*** This bug is a security vulnerability *** Public security bug reported:
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013. Break-Fix: - 8404663f81d212918ff85f493649a7991209fa04 ** Affects: linux (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-armadaxp (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu) Importance: Medium Status: New ** Affects: linux (Ubuntu Lucid) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Lucid) Importance: Medium Status: New ** Affects: linux-fsl-imx51 (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Lucid) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Lucid) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Lucid) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-ec2 (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Precise) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Precise) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux-armadaxp (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Quantal) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Quantal) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Quantal) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux-armadaxp (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Raring) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Raring) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Raring) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux-armadaxp (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Saucy) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Saucy) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Saucy) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-armadaxp (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Trusty) Importance: Medium Status: New ** Tags: kernel-cve-tracking-bug ** Tags added: kernel-cve-tracking-bug ** Information type changed from Public to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-6282 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1254901 Title: CVE-2013-6282 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1254901/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs