*** This bug is a security vulnerability ***
Public security bug reported:
The X.25 implementation in the Linux kernel before 2.6.36.2 does not
properly parse facilities, which allows remote attackers to cause a denial
of service (heap memory corruption and panic) or possibly have unspecified
other impact via malformed (1) X25_FAC_CALLING_AE or (2) X25_FAC_CALLED_AE
data, related to net/x25/x25_facilities.c and net/x25/x25_in.c, a different
vulnerability than CVE-2010-4164.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: linux (Ubuntu Lucid)
Importance: Undecided
Status: Fix Released
** Affects: linux (Ubuntu Maverick)
Importance: Undecided
Status: Fix Released
** Affects: linux (Ubuntu Natty)
Importance: Undecided
Status: Fix Released
** Affects: linux (Ubuntu Dapper)
Importance: Undecided
Assignee: Tim Gardner (timg-tpi)
Status: In Progress
** Affects: linux (Ubuntu Hardy)
Importance: Undecided
Assignee: Tim Gardner (timg-tpi)
Status: In Progress
** Affects: linux (Ubuntu Karmic)
Importance: Undecided
Assignee: Tim Gardner (timg-tpi)
Status: In Progress
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3873
** Also affects: linux (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Dapper)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Karmic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Natty)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Natty)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/709372
Title:
CVE-2010-3873
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
