lucid has seen the end of its life and is no longer receiving any
updates. Marking the lucid task for this ticket as "Won't Fix".
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-lts-backport-maverick in Ubuntu.
https://bugs.launchpad.net/bugs/784727
Title:
CVE-2011-1593
Status in linux package in Ubuntu:
Fix Released
Status in linux-fsl-imx51 package in Ubuntu:
Invalid
Status in linux-lts-backport-maverick package in Ubuntu:
Invalid
Status in linux-mvl-dove package in Ubuntu:
Invalid
Status in linux-ti-omap4 package in Ubuntu:
Fix Released
Status in linux source package in Lucid:
Fix Released
Status in linux-fsl-imx51 source package in Lucid:
Fix Released
Status in linux-lts-backport-maverick source package in Lucid:
Won't Fix
Status in linux-mvl-dove source package in Lucid:
Won't Fix
Status in linux-ti-omap4 source package in Lucid:
Invalid
Status in linux source package in Maverick:
Fix Released
Status in linux-fsl-imx51 source package in Maverick:
Invalid
Status in linux-lts-backport-maverick source package in Maverick:
Invalid
Status in linux-mvl-dove source package in Maverick:
Won't Fix
Status in linux-ti-omap4 source package in Maverick:
Won't Fix
Status in linux source package in Natty:
Fix Released
Status in linux-fsl-imx51 source package in Natty:
Invalid
Status in linux-lts-backport-maverick source package in Natty:
Invalid
Status in linux-mvl-dove source package in Natty:
Invalid
Status in linux-ti-omap4 source package in Natty:
Fix Released
Status in linux source package in Oneiric:
Fix Released
Status in linux-fsl-imx51 source package in Oneiric:
Invalid
Status in linux-lts-backport-maverick source package in Oneiric:
Invalid
Status in linux-mvl-dove source package in Oneiric:
Invalid
Status in linux-ti-omap4 source package in Oneiric:
Fix Released
Status in linux source package in Dapper:
Invalid
Status in linux-fsl-imx51 source package in Dapper:
Invalid
Status in linux-lts-backport-maverick source package in Dapper:
Invalid
Status in linux-mvl-dove source package in Dapper:
Invalid
Status in linux-ti-omap4 source package in Dapper:
Invalid
Status in linux source package in Hardy:
Fix Released
Status in linux-fsl-imx51 source package in Hardy:
Invalid
Status in linux-lts-backport-maverick source package in Hardy:
Invalid
Status in linux-mvl-dove source package in Hardy:
Invalid
Status in linux-ti-omap4 source package in Hardy:
Invalid
Bug description:
next_pidmap: fix overflow condition
next_pidmap() just quietly accepted whatever 'last' pid that was passed
in, which is not all that safe when one of the users is /proc.
Admittedly the proc code should do some sanity checking on the range
(and that will be the next commit), but that doesn't mean that the
helper functions should just do that pidmap pointer arithmetic without
checking the range of its arguments.
So clamp 'last' to PID_MAX_LIMIT. The fact that we then do "last+1"
doesn't really matter, the for-loop does check against the end of the
pidmap array properly (it's only the actual pointer arithmetic overflow
case we need to worry about, and going one bit beyond isn't going to
overflow).
---
proc: do proper range check on readdir offset
Rather than pass in some random truncated offset to the pid-related
functions, check that the offset is in range up-front.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/784727/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
