** Changed in: linux-armadaxp (Ubuntu Precise)
Status: New => Fix Committed
** Changed in: linux-armadaxp (Ubuntu Quantal)
Status: New => Fix Released
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: New => Invalid
** Changed in: linux (Ubuntu Lucid)
Status: New => Invalid
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New => Fix Committed
** Changed in: linux-ti-omap4 (Ubuntu Saucy)
Status: New => Fix Committed
** Changed in: linux-ti-omap4 (Ubuntu Quantal)
Status: New => Fix Committed
** Changed in: linux-ti-omap4 (Ubuntu Raring)
Status: New => Fix Committed
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: Fix Committed => Fix Released
** Description changed:
The flaw is an unauthenticated remote heap buffer overflow in the Linux
iSCSI target subsystem. If there is a target configured and listening on
the network, a remote attacker can corrupt heap memory, and almost
certainly gain kernel execution control. I only got as far as proving it
would Oops the server. A reproduction case requires patching open-iscsi
to send overly large keys. Performing discovery in a loop will Oops the
remote server. Attached is a proposed fix, and the patch I used in open-
iscsi to trigger it. Thanks in advance for your cooperation in
coordinating a fix for this issue,
+
+ Break-Fix: e48354ce078c079996f89d715dfa44814b4eba01 local-2013-2850
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1185990
Title:
CVE-2013-2850
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1185990/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
