[Bug 1156725] Re: CVE-2012-6538

John Johansen Fri, 22 Mar 2013 13:11:36 -0700

** Changed in: linux-ec2 (Ubuntu Lucid)
       Status: New => Invalid

** Changed in: linux (Ubuntu Lucid)
       Status: New => Invalid


** Changed in: linux (Ubuntu Hardy)
       Status: New => Invalid

** Description changed:

  The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux
  kernel before 3.6 uses an incorrect C library function for copying a
  string, which allows local users to obtain sensitive information from
  kernel heap memory by leveraging the CAP_NET_ADMIN capability.
  
- Break-Fix: - 4c87308bdea31a7b4828a51f6156e6f721a1fcc9
+ Break-Fix: 4447bb33f09444920a8f1d89e1540137429351b6
+ 4c87308bdea31a7b4828a51f6156e6f721a1fcc9

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1156725

Title:
  CVE-2012-6538

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1156725/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1156725] Re: CVE-2012-6538

Reply via email to