** Description changed: - Ben Hutchings followed up with a patch that resolves a number of other - ROSE issues related to lack of size field validation, some of which may - also result in heap corruption. + The ROSE protocol implementation in the Linux kernel before 2.6.39 does + not verify that certain data-length values are consistent with the + amount of data sent, which might allow remote attackers to obtain + sensitive information from kernel memory or cause a denial of service + (out-of-bounds read) via crafted data to a ROSE socket. Break-Fix: - e0bccd315db0c2f919e7fcf9cb60db21d9986f52
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/912222 Title: CVE-2011-4914 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/912222/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
