CIFS: sanity check length of data to send before sending
Bug #1283101 reported by
Andy Whitcroft
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Won't Fix
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned | ||
Quantal |
Won't Fix
|
Undecided
|
Unassigned | ||
Saucy |
Won't Fix
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned | ||
linux-armadaxp (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned | ||
Quantal |
Won't Fix
|
Undecided
|
Unassigned | ||
Saucy |
Invalid
|
Undecided
|
Unassigned | ||
Trusty |
Invalid
|
Undecided
|
Unassigned | ||
linux-ec2 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Won't Fix
|
Undecided
|
Unassigned | ||
Precise |
Invalid
|
Undecided
|
Unassigned | ||
Quantal |
Invalid
|
Undecided
|
Unassigned | ||
Saucy |
Invalid
|
Undecided
|
Unassigned | ||
Trusty |
Invalid
|
Undecided
|
Unassigned | ||
linux-lts-quantal (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned | ||
Quantal |
Invalid
|
Undecided
|
Unassigned | ||
Saucy |
Invalid
|
Undecided
|
Unassigned | ||
Trusty |
Invalid
|
Undecided
|
Unassigned | ||
linux-lts-raring (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned | ||
Quantal |
Invalid
|
Undecided
|
Unassigned | ||
Saucy |
Invalid
|
Undecided
|
Unassigned | ||
Trusty |
Invalid
|
Undecided
|
Unassigned | ||
linux-lts-saucy (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned | ||
Quantal |
Invalid
|
Undecided
|
Unassigned | ||
Saucy |
Invalid
|
Undecided
|
Unassigned | ||
Trusty |
Invalid
|
Undecided
|
Unassigned | ||
linux-ti-omap4 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned | ||
Quantal |
Won't Fix
|
Undecided
|
Unassigned | ||
Saucy |
Won't Fix
|
Undecided
|
Unassigned | ||
Trusty |
Invalid
|
Undecided
|
Unassigned |
Bug Description
This CVE was fixed under 5d81de8e8667da7
http://
Makes sense to put this into any release which needs it.
# As applied to linus' tree
Break-fix: - a26054d18476396
Changed in linux (Ubuntu): | |
status: | New → Triaged |
tags: | added: kernel-bug-break-fix |
description: | updated |
Changed in linux-lts-saucy (Ubuntu Trusty): | |
status: | New → Invalid |
Changed in linux-lts-raring (Ubuntu): | |
status: | New → Invalid |
Changed in linux-armadaxp (Ubuntu): | |
status: | New → Invalid |
Changed in linux-armadaxp (Ubuntu Saucy): | |
status: | New → Invalid |
Changed in linux-lts-saucy (Ubuntu Saucy): | |
status: | New → Invalid |
Changed in linux-lts-quantal (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-ti-omap4 (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-lts-saucy (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-lts-saucy (Ubuntu Quantal): | |
status: | New → Invalid |
Changed in linux-ec2 (Ubuntu): | |
status: | New → Invalid |
Changed in linux-ti-omap4 (Ubuntu): | |
status: | New → Invalid |
Changed in linux-lts-raring (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-lts-raring (Ubuntu Saucy): | |
status: | New → Invalid |
Changed in linux-ec2 (Ubuntu Quantal): | |
status: | New → Invalid |
Changed in linux-lts-quantal (Ubuntu Quantal): | |
status: | New → Invalid |
Changed in linux-armadaxp (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-ec2 (Ubuntu Precise): | |
status: | New → Invalid |
Changed in linux-lts-quantal (Ubuntu Saucy): | |
status: | New → Invalid |
Changed in linux-lts-raring (Ubuntu Quantal): | |
status: | New → Invalid |
Changed in linux-lts-quantal (Ubuntu Trusty): | |
status: | New → Invalid |
Changed in linux-ec2 (Ubuntu Saucy): | |
status: | New → Invalid |
Changed in linux (Ubuntu Lucid): | |
status: | New → Confirmed |
Changed in linux-ec2 (Ubuntu Lucid): | |
status: | New → Confirmed |
Changed in linux (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in linux-ti-omap4 (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in linux-lts-quantal (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in linux-lts-raring (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in linux-lts-saucy (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in linux-armadaxp (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in linux (Ubuntu Quantal): | |
status: | New → Confirmed |
Changed in linux-ti-omap4 (Ubuntu Quantal): | |
status: | New → Confirmed |
Changed in linux-ti-omap4 (Ubuntu Saucy): | |
status: | New → Confirmed |
Changed in linux-armadaxp (Ubuntu Quantal): | |
status: | New → Confirmed |
Changed in linux (Ubuntu Saucy): | |
status: | New → Confirmed |
Changed in linux (Ubuntu Trusty): | |
status: | Triaged → Confirmed |
summary: |
- CVE-2014-0069: add hardening patch + CVE-2014-0069: CIFS -- add hardening patch |
description: | updated |
Changed in linux (Ubuntu): | |
status: | Confirmed → Fix Committed |
Changed in linux (Ubuntu): | |
status: | Fix Committed → Fix Released |
Changed in linux (Ubuntu Quantal): | |
status: | Confirmed → Won't Fix |
Changed in linux-lts-quantal (Ubuntu Precise): | |
status: | Confirmed → Won't Fix |
Changed in linux-ti-omap4 (Ubuntu Quantal): | |
status: | Confirmed → Won't Fix |
Changed in linux-armadaxp (Ubuntu Quantal): | |
status: | Confirmed → Won't Fix |
Changed in linux (Ubuntu Saucy): | |
status: | Confirmed → Won't Fix |
Changed in linux-lts-raring (Ubuntu Precise): | |
status: | Confirmed → Won't Fix |
Changed in linux-lts-saucy (Ubuntu Precise): | |
status: | Confirmed → Won't Fix |
Changed in linux-ti-omap4 (Ubuntu Saucy): | |
status: | Confirmed → Won't Fix |
Changed in linux (Ubuntu Lucid): | |
status: | Confirmed → Won't Fix |
Changed in linux-ec2 (Ubuntu Lucid): | |
status: | Confirmed → Won't Fix |
Changed in linux (Ubuntu Trusty): | |
status: | Confirmed → Fix Committed |
tags: |
added: verification-done-trusty removed: verification-needed-trusty |
Changed in linux (Ubuntu): | |
status: | Fix Released → Invalid |
Changed in linux (Ubuntu): | |
status: | Invalid → Fix Released |
information type: | Public → Public Security |
summary: |
- CVE-2014-0069: CIFS -- add hardening patch + CIFS: sanity check length of data to send before sending |
To post a comment you must log in.
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification- needed- trusty' to 'verification- done-trusty' .
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you!