*** This bug is a security vulnerability *** Public security bug reported:
Fixed By: commit 10022a6c66e199d8f61d9044543f38785713cbbd Author: Oliver Hartkopp <socket...@hartkopp.net> Date: Wed Apr 20 01:57:15 2011 +0000 can: add missing socket check in can/raw release v2: added space after 'if' according code style. We can get here with a NULL socket argument passed from userspace, so we need to handle it accordingly. Thanks to Dave Jones pointing at this issue in net/can/bcm.c Signed-off-by: Oliver Hartkopp <socket...@hartkopp.net> Signed-off-by: David S. Miller <da...@davemloft.net This fix has hit Oneiric, Natty, and Lucid via mainline/stable updates. Dapper and Hardy do not have this driver. ** Affects: linux (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: linux-fsl-imx51 (Ubuntu) Importance: Undecided Status: New ** Affects: linux-lts-backport-maverick (Ubuntu) Importance: Undecided Status: New ** Affects: linux-mvl-dove (Ubuntu) Importance: Undecided Status: New ** Affects: linux-ti-omap4 (Ubuntu) Importance: Undecided Status: New ** Affects: linux (Ubuntu Lucid) Importance: Undecided Status: Fix Released ** Affects: linux-fsl-imx51 (Ubuntu Lucid) Importance: Undecided Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Lucid) Importance: Undecided Status: New ** Affects: linux-mvl-dove (Ubuntu Lucid) Importance: Undecided Status: New ** Affects: linux-ti-omap4 (Ubuntu Lucid) Importance: Undecided Status: New ** Affects: linux (Ubuntu Maverick) Importance: Undecided Assignee: Andy Whitcroft (apw) Status: In Progress ** Affects: linux-fsl-imx51 (Ubuntu Maverick) Importance: Undecided Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Maverick) Importance: Undecided Status: New ** Affects: linux-mvl-dove (Ubuntu Maverick) Importance: Undecided Status: New ** Affects: linux-ti-omap4 (Ubuntu Maverick) Importance: Undecided Status: New ** Affects: linux (Ubuntu Natty) Importance: Undecided Status: Fix Released ** Affects: linux-fsl-imx51 (Ubuntu Natty) Importance: Undecided Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Natty) Importance: Undecided Status: New ** Affects: linux-mvl-dove (Ubuntu Natty) Importance: Undecided Status: New ** Affects: linux-ti-omap4 (Ubuntu Natty) Importance: Undecided Status: New ** Affects: linux (Ubuntu Oneiric) Importance: Undecided Status: Fix Released ** Affects: linux-fsl-imx51 (Ubuntu Oneiric) Importance: Undecided Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Oneiric) Importance: Undecided Status: New ** Affects: linux-mvl-dove (Ubuntu Oneiric) Importance: Undecided Status: New ** Affects: linux-ti-omap4 (Ubuntu Oneiric) Importance: Undecided Status: New ** Affects: linux (Ubuntu Dapper) Importance: Undecided Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Dapper) Importance: Undecided Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Dapper) Importance: Undecided Status: New ** Affects: linux-mvl-dove (Ubuntu Dapper) Importance: Undecided Status: New ** Affects: linux-ti-omap4 (Ubuntu Dapper) Importance: Undecided Status: New ** Affects: linux (Ubuntu Hardy) Importance: Undecided Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Hardy) Importance: Undecided Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Hardy) Importance: Undecided Status: New ** Affects: linux-mvl-dove (Ubuntu Hardy) Importance: Undecided Status: New ** Affects: linux-ti-omap4 (Ubuntu Hardy) Importance: Undecided Status: New ** Tags: kernel-cve-tracking-bug ** Tags added: kernel-cve-tracking-bug ** This bug has been flagged as a security vulnerability ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1748 ** Also affects: linux (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Dapper) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Dapper) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Dapper) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Dapper) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Dapper) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Dapper) Status: New => Invalid ** Changed in: linux (Ubuntu Natty) Status: New => Fix Released ** Changed in: linux (Ubuntu Oneiric) Status: New => Fix Released ** Changed in: linux (Ubuntu Lucid) Status: New => Fix Released ** Changed in: linux (Ubuntu Hardy) Status: New => Invalid ** Description changed: - Placeholder + Fixed By: + + commit 10022a6c66e199d8f61d9044543f38785713cbbd + Author: Oliver Hartkopp <socket...@hartkopp.net> + Date: Wed Apr 20 01:57:15 2011 +0000 + + can: add missing socket check in can/raw release + + v2: added space after 'if' according code style. + + We can get here with a NULL socket argument passed from userspace, + so we need to handle it accordingly. + + Thanks to Dave Jones pointing at this issue in net/can/bcm.c + + Signed-off-by: Oliver Hartkopp <socket...@hartkopp.net> + Signed-off-by: David S. Miller <da...@davemloft.net + + This fix has hit Oneiric, Natty, and Lucid via mainline/stable updates. + Dapper and Hardy do not have this driver. ** Changed in: linux (Ubuntu Maverick) Status: New => In Progress ** Changed in: linux (Ubuntu Maverick) Assignee: (unassigned) => Andy Whitcroft (apw) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/788694 Title: CVE-2011-1748 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs