2013-7028
 	RESERVED
 CVE-2013-7027 (The ieee80211_radiotap_iterator_init function in ...)
 	- linux 3.11.7-1 (unimportant)
+	[wheezy] - linux 3.2.53-1
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Non-issue: https://bugzilla.redhat.com/show_bug.cgi?id=1040010#c1
 CVE-2013-7026 (Multiple race conditions in ipc/shm.c in the Linux kernel before ...)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index a35151f282..9459210c8d 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -13242,6 +13242,7 @@ CVE-2014-4608 (** DISPUTED ** Multiple integer overflows in the lzo1x_decompress
 	- linux 3.14.9-1 (unimportant)
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed> (unimportant)
+	[squeeze] - linux-2.6 2.6.32-48squeeze9
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=206a81c18401c0cde6e579164f752c4b147324ce
 	NOTE: Not exploitable with the block sizes used in kernel images
 CVE-2014-4607
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index dfc4fead34..a690a0b407 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -2468,6 +2468,7 @@ CVE-2015-6252 [linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD]
 	{DSA-3364-1}
 	- linux <unfixed>
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2015/8/10/375
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5 (v4.2-rc5)
 CVE-2015-6239