** Changed in: linux-lts-backport-natty (Ubuntu Lucid)
Status: In Progress => Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: In Progress => Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Maverick)
Status: In Progress => Fix Committed
** Changed in: linux-lts-backport-maverick (Ubuntu Lucid)
Status: In Progress => Fix Committed
** Description changed:
- The proc filesystem implementation in the Linux kernel 2.6.37 and earlier
- does not restrict access to the /proc directory tree of a process after
- this process performs an exec of a setuid program, which allows local users
- to obtain sensitive information or cause a denial of service via open,
- lseek, read, and write system calls.
+ The proc filesystem implementation in the Linux kernel 2.6.37 and
+ earlier does not restrict access to the /proc directory tree of a
+ process after this process performs an exec of a setuid program, which
+ allows local users to obtain sensitive information or cause a denial of
+ service via open, lseek, read, and write system calls.
Fixed-by: ca6b0bf0e086513b9ee5efc0aa5770ecb57778af
Fixed-by: ec6fd8a4355cda81cd9f06bebc048e83eb514ac7
Fixed-by: d6f64b89d7ff22ce05896ab4a93a653e8d0b123d
Fixed-by: 2fadaef41283aad7100fa73f01998cddaca25833
Fixed-by: a9712bc12c40c172e393f85a9b2ba8db4bf59509
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/813026
Title:
CVE-2011-1020
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/813026/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
