*** This bug is a security vulnerability ***
Public security bug reported:
Multiple integer overflows in the (1) pppol2tp_sendmsg function in
net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in
net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the
Linux kernel before 2.6.36.2 allow local users to cause a denial of service
(heap memory corruption and panic) or possibly gain privileges via a
crafted sendto call.
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Andy Whitcroft (apw)
Status: Invalid
** Affects: linux (Ubuntu Lucid)
Importance: Medium
Assignee: Andy Whitcroft (apw)
Status: Fix Released
** Affects: linux (Ubuntu Maverick)
Importance: Medium
Assignee: Andy Whitcroft (apw)
Status: Fix Released
** Affects: linux (Ubuntu Natty)
Importance: Medium
Assignee: Andy Whitcroft (apw)
Status: Invalid
** Affects: linux (Ubuntu Dapper)
Importance: Medium
Assignee: Andy Whitcroft (apw)
Status: Fix Committed
** Affects: linux (Ubuntu Hardy)
Importance: Medium
Assignee: Andy Whitcroft (apw)
Status: Fix Released
** Affects: linux (Ubuntu Karmic)
Importance: Medium
Assignee: Andy Whitcroft (apw)
Status: Fix Released
** Tags: kernel-cve-tracker
** Visibility changed to: Public
** Also affects: linux (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Karmic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Dapper)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Lucid)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/711855
Title:
CVE-2010-4160
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
