** Changed in: linux (Ubuntu Maverick)
Status: In Progress => Fix Committed
** Changed in: linux-ti-omap4 (Ubuntu Oneiric)
Status: Confirmed => Fix Committed
** Changed in: linux-ti-omap4 (Ubuntu Natty)
Status: Confirmed => Fix Committed
** Changed in: linux-fsl-imx51 (Ubuntu Lucid)
Status: In Progress => Fix Committed
** Description changed:
+ The bcm_release function in net/can/bcm.c in the Linux kernel before
+ 2.6.39-rc6 does not properly validate a socket data structure, which
+ allows local users to cause a denial of service (NULL pointer
+ dereference) or possibly have unspecified other impact via a crafted
+ release operation.
+
Fixed-by: c6914a6f261aca0c9f715f883a353ae7ff51fe83
-
- commit c6914a6f261aca0c9f715f883a353ae7ff51fe83
- Author: Dave Jones <da...@redhat.com>
- Date: Tue Apr 19 20:36:59 2011 -0700
-
- can: Add missing socket check in can/bcm release.
-
- We can get here with a NULL socket argument passed from userspace,
- so we need to handle it accordingly.
-
- Signed-off-by: Dave Jones <da...@redhat.com>
- Signed-off-by: David S. Miller <da...@davemloft.net>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/796502
Title:
CVE-2011-1598
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/796502/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
