This bug was fixed in the package linux - 2.6.24-28.86
---------------
linux (2.6.24-28.86) hardy-proposed; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #716166
[Tim Gardner]
* xen unified block-device I/O interface back end can orphan devices,
CVE-2010-3699
- LP: #708019
- CVE-2010-3699
[Upstream Kernel Changes]
* Hardy SRU: thinkpad-acpi: lock down video output state access,
CVE-2010-3448
- LP: #706999
- CVE-2010-3448
* net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859
- LP: #711855, #708839
- CVE-2010-4160
* net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859
- LP: #711855, #708839
- CVE-2010-4160
* net: ax25: fix information leak to userland, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: ax25: fix information leak to userland harder, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* memory corruption in X.25 facilities parsing, CVE-2010-3873
- LP: #709372
- CVE-2010-3873
* net: packet: fix information leak to userland, CVE-2010-3876
- LP: #710714
- CVE-2010-3876
* net: tipc: fix information leak to userland, CVE-2010-3877
- LP: #711291
- CVE-2010-3877
* KVM: VMX: fix vmx null pointer dereference on debug register access,
CVE-2010-0435
- LP: #712615
- CVE-2010-0435
* gdth: integer overflow in ioctl, CVE-2010-4157
- LP: #711797
- CVE-2010-4157
* posix-cpu-timers: workaround to suppress the problems with mt exec,
CVE-2010-4248
- LP: #712609
- CVE-2010-4248
* ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory,
CVE-2010-4080, CVE-2010-4081
- LP: #712723, #712737
- CVE-2010-4081
* sys_semctl: fix kernel stack leakage, CVE-2010-4083
- LP: #712749
- CVE-2010-4083
* inet_diag: Make sure we actually run the same bytecode we audited,
CVE-2010-3880
- LP: #711865
- CVE-2010-3880
linux (2.6.24-28.85) hardy-proposed; urgency=low
[ Brad Figg ]
* Tracking Bug
- LP: #708315
[Upstream Kernel Changes]
* ata_piix: IDE mode SATA patch for Intel ICH10 DeviceID's
- LP: #693401
* USB: serial/mos*: prevent reading uninitialized stack memory,
CVE-2010-4074
- LP: #706149
- CVE-2010-4074
* KVM: Fix fs/gs reload oops with invalid ldt
- LP: #707000
- CVE-2010-3698
* drivers/video/sis/sis_main.c: prevent reading uninitialized stack
memory, CVE-2010-4078
- LP: #707579
- CVE-2010-4078
* V4L/DVB: ivtvfb: prevent reading uninitialized stack memory,
CVE-2010-4079
- LP: #707649
- CVE-2010-4079
linux (2.6.24-28.84) hardy-proposed; urgency=low
[ Steve Conklin ]
* Tracking Bug
- LP: #698185
linux (2.6.24-28.83) hardy-proposed; urgency=low
[ Steve Conklin ]
* tracking bug moved from here to latest entry
linux (2.6.24-28.82) hardy-proposed; urgency=low
[ Leann Ogasawara ]
* Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
dereference"
* Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
* Revert "SAUCE: AF_ECONET prevent kernel stack overflow"
[Upstream Kernel Changes]
* xfs: validate untrusted inode numbers during lookup
- CVE-2010-2943
* xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
- CVE-2010-2943
* xfs: remove block number from inode lookup code
- CVE-2010-2943
* xfs: fix untrusted inode number lookup
- CVE-2010-2943
* drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack
memory
- CVE-2010-3296
* drivers/net/eql.c: prevent reading uninitialized stack memory
- CVE-2010-3297
* setup_arg_pages: diagnose excessive argument size
- CVE-2010-3858
* ipc: shm: fix information leak to userland
- CVE-2010-4072
* econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
- CVE-2010-3849
* econet: fix CVE-2010-3850
- CVE-2010-3850
* econet: fix CVE-2010-3848
- CVE-2010-3848
-- Brad Figg <[email protected]> Wed, 09 Feb 2011 15:14:25 -0800
** Changed in: linux (Ubuntu Hardy)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-0435
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2943
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3296
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3297
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3448
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3698
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3699
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3848
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3849
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3850
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3858
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3873
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3875
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3876
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3877
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3880
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4072
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4074
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4078
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4079
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4080
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4081
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4083
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4157
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4160
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4248
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/708839
Title:
CVE-2010-3859
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
