*** This bug is a security vulnerability *** Public security bug reported:
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument. ** Affects: linux (Ubuntu) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Lucid) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Lucid) Importance: Medium Status: New ** Affects: linux-fsl-imx51 (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Lucid) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Lucid) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-ec2 (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Precise) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Precise) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-lts-raring (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-lts-saucy (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-mvl-dove (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux (Ubuntu Trusty) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Utopic) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Utopic) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Utopic) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Utopic) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Utopic) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Utopic) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Utopic) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Utopic) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Utopic) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Utopic) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Utopic) Importance: Medium Status: Invalid ** Tags: kernel-cve-tracking-bug ** Tags added: kernel-cve-tracking-bug ** Information type changed from Public to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2597 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1364516 Title: CVE-2013-2597 Status in “linux” package in Ubuntu: New Status in “linux-armadaxp” package in Ubuntu: Invalid Status in “linux-ec2” package in Ubuntu: Invalid Status in “linux-fsl-imx51” package in Ubuntu: Invalid Status in “linux-lts-backport-maverick” package in Ubuntu: New Status in “linux-lts-backport-natty” package in Ubuntu: New Status in “linux-lts-quantal” package in Ubuntu: Invalid Status in “linux-lts-raring” package in Ubuntu: Invalid Status in “linux-lts-saucy” package in Ubuntu: Invalid Status in “linux-mvl-dove” package in Ubuntu: Invalid Status in “linux-ti-omap4” package in Ubuntu: Invalid Status in “linux” source package in Lucid: New Status in “linux-armadaxp” source package in Lucid: Invalid Status in “linux-ec2” source package in Lucid: New Status in “linux-fsl-imx51” source package in Lucid: Invalid Status in “linux-lts-backport-maverick” source package in Lucid: New Status in “linux-lts-backport-natty” source package in Lucid: New Status in “linux-lts-quantal” source package in Lucid: Invalid Status in “linux-lts-raring” source package in Lucid: Invalid Status in “linux-lts-saucy” source package in Lucid: Invalid Status in “linux-mvl-dove” source package in Lucid: Invalid Status in “linux-ti-omap4” source package in Lucid: Invalid Status in “linux” source package in Precise: New Status in “linux-armadaxp” source package in Precise: New Status in “linux-ec2” source package in Precise: Invalid Status in “linux-fsl-imx51” source package in Precise: Invalid Status in “linux-lts-backport-maverick” source package in Precise: New Status in “linux-lts-backport-natty” source package in Precise: New Status in “linux-lts-quantal” source package in Precise: New Status in “linux-lts-raring” source package in Precise: New Status in “linux-lts-saucy” source package in Precise: New Status in “linux-mvl-dove” source package in Precise: Invalid Status in “linux-ti-omap4” source package in Precise: New Status in “linux” source package in Trusty: New Status in “linux-armadaxp” source package in Trusty: Invalid Status in “linux-ec2” source package in Trusty: Invalid Status in “linux-fsl-imx51” source package in Trusty: Invalid Status in “linux-lts-backport-maverick” source package in Trusty: New Status in “linux-lts-backport-natty” source package in Trusty: New Status in “linux-lts-quantal” source package in Trusty: Invalid Status in “linux-lts-raring” source package in Trusty: Invalid Status in “linux-lts-saucy” source package in Trusty: Invalid Status in “linux-mvl-dove” source package in Trusty: Invalid Status in “linux-ti-omap4” source package in Trusty: Invalid Status in “linux” source package in Utopic: New Status in “linux-armadaxp” source package in Utopic: Invalid Status in “linux-ec2” source package in Utopic: Invalid Status in “linux-fsl-imx51” source package in Utopic: Invalid Status in “linux-lts-backport-maverick” source package in Utopic: New Status in “linux-lts-backport-natty” source package in Utopic: New Status in “linux-lts-quantal” source package in Utopic: Invalid Status in “linux-lts-raring” source package in Utopic: Invalid Status in “linux-lts-saucy” source package in Utopic: Invalid Status in “linux-mvl-dove” source package in Utopic: Invalid Status in “linux-ti-omap4” source package in Utopic: Invalid Bug description: Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1364516/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp