[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720189/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux (Ubuntu Dapper) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720189/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.24 --- linux-ti-omap4 (2.6.35-903.24) maverick-proposed; urgency=low * Release tracking bug - LP: #838037 [ Upstream Kernel Changes ] * ipv6: make fragment identifications less predictable, CVE-2011-2699 - LP: #827685 - CVE-2011-2699 * perf: Fix software event overflow, CVE-2011-2918 - LP: #834121 - CVE-2011-2918 * proc: fix oops on invalid /proc/pid/maps access, CVE-2011-1020 - LP: #813026 - CVE-2011-1020 linux-ti-omap4 (2.6.35-903.23) maverick-proposed; urgency=low * Release tracking bug - LP: #829655 [ Upstream Kernel Changes ] * drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016 - LP: #745686 - CVE-2011-1016 * drm/radeon: fix regression with AA resolve checking, CVE-2011-1016 - LP: #745686 - CVE-2011-1016 * can-bcm: fix minor heap overflow - LP: #690730 * CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565 - LP: #765007 - CVE-2010-4565 * av7110: check for negative array offset - LP: #747520 * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1, CVE-2011-0711 - LP: #767740 - CVE-2011-0711 * ALSA: caiaq - Fix possible string-buffer overflow - LP: #747520 * IB/cm: Bump reference count on cm_id before invoking callback, CVE-2011-0695 - LP: #770369 - CVE-2011-0695 * RDMA/cma: Fix crash in request handlers, CVE-2011-0695 - LP: #770369 - CVE-2011-0695 * Treat writes as new when holes span across page boundaries, CVE-2011-0463 - LP: #770483 - CVE-2011-0463 * net: clear heap allocations for privileged ethtool actions - LP: #686158 * usb: iowarrior: don't trust report_size for buffer size - LP: #747520 * fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017 - LP: #771382 - CVE-2011-1017 * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code - LP: #747520 * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo - LP: #747520 * exec: make argv/envp memory visible to oom-killer - LP: #690730 * next_pidmap: fix overflow condition - LP: #772560 * proc: do proper range check on readdir offset - LP: #772560 * ALSA: sound/pci/asihpi: check adapter index in hpi_ioctl, CVE-2011-1169 - LP: #785331 - CVE-2011-1169 * mpt2sas: prevent heap overflows and unchecked reads, CVE-2011-1494 - LP: #787145 - CVE-2011-1494 * agp: fix arbitrary kernel memory writes, CVE-1011-2022 - LP: #788684 - CVE-1011-2022 * can: add missing socket check in can/raw release, CVE-2011-1748 - LP: #788694 - CVE-2011-1748 * agp: fix OOM and buffer overflow - LP: #788700 * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory - CVE-2010-3296 - CVE-2010-3296 * drivers/net/eql.c: prevent reading uninitialized stack memory - CVE-2010-3297 - CVE-2010-3297 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 * setup_arg_pages: diagnose excessive argument size - CVE-2010-3858 - LP: #672664 - CVE-2010-3858 * net: Truncate recvfrom and sendto length to INT_MAX - CVE-2010-3859 - LP: #690730 - CVE-2010-3859 * net: Limit socket I/O iovec total length to INT_MAX - CVE-2010-3859 - LP: #690730 - CVE-2010-3859 * ipc: initialize structure memory to zero for compat functions - CVE-2010-4073 - LP: #690730 - CVE-2010-4073 * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory - CVE-2010-4080, CVE-2010-4081 - LP: #672664 - CVE-2010-4080, CVE-2010-4081 * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory - CVE-2010-4082 - CVE-2010-4082 * sys_semctl: fix kernel stack leakage, CVE-2010-4083 - LP: #712749 - CVE-2010-4083 * gdth: integer overflow in ioctl - CVE-2010-4157 - LP: #686158 - CVE-2010-4157 * bio: take care not overflow page count when mapping/copying user data - CVE-2010-4162 - LP: #721441 - CVE-2010-4162 * bluetooth: Fix missing NULL check - CVE-2010-4242 - LP: #686158 * rds: Integer overflow in RDS cmsg handling, CVE-2010-4175 - LP: #721455 - CVE-2010-4175 * perf_events: Fix perf_counter_mmap() hook in mprotect() - CVE-2010-4169 - LP: #690730 - CVE-2010-4169 * block: check for proper length of iov entries in blk_rq_map_user_iov() - CVE-2010-4163 - LP: #690730 - CVE-2010-4163 * block: check for proper length of iov entries earlier in blk_rq_map_user_iov(), CVE-2010-4163 - LP: #721504 - CVE-2010-4163 * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel oops - LP: #795418 - CVE-2011-1577 * Fix corrupted OSF partition table parsing - LP: #796606 - CVE-2011-1163 * can: Add missing socket check in
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Branch linked: lp:ubuntu/maverick-proposed/linux-ti-omap4 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720189/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Branch linked: lp:ubuntu/lucid-proposed/linux-lts-backport-maverick -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720189/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720189/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Also affects: linux-ti-omap4 (Ubuntu) Importance: Undecided Status: New ** Changed in: linux-ti-omap4 (Ubuntu) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Karmic) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Lucid) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720189/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: New = In Progress ** Changed in: linux-ti-omap4 (Ubuntu Natty) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720189/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux (Ubuntu Hardy) Status: Confirmed = Fix Released ** Changed in: linux (Ubuntu Karmic) Status: Won't Fix = Fix Released ** Changed in: linux (Ubuntu Lucid) Status: Confirmed = Fix Released ** Changed in: linux (Ubuntu Maverick) Status: Confirmed = Fix Released ** Changed in: linux-lts-backport-maverick (Ubuntu Lucid) Status: Confirmed = Fix Released ** Changed in: linux-mvl-dove (Ubuntu Lucid) Status: New = Fix Released ** Changed in: linux-mvl-dove (Ubuntu Maverick) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux (Ubuntu Hardy) Status: Fix Released = Confirmed ** Changed in: linux (Ubuntu Karmic) Status: Fix Released = Confirmed ** Changed in: linux (Ubuntu Lucid) Status: Fix Released = Confirmed ** Changed in: linux-lts-backport-maverick (Ubuntu Lucid) Status: Fix Committed = Confirmed ** Changed in: linux-mvl-dove (Ubuntu Lucid) Status: Fix Released = New ** Changed in: linux-mvl-dove (Ubuntu Maverick) Status: Fix Released = New ** Changed in: linux (Ubuntu Karmic) Status: Confirmed = Won't Fix ** Changed in: linux (Ubuntu Maverick) Status: Fix Released = Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux-lts-backport-maverick (Ubuntu Lucid) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
This bug was fixed in the package linux - 2.6.24-29.88 --- linux (2.6.24-29.88) hardy-proposed; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #736290 [Steve Conklin] * Ubuntu-2.6.24-29.87 * [Config] Allow insertchanges to work in later version chroots [Upstream Kernel Changes] * do_exit(): make sure that we run with get_fs() == USER_DS, CVE-2010-4258 - LP: #723945 - CVE-2010-4258 * Make the bulkstat_one compat ioctl handling more sane - LP: #692848 * Fix xfs_bulkstat_one size checks error handling - LP: #692848 * xfs: always use iget in bulkstat - LP: #692848 * x25: Prevent crashing when parsing bad X.25 facilities CVE-2010-4164 - LP: #731199 - CVE-2010-4164 * Revised [CVE-2010-4346 Hardy] install_special_mapping skips security_file_mmap check. CVE-2010-4346 - LP: #731971 - CVE-2010-4346 linux (2.6.24-29.87) hardy-proposed; urgency=low [ Steve Conklin ] * Release Tracking Bug - LP: #725138 [Upstream Kernel Changes] * bluetooth: Fix missing NULL check, CVE-2010-4242 - LP: #714846 - CVE-2010-4242 * NFS: fix the return value of nfs_file_fsync() - LP: #585657 * bio: take care not overflow page count when mapping/copying user data, CVE-2010-4162 - LP: #721441 - CVE-2010-4162 * filter: make sure filters dont read uninitialized memory - LP: #721282 - CVE-2010-4158 * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077 - LP: #720189 - CVE-2010-4077 * block: check for proper length of iov entries earlier in blk_rq_map_user_iov(), CVE-2010-4163 - LP: #721504 - CVE-2010-4163 -- Brad Figg brad.f...@canonical.com Wed, 16 Mar 2011 09:43:35 -0700 ** Changed in: linux (Ubuntu Hardy) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4164 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4258 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4346 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
This bug was fixed in the package linux-mvl-dove - 2.6.32-416.33 --- linux-mvl-dove (2.6.32-416.33) maverick; urgency=low [ Ubuntu: 2.6.32-31.60 ] * Release Tracking Bug - LP: #734950 * SAUCE: Clear new_profile in error path - LP: #732700 * [Config] CONFIG_BOOT_PRINTK_DELAY=y - LP: #733191 * Revert drm/radeon/bo: add some fallback placements for VRAM only objects. - LP: #652934 * drm/radeon: fall back to GTT if bo creation/validation in VRAM fails. - LP: #652934 * drm/radeon/kms: Fix retrying ttm_bo_init() after it failed once. - LP: #652934 * xfs: always use iget in bulkstat - LP: #692848 * drm/radeon/kms: make the mac rv630 quirk generic - LP: #728687 * drm/radeon/kms: add pll debugging output - LP: #728687 * drm/radeon: remove 0x4243 pci id - LP: #728687 * drm/radeon/kms: fix s/r issues with bios scratch regs - LP: #728687 * drm/i915/lvds: Add AOpen i915GMm-HFS to the list of false-positive LVDS - LP: #728687 * drm/i915: Add dependency on CONFIG_TMPFS - LP: #728687 * Linux 2.6.32.29+drm33.14 - LP: #728687 * NFSD: memory corruption due to writing beyond the stat array - LP: #728687 * mptfusion: mptctl_release is required in mptctl.c - LP: #728687 * mptfusion: Fix Incorrect return value in mptscsih_dev_reset - LP: #728687 * ocfs2_connection_find() returns pointer to bad structure - LP: #728687 * x25: decrement netdev reference counts on unload - LP: #728687 * x86, hpet: Disable per-cpu hpet timer if ARAT is supported - LP: #728687 * OHCI: work around for nVidia shutdown problem - LP: #728687 * x86/pvclock: Zero last_value on resume - LP: #728687 * av7110: check for negative array offset - LP: #728687 * CRED: Fix get_task_cred() and task_state() to not resurrect dead credentials - LP: #728687 * bonding/vlan: Avoid mangled NAs on slaves without VLAN tag insertion - LP: #728687 * CRED: Fix kernel panic upon security_file_alloc() failure. - LP: #728687 * CRED: Fix BUG() upon security_cred_alloc_blank() failure - LP: #728687 * CRED: Fix memory and refcount leaks upon security_prepare_creds() failure - LP: #728687 * sendfile(): check f_op.splice_write() rather than f_op.sendpage() - LP: #728687 * isdn: hisax: Replace the bogus access to irq stats - LP: #728687 * ixgbe: add support for 82599 based Express Module X520-P2 - LP: #728687 * ixgbe: prevent speculative processing of descriptors before ready - LP: #728687 * scsi_dh_alua: add netapp to dev list - LP: #728687 * scsi_dh_alua: Add IBM Power Virtual SCSI ALUA device to dev list - LP: #728687 * dm raid1: fail writes if errors are not handled and log fails - LP: #728687 * GFS2: Fix bmap allocation corner-case bug - LP: #728687 * dm raid1: fix null pointer dereference in suspend - LP: #728687 * sunrpc/cache: fix module refcnt leak in a failure path - LP: #728687 * be2net: Maintain tx and rx counters in driver - LP: #728687 * tcp: Make TCP_MAXSEG minimum more correct. - LP: #728687 * nfsd: correctly handle return value from nfsd_map_name_to_* - LP: #728687 * s390: remove task_show_regs - LP: #728687 * PM / Hibernate: Return error code when alloc_image_page() fails - LP: #728687 * fs/partitions: Validate map_count in Mac partition tables - LP: #728687 * ALSA: HDA: Add position_fix quirk for an Asus device - LP: #718402, #728687 * ALSA: caiaq - Fix possible string-buffer overflow - LP: #728687 * radio-aimslab.c needs #include linux/delay.h - LP: #728687 * ARM: Ensure predictable endian state on signal handler entry - LP: #728687 * acer-wmi: Fix capitalisation of GUID - LP: #728687 * eCryptfs: Copy up lower inode attrs in getattr - LP: #728687 * platform: x86: acer-wmi: world-writable sysfs threeg file - LP: #728687 * platform: x86: asus_acpi: world-writable procfs files - LP: #728687 * platform: x86: tc1100-wmi: world-writable sysfs wireless and jogdial files - LP: #728687 * genirq: Disable the SHIRQ_DEBUG call in request_threaded_irq for now - LP: #728687 * usb: musb: omap2430: fix kernel panic on reboot - LP: #728687 * USB: add quirks entry for Keytouch QWERTY Panel - LP: #728687 * USB: Add Samsung SGH-I500/Android modem ID switch to visor driver - LP: #728687 * USB: Add quirk for Samsung Android phone modem - LP: #728687 * p54pci: update receive dma buffers before and after processing - LP: #728687 * sierra: add new ID for Airprime/Sierra USB IP modem - LP: #728687 * staging: usbip: vhci: update reference count for usb_device - LP: #728687 * staging: usbip: vhci: give back URBs from in-flight unlink requests - LP: #728687 * staging: usbip: vhci: refuse to enqueue for dead connections - LP: #728687 * staging: usbip: vhci: use urb-dev-portnum to find port
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Branch linked: lp:ubuntu/maverick-proposed/linux-mvl-dove ** Branch linked: lp:ubuntu/lucid-proposed/linux-mvl-dove -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Branch linked: lp:ubuntu/dapper-updates/linux-source-2.6.15 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
This bug was fixed in the package linux - 2.6.35-28.49 --- linux (2.6.35-28.49) maverick-proposed; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #726796 [ Colin Ian King ] * SAUCE: Dell All-In-One: Remove need for Dell module alias [ Manoj Iyer ] * SAUCE: add ricoh 0xe823 pci id. - LP: #717435 [ Upstream Kernel Changes ] * virtio_net: Add schedule check to napi_enable call - LP: #579276 * mmc: make sdhci work with ricoh mmc controller - LP: #717435 * NFS: fix the return value of nfs_file_fsync() - LP: #585657 * rt2x00: Pad beacon to multiple of 32 bits. - LP: #659143 * rt2x00: Fix firmware loading regression on x86_64. - LP: #659143 * rt2x00: Check for errors from skb_pad() calls - LP: #659143 * block: check for proper length of iov entries earlier in blk_rq_map_user_iov(), CVE-2010-4163 - LP: #721504 - CVE-2010-4163 * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077 - LP: #720189 - CVE-2010-4077 - CVE-2010-4076 * rds: Integer overflow in RDS cmsg handling, CVE-2010-4175 - LP: #721455 - CVE-2010-4175 -- Brad Figg brad.f...@canonical.com Mon, 28 Feb 2011 13:02:53 -0800 ** Changed in: linux (Ubuntu Maverick) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
This bug was fixed in the package linux - 2.6.31-23.74 --- linux (2.6.31-23.74) karmic-proposed; urgency=low [ Steve Conklin ] * Release Tracking Bug - LP: #725232 [ Upstream Kernel Changes ] * bluetooth: Fix missing NULL check, CVE-2010-4242 - LP: #714846 - CVE-2010-4242 * bio: take care not overflow page count when mapping/copying user data, CVE-2010-4162 - LP: #721441 - CVE-2010-4162 * filter: make sure filters dont read uninitialized memory - LP: #721282 - CVE-2010-4158 * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077 - LP: #720189 - CVE-2010-4077 * block: check for proper length of iov entries in blk_rq_map_user_iov(), CVE-2010-4163 - LP: #721504 - CVE-2010-4163 * block: check for proper length of iov entries earlier in blk_rq_map_user_iov(), CVE-2010-4163 - LP: #721504 - CVE-2010-4163 * rds: Integer overflow in RDS cmsg handling, CVE-2010-4175 - LP: #721455 - CVE-2010-4175 -- Steve Conklin conk...@canonical.com Fri, 25 Feb 2011 14:20:16 -0600 ** Changed in: linux (Ubuntu Karmic) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4158 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4162 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4163 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4175 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4242 ** Changed in: linux (Ubuntu Lucid) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
This bug was fixed in the package linux - 2.6.32-30.59 --- linux (2.6.32-30.59) lucid-proposed; urgency=low [ Steve Conklin ] * Release Tracking Bug - LP: #727336 [ Tim Gardner ] * [Config] CONFIG_IRQ_TIME_ACCOUNTING=n - LP: #723819 [ Upstream Kernel Changes ] * virtio_net: Add schedule check to napi_enable call - LP: #579276 * NFS: fix the return value of nfs_file_fsync() - LP: #585657 * block: check for proper length of iov entries earlier in blk_rq_map_user_iov(), CVE-2010-4163 - LP: #721504 - CVE-2010-4163 * filter: make sure filters dont read uninitialized memory - LP: #721282 - CVE-2010-4158 * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077 - LP: #720189 - CVE-2010-4077 * staging: usbip: remove double giveback of URB - LP: #723819 * USB: EHCI: ASPM quirk of ISOC on AMD SB800 - LP: #723819 * rt2x00: add device id for windy31 usb device - LP: #723819 * ALSA: snd-usb-us122l: Fix missing NULL checks - LP: #723819 * hwmon: (via686a) Initialize fan_div values - LP: #723819 * USB: serial: handle Data Carrier Detect changes - LP: #723819 * USB: CP210x Add two device IDs - LP: #723819 * USB: CP210x Removed incorrect device ID - LP: #723819 * USB: usb-storage: unusual_devs update for Cypress ATACB - LP: #723819 * USB: usb-storage: unusual_devs update for TrekStor DataStation maxi g.u external hard drive enclosure - LP: #723819 * USB: usb-storage: unusual_devs entry for CamSport Evo - LP: #723819 * USB: usb-storage: unusual_devs entry for Coby MP3 player - LP: #723819 * USB: serial: Updated support for ICOM devices - LP: #723819 * USB: adding USB support for Cinterion's HC2x, EU3 and PH8 products - LP: #723819 * USB: EHCI: ASPM quirk of ISOC on AMD Hudson - LP: #723819 * USB: EHCI: fix DMA deallocation bug - LP: #723819 * USB: g_printer: fix bug in module parameter definitions - LP: #723819 * USB: io_edgeport: fix the reported firmware major and minor - LP: #723819 * USB: ti_usb: fix module removal - LP: #723819 * USB: Storage: Add unusual_devs entry for VTech Kidizoom - LP: #723819 * USB: ftdi_sio: add ST Micro Connect Lite uart support - LP: #723819 * USB: cdc-acm: Adding second ACM channel support for Nokia N8 - LP: #723819 * USB: ftdi_sio: Add VID=0x0647, PID=0x0100 for Acton Research spectrograph - LP: #723819 * USB: prevent buggy hubs from crashing the USB stack - LP: #723819 * staging: comedi: add support for newer jr3 1-channel pci board - LP: #723819 * staging: comedi: ni_labpc: Use shared IRQ for PCMCIA card - LP: #723819 * Staging: hv: fix sysfs symlink on hv block device - LP: #723819 * staging: hv: Enable sending GARP packet after live migration - LP: #723819 * hvc_iucv: allocate memory buffers for IUCV in zone DMA - LP: #723819 * iwlagn: enable only rfkill interrupt when device is down - LP: #723819 * ath9k: Fix bug in delimiter padding computation - LP: #723819 * correct vdso version string - LP: #723819 * fix medium error problems with some arrays which can cause data corruption - LP: #723819 * libsas: fix runaway error handler problem - LP: #723819 * mpt2sas: Fix device removal handshake for zoned devices - LP: #723819 * mpt2sas: Correct resizing calculation for max_queue_depth - LP: #723819 * mpt2sas: Kernel Panic during Large Topology discovery - LP: #723819 * radio-aimslab.c: Fix gcc 4.5+ bug - LP: #723819 * em28xx: Fix audio input for Terratec Grabby - LP: #723819 * ALSA : au88x0 - Limit number of channels to fix Oops via OSS emu - LP: #723819 * ALSA: HDA: Fix dmesg output of HDMI supported bits - LP: #723819 * ALSA: hda - Fix memory leaks in conexant jack arrays - LP: #723819 * input: bcm5974: Add support for MacBookAir3 - LP: #723819 * ALSA: hrtimer: handle delayed timer interrupts - LP: #723819 * ASoC: WM8990: msleep() takes milliseconds not jiffies - LP: #723819 * ASoC: Blackfin AC97: fix build error after multi-component update - LP: #723819 * NFS: Fix kernel BUG at fs/aio.c:554! - LP: #723819 * rtc-cmos: fix suspend/resume - LP: #723819 * iwlagn: Re-enable RF_KILL interrupt when down - LP: #723819 * rapidio: fix hang on RapidIO doorbell queue full condition - LP: #723819 * PCI: pci-stub: ignore zero-length id parameters - LP: #723819 * virtio: remove virtio-pci root device - LP: #723819 * ds2760_battery: Fix calculation of time_to_empty_now - LP: #723819 * p54: fix sequence no. accounting off-by-one error - LP: #723819 * i2c: Unregister dummy devices last on adapter removal - LP: #723819 * serial: unbreak billionton CF card - LP: #723819 * ptrace: use safer wake up on ptrace_detach() - LP: #723819 * x86, mtrr: Avoid MTRR reprogramming on
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Branch linked: lp:ubuntu/dapper-proposed/linux-source-2.6.15 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Tags added: kernel-cve-tracker -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Branch linked: lp:ubuntu/lucid-proposed/linux-ec2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Branch linked: lp:ubuntu/karmic-proposed/linux-ec2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux (Ubuntu Maverick) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Lucid) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux (Ubuntu Hardy) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Karmic) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Dapper) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 720189] Re: CVE-2010-4076, CVE-2010-4077
** Changed in: linux (Ubuntu Maverick) Status: New = In Progress ** Changed in: linux (Ubuntu Maverick) Assignee: (unassigned) = Tim Gardner (timg-tpi) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/720189 Title: CVE-2010-4076, CVE-2010-4077 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs