[Bug 737823] Re: CVE-2010-4529
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux-lts-backport-maverick (Ubuntu Hardy) Status: New = Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux-lts-backport-maverick (Ubuntu Dapper) Status: New = Won't Fix ** Changed in: linux-lts-backport-maverick (Ubuntu Karmic) Status: New = Won't Fix ** Changed in: linux (Ubuntu Dapper) Status: In Progress = Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
This bug was fixed in the package linux-mvl-dove - 2.6.32-417.34 --- linux-mvl-dove (2.6.32-417.34) maverick-proposed; urgency=low [ Herton R. Krzesinski ] * Release Tracking Bug - LP: #795153 [ Paolo Pisati ] * Rebased to 2.6.32-33.66 [ Ubuntu: 2.6.32-33.66 ] * Release Tracking Bug - LP: #794098 * Revert xhci: Fix full speed bInterval encoding. * Revert USB: xhci - fix math in xhci_get_endpoint_interval() * Revert USB: xhci - fix unsafe macro definitions [ Ubuntu: 2.6.32-33.65 ] * xhci: Fix full speed bInterval encoding. - LP: #792959 [ Ubuntu: 2.6.32-33.64 ] * Release Tracking Bug - LP: #789325 * SAUCE: (no-up) Fix up KVM: VMX: Fix host userspace gsbase corruption - LP: #787675 * SAUCE: vesafb: mtrr module parameter is uint, not bool - LP: #778043 * Revert (pre-stable): input: Support Clickpad devices in ClickZone mode - LP: #780588 * Revert GFS2: Fix writing to non-page aligned gfs2_quota structures - LP: #780588 * Revert mmc: build fix: mmc_pm_notify is only available with CONFIG_PM=y - LP: #780588 * Revert mmc: fix all hangs related to mmc/sd card insert/removal during suspend/resume - LP: #780588 * Revert econet: fix CVE-2010-3848 - LP: #780588 * Revert dell-laptop: Add another Dell laptop family to the DMI whitelist - LP: #780588 * Revert dell-laptop: Add another Dell laptop family to the DMI whitelist - LP: #780588 * Revert xen: set max_pfn_mapped to the last pfn mapped * cifs: always do is_path_accessible check in cifs_mount - LP: #770050 * video: sn9c102: world-wirtable sysfs files - LP: #770050 * UBIFS: restrict world-writable debugfs files - LP: #770050 * NET: cdc-phonet, handle empty phonet header - LP: #770050 * x86: Fix a bogus unwind annotation in lib/semaphore_32.S - LP: #770050 * tioca: Fix assignment from incompatible pointer warnings - LP: #770050 * mca.c: Fix cast from integer to pointer warning - LP: #770050 * ramfs: fix memleak on no-mmu arch - LP: #770050 * MAINTAINERS: update STABLE BRANCH info - LP: #770050 * UBIFS: fix oops when R/O file-system is fsync'ed - LP: #770050 * x86, cpu: AMD errata checking framework - LP: #770050 * x86, cpu: Clean up AMD erratum 400 workaround - LP: #770050 * x86, AMD: Set ARAT feature on AMD processors - LP: #770050 * x86, amd: Disable GartTlbWlkErr when BIOS forgets it - LP: #770050 * USB: ftdi_sio: Added IDs for CTI USB Serial Devices - LP: #770050 * USB: ftdi_sio: add PID for OCT DK201 docking station - LP: #770050 * USB: ftdi_sio: add ids for Hameg HO720 and HO730 - LP: #770050 * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP - LP: #770050 * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem. - LP: #770050 * next_pidmap: fix overflow condition - LP: #770050 * proc: do proper range check on readdir offset - LP: #770050 * USB: EHCI: unlink unused QHs when the controller is stopped - LP: #770050 * USB: fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices - LP: #770050 * USB: xhci - fix unsafe macro definitions - LP: #770050 * USB: xhci - fix math in xhci_get_endpoint_interval() - LP: #770050 * x86, cpu: Fix regression in AMD errata checking code - LP: #770050 * Linux 2.6.32.39 - LP: #770050 * fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017 - LP: #771382 - CVE-2011-1017 * drm/i915: set DIDL using the ACPI video output device _ADR method return. - LP: #775547 * drm/radeon/kms: MC vram map needs to be = pci aperture size - LP: #775547 * drm/radeon/kms: make sure blit addr masks are 64 bit - LP: #775547 * drm/radeon/kms: fix handling of tex lookup disable in cs checker on r2xx - LP: #775547 * drm/i915: Free hardware status page on unload when physically mapped - LP: #775547 * drm/i915/overlay: Ensure that the reg_bo is in the GTT prior to writing. - LP: #775547 * drm/radeon/kms/atom: set sane defaults in atombios_get_encoder_mode() - LP: #775547 * drm/radeon/kms: fix typos in disabled vbios code - LP: #775547 * drm/radeon/kms: add workaround for dce3 ddc line vbios bug - LP: #775547 * drm/radeon/kms: fix interlaced and doublescan handling - LP: #775547 * drm/i915/sdvo: Always add a 30ms delay to make SDVO TV detection reliable - LP: #775547 * drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP - LP: #775547 * drm/ttm: Fix two race conditions + fix busy codepaths - LP: #775547 * drm/i915: overlay on gen2 can't address above 1G - LP: #775547 * drm/i915: fix memory corruption with GM965 and 4GB RAM - LP: #775547 * drm/radeon: add quirk to make HP nx6125 laptop resume. - LP: #775547 * drm/radeon/kms: add quirk to make HP DV5000 laptop
[Bug 737823] Re: CVE-2010-4529
This bug was fixed in the package linux-fsl-imx51 - 2.6.31-609.26 --- linux-fsl-imx51 (2.6.31-609.26) lucid; urgency=low [ Paolo Pisati ] * Tracking bug - LP: #795219 * [Config] Disable parport_pc on fsl-imx51 - LP: #601226 [ Upstream Kernel Changes ] * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory - LP: #712723, #712737 * can-bcm: fix minor heap overflow - LP: #710680 * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory - LP: #712744 * gdth: integer overflow in ioctl - LP: #711797 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #711045 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * net: Truncate recvfrom and sendto length to INT_MAX. - LP: #708839 * posix-cpu-timers: workaround to suppress the problems with mt exec - LP: #712609 * sys_semctl: fix kernel stack leakage - LP: #712749 * x25: Patch to fix bug 15678 - x25 accesses fields beyond end of packet. - LP: #709372 * memory corruption in X.25 facilities parsing - LP: #709372 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017 - LP: #771382 - CVE-2011-1017 * net: clear heap allocations for privileged ethtool actions - LP: #771445 * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code - LP: #772543 * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo - LP: #772543 * exec: make argv/envp memory visible to oom-killer - LP: #768408 * next_pidmap: fix overflow condition - LP: #784727 * proc: do proper range check on readdir offset - LP: #784727 * mpt2sas: prevent heap overflows and unchecked reads - LP: #787145 * agp: fix arbitrary kernel memory writes - LP: #788684 * can: add missing socket check in can/raw release - LP: #788694 * agp: fix OOM and buffer overflow - LP: #788700 * do_exit(): make sure that we run with get_fs() == USER_DS - CVE-2010-4258 - LP: #723945 - CVE-2010-4258 * x25: Prevent crashing when parsing bad X.25 facilities - CVE-2010-4164 - LP: #731199 - CVE-2010-4164 * install_special_mapping skips security_file_mmap check - CVE-2010-4346 - LP: #731971 - CVE-2010-4346 * econet: Fix crash in aun_incoming() - CVE-2010-4342 - LP: #736394 - CVE-2010-4342 * sound: Prevent buffer overflow in OSS load_mixer_volumes - CVE-2010-4527 - LP: #737073 - CVE-2010-4527 * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529 - LP: #737823 - CVE-2010-4529 * CAN: Use inode instead of kernel address for /proc file - CVE-2010-4565 - LP: #765007 - CVE-2010-4565 * av7110: check for negative array offset - CVE-2011-0521 - LP: #767526 - CVE-2011-0521 * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 - CVE-2011-0711 - LP: #767740 - CVE-2011-0711 * xfs: zero proper structure size for geometry calls - CVE-2011-0711 - LP: #767740 - CVE-2011-0711 * ALSA: caiaq - Fix possible string-buffer overflow - CVE-2011-0712 - LP: #768448 - CVE-2011-0712 * RDMA/cma: Fix crash in request handlers - CVE-2011-0695 - LP: #770369 - CVE-2011-0695 * IB/cm: Bump reference count on cm_id before invoking callback - CVE-2011-0695 - LP: #770369 - CVE-2011-0695 * Treat writes as new when holes span across page boundaries - CVE-2011-0463 - LP: #770483 - CVE-2011-0463 * usb: iowarrior: don't trust report_size for buffer size - CVE-2010-4656 - LP: #771484 - CVE-2010-4656 * tty: icount changeover for other main devices, CVE-2010-4076, CVE-2010-4077 - LP: #720189 - CVE-2010-4077 -- Paolo Pisati paolo.pis...@canonical.com Fri, 27 May 2011 18:09:53 +0200 ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Status: In Progress = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3880 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4076 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4077 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4258 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4565 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4656 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-0463 ** CVE added: http://www.cve.mitre.org/cgi-
[Bug 737823] Re: CVE-2010-4529
This bug was fixed in the package linux-mvl-dove - 2.6.32-217.34 --- linux-mvl-dove (2.6.32-217.34) lucid-proposed; urgency=low [ Herton R. Krzesinski ] * Release Tracking Bug - LP: #794695 [ Paolo Pisati ] * Rebased to 2.6.32-33.66 [ Ubuntu: 2.6.32-33.66 ] * Release Tracking Bug - LP: #794098 * Revert xhci: Fix full speed bInterval encoding. * Revert USB: xhci - fix math in xhci_get_endpoint_interval() * Revert USB: xhci - fix unsafe macro definitions [ Ubuntu: 2.6.32-33.65 ] * xhci: Fix full speed bInterval encoding. - LP: #792959 [ Ubuntu: 2.6.32-33.64 ] * Release Tracking Bug - LP: #789325 * SAUCE: (no-up) Fix up KVM: VMX: Fix host userspace gsbase corruption - LP: #787675 * SAUCE: vesafb: mtrr module parameter is uint, not bool - LP: #778043 * Revert (pre-stable): input: Support Clickpad devices in ClickZone mode - LP: #780588 * Revert GFS2: Fix writing to non-page aligned gfs2_quota structures - LP: #780588 * Revert mmc: build fix: mmc_pm_notify is only available with CONFIG_PM=y - LP: #780588 * Revert mmc: fix all hangs related to mmc/sd card insert/removal during suspend/resume - LP: #780588 * Revert econet: fix CVE-2010-3848 - LP: #780588 * Revert dell-laptop: Add another Dell laptop family to the DMI whitelist - LP: #780588 * Revert dell-laptop: Add another Dell laptop family to the DMI whitelist - LP: #780588 * Revert xen: set max_pfn_mapped to the last pfn mapped * cifs: always do is_path_accessible check in cifs_mount - LP: #770050 * video: sn9c102: world-wirtable sysfs files - LP: #770050 * UBIFS: restrict world-writable debugfs files - LP: #770050 * NET: cdc-phonet, handle empty phonet header - LP: #770050 * x86: Fix a bogus unwind annotation in lib/semaphore_32.S - LP: #770050 * tioca: Fix assignment from incompatible pointer warnings - LP: #770050 * mca.c: Fix cast from integer to pointer warning - LP: #770050 * ramfs: fix memleak on no-mmu arch - LP: #770050 * MAINTAINERS: update STABLE BRANCH info - LP: #770050 * UBIFS: fix oops when R/O file-system is fsync'ed - LP: #770050 * x86, cpu: AMD errata checking framework - LP: #770050 * x86, cpu: Clean up AMD erratum 400 workaround - LP: #770050 * x86, AMD: Set ARAT feature on AMD processors - LP: #770050 * x86, amd: Disable GartTlbWlkErr when BIOS forgets it - LP: #770050 * USB: ftdi_sio: Added IDs for CTI USB Serial Devices - LP: #770050 * USB: ftdi_sio: add PID for OCT DK201 docking station - LP: #770050 * USB: ftdi_sio: add ids for Hameg HO720 and HO730 - LP: #770050 * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP - LP: #770050 * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem. - LP: #770050 * next_pidmap: fix overflow condition - LP: #770050 * proc: do proper range check on readdir offset - LP: #770050 * USB: EHCI: unlink unused QHs when the controller is stopped - LP: #770050 * USB: fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices - LP: #770050 * USB: xhci - fix unsafe macro definitions - LP: #770050 * USB: xhci - fix math in xhci_get_endpoint_interval() - LP: #770050 * x86, cpu: Fix regression in AMD errata checking code - LP: #770050 * Linux 2.6.32.39 - LP: #770050 * fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017 - LP: #771382 - CVE-2011-1017 * drm/i915: set DIDL using the ACPI video output device _ADR method return. - LP: #775547 * drm/radeon/kms: MC vram map needs to be = pci aperture size - LP: #775547 * drm/radeon/kms: make sure blit addr masks are 64 bit - LP: #775547 * drm/radeon/kms: fix handling of tex lookup disable in cs checker on r2xx - LP: #775547 * drm/i915: Free hardware status page on unload when physically mapped - LP: #775547 * drm/i915/overlay: Ensure that the reg_bo is in the GTT prior to writing. - LP: #775547 * drm/radeon/kms/atom: set sane defaults in atombios_get_encoder_mode() - LP: #775547 * drm/radeon/kms: fix typos in disabled vbios code - LP: #775547 * drm/radeon/kms: add workaround for dce3 ddc line vbios bug - LP: #775547 * drm/radeon/kms: fix interlaced and doublescan handling - LP: #775547 * drm/i915/sdvo: Always add a 30ms delay to make SDVO TV detection reliable - LP: #775547 * drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP - LP: #775547 * drm/ttm: Fix two race conditions + fix busy codepaths - LP: #775547 * drm/i915: overlay on gen2 can't address above 1G - LP: #775547 * drm/i915: fix memory corruption with GM965 and 4GB RAM - LP: #775547 * drm/radeon: add quirk to make HP nx6125 laptop resume. - LP: #775547 * drm/radeon/kms: add quirk to make HP DV5000 laptop resume
[Bug 737823] Re: CVE-2010-4529
** Branch linked: lp:ubuntu/lucid-proposed/linux-mvl-dove -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Branch linked: lp:ubuntu/maverick-proposed/linux-mvl-dove -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
karmic is EOL ** Changed in: linux-fsl-imx51 (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Maverick) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Karmic) Status: New = Won't Fix ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Assignee: (unassigned) = Paolo Pisati (p-pisati) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
This bug was fixed in the package linux - 2.6.24-29.89 --- linux (2.6.24-29.89) hardy-proposed; urgency=low [ Steve Conklin ] * Release Tracking Bug - LP: #768380 [Tim Gardner] * [Config] remove generated files [Upstream Kernel Changes] * econet: Fix crash in aun_incoming(). CVE-2010-4342 - LP: #736394 - CVE-2010-4342 * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527 - LP: #737073 - CVE-2010-4527 * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529 - LP: #737823 - CVE-2010-4529 * av7110: check for negative array offset, CVE-2011-0521 - LP: #767526 - CVE-2011-0521 * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1, CVE-2011-0711 - LP: #767740 - CVE-2011-0711 -- Steve Conklin sconk...@canonical.com Thu, 21 Apr 2011 09:28:26 -0500 ** Changed in: linux (Ubuntu Hardy) Status: In Progress = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-0521 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-0711 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux-mvl-dove (Ubuntu Lucid) Status: New = In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux (Ubuntu Lucid) Status: In Progress = Fix Released ** Changed in: linux (Ubuntu Maverick) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Branch linked: lp:ubuntu/lucid-proposed/linux-ec2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Tags added: kernel-cve-tracking-bug -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.22 --- linux-ti-omap4 (2.6.35-903.22) maverick; urgency=low [ Paolo Pisati ] * Release Tracking Bug - LP: #744250 [ Upstream Kernel Changes ] * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open(), CVE-2010-3080 - CVE-2010-3080 * tracing: t_start: reset FTRACE_ITER_HASH in case of seek/pread, CVE-2010-3079 - CVE-2010-3079 * KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyring, CVE-2010-2960 - CVE-2010-2960 * drm/i915: Sanity check pread/pwrite, CVE-2010-2962 - CVE-2010-2962 * do_exit(): make sure that we run with get_fs() == USER_DS, CVE-2010-3849 - CVE-2010-3849 * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849 - CVE-2010-3849 * econet: fix CVE-2010-3850 - CVE-2010-3850 * econet: fix CVE-2010-3848 - CVE-2010-3848 * compat: Make compat_alloc_user_space() incorporate the access_ok(), CVE-2010-3081 - CVE-2010-3081 * irda: Correctly clean up self-ias_obj on irda_bind() failure., CVE-2010-2954 - CVE-2010-2954 * wireless extensions: fix kernel heap content leak, CVE-2010-2955 - CVE-2010-2955 * KEYS: Fix RCU no-lock warning in keyctl_session_to_parent(), CVE-2010-2960 - CVE-2010-2960 * Fix pktcdvd ioctl dev_minor range check, CVE-2010-3437 - CVE-2010-3437 * Fix out-of-bounds reading in sctp_asoc_get_hmac(), CVE-2010-3705 - CVE-2010-3705 * ocfs2: Don't walk off the end of fast symlinks., CVE-2010-NNN2 - CVE-2010-NNN2 * v4l: disable dangerous buggy compat function, CVE-2010-2963 - CVE-2010-2963 * Local privilege escalation vulnerability in RDS sockets, CVE-2010-3904 - CVE-2010-3904 * net: clear heap allocation for ETHTOOL_GRXCLSRLALL, CVE-2010-3861 - CVE-2010-3861 * ipc: shm: fix information leak to userland, CVE-2010-4072 - CVE-2010-4072 * tcp: Increase TCP_MAXSEG socket option minimum., CVE-2010-4165 - CVE-2010-4165 * af_unix: limit unix_tot_inflight, CVE-2010-4249 - CVE-2010-4249 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * filter: make sure filters dont read uninitialized memory, CVE-2010-4158 - LP: #721282 - CVE-2010-4158 * econet: Fix crash in aun_incoming(). CVE-2010-4342 - LP: #736394 - CVE-2010-4342 * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527 - LP: #737073 - CVE-2010-4527 * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529 - LP: #737823 - CVE-2010-4529 * x25: Prevent crashing when parsing bad X.25 facilities, CVE-2010-4164, CVE-2010-3873 - LP: #731199 - CVE-2010-3873 * install_special_mapping skips security_file_mmap check., CVE-2010-4346 - LP: #731971 - CVE-2010-4346 -- Tim Gardner tim.gard...@canonical.com Wed, 02 Feb 2011 21:45:27 + ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2954 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2955 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2960 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2962 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2963 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3079 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3080 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3081 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3437 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3705 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3848 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3849 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3850 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3861 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3865 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3873 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3875 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3876 ** CVE added: http://www.cve.mitre.org/cgi-
[Bug 737823] Re: CVE-2010-4529
** Branch linked: lp:ubuntu/maverick-proposed/linux-ti-omap4 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux-fsl-imx51 (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-lts-backport-maverick (Ubuntu Natty) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux-ti-omap4 (Ubuntu Maverick) Assignee: (unassigned) = Paolo Pisati (p-pisati) ** Changed in: linux-ti-omap4 (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Karmic) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Lucid) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: New = In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux-mvl-dove (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Karmic) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Lucid) Assignee: (unassigned) = Paolo Pisati (p-pisati) ** Changed in: linux-mvl-dove (Ubuntu Maverick) Assignee: (unassigned) = Paolo Pisati (p-pisati) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Description changed: - Placeholder + Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in + the Linux kernel before 2.6.37 on platforms other than x86 allows local + users to obtain potentially sensitive information from kernel heap memory + via an IRLMP_ENUMDEVICES getsockopt call. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Patch added: lucid.patch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+attachment/1927762/+files/0001-irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES-.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Patch added: hardy.patch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+attachment/1927790/+files/0001-irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES-.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Patch added: dapper.patch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+attachment/1927791/+files/0001-irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES-.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Patch added: maverick.patch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+attachment/1927761/+files/0001-irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES-.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Patch added: karmic.patch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/737823/+attachment/1927781/+files/0001-irda-prevent-integer-underflow-in-IRLMP_ENUMDEVICES-.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 737823] Re: CVE-2010-4529
** Changed in: linux (Ubuntu Natty) Status: New = Invalid ** Changed in: linux (Ubuntu Maverick) Importance: Undecided = Low ** Changed in: linux (Ubuntu Maverick) Status: New = In Progress ** Changed in: linux (Ubuntu Maverick) Assignee: (unassigned) = Leann Ogasawara (leannogasawara) ** Changed in: linux (Ubuntu Lucid) Importance: Undecided = Low ** Changed in: linux (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux (Ubuntu Lucid) Assignee: (unassigned) = Leann Ogasawara (leannogasawara) ** Changed in: linux (Ubuntu Karmic) Importance: Undecided = Low ** Changed in: linux (Ubuntu Karmic) Status: New = In Progress ** Changed in: linux (Ubuntu Karmic) Assignee: (unassigned) = Leann Ogasawara (leannogasawara) ** Changed in: linux (Ubuntu Hardy) Importance: Undecided = Low ** Changed in: linux (Ubuntu Hardy) Status: New = In Progress ** Changed in: linux (Ubuntu Hardy) Assignee: (unassigned) = Leann Ogasawara (leannogasawara) ** Changed in: linux (Ubuntu Dapper) Importance: Undecided = Low ** Changed in: linux (Ubuntu Dapper) Status: New = In Progress ** Changed in: linux (Ubuntu Dapper) Assignee: (unassigned) = Leann Ogasawara (leannogasawara) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/737823 Title: CVE-2010-4529 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs