Ubuntu
linux package

Comment 12 for bug 485556

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-06-03:

#12

This bug was fixed in the package linux - 2.6.31-22.60

---------------
linux (2.6.31-22.60) karmic-security; urgency=low

[ Leann Ogasawara ]

* kvm: restrict writing of segment selectors to segment registers
- CVE-2010-0419

[ Upstream Kernel Changes ]

  * USB: usbfs: properly clean up the as structure on error paths
    - CVE-2010-1083
  * Bluetooth: Fix potential bad memory access with sysfs files
    - CVE-2010-1084
  * ALSA: hda-intel: Avoid divide by zero crash
    - CVE-2010-1085
  * dvb-core: Fix DoS bug in ULE decapsulation code that can be triggered
    by an invalid Payload Pointer
    - CVE-2010-1086
  * GFS2: Skip check for mandatory locks when unlocking
    - CVE-2010-0727
  * tipc: Fix oops on send prior to entering networked mode (v3)
    - CVE-2010-1187
  * inotify: do not reuse watch descriptors
    - LP: #485556
  * idr: fix a critical misallocation bug, take#2
    - LP: #485556
  * tty: release_one_tty() forgets to put pids
    - CVE-2010-1162
  * reiserfs: fix permissions on .reiserfs_priv
    - CVE-2010-1146
  * fix LOOKUP_FOLLOW on automount "symlinks"
    - CVE-2010-1088
  * NFS: Fix an Oops when truncating a file
    - CVE-2010-1087
  * Attempt #2 to handle null nameidata
    - CVE-2010-1148
  * r8169: Fix receive buffer length when MTU is between 1515 and 1536
    - CVE-2009-4537
  * r8169: offical fix for CVE-2009-4537 (overlength frame DMAs)
    - CVE-2009-4537
  * KVM: Use kvm_{read,write}_guest_virt() to read and write segment
    descriptors
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Check CPL level during privilege instruction
    emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Add Virtual-8086 mode of emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: fix memory access during x86 emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Check IOPL level during io instruction emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Fix popf emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: VMX: Use macros instead of hex value on cr0 initialization
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: SVM: Reset cr0 properly on vcpu reset
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86: disable paravirt mmu reporting
    - CVE-2010-0298
    - CVE-2010-0306
-- Stefan Bader <email address hidden> Tue, 25 May 2010 14:01:30 +0200

This bug was fixed in the package linux - 2.6.31-22.60

---------------
linux (2.6.31-22.60) karmic-security; urgency=low

[ Leann Ogasawara ]

* kvm: restrict writing of segment selectors to segment registers
    - CVE-2010-0419

[ Upstream Kernel Changes ]

* USB: usbfs: properly clean up the as structure on error paths
    - CVE-2010-1083
  * Bluetooth: Fix potential bad memory access with sysfs files
    - CVE-2010-1084
  * ALSA: hda-intel: Avoid divide by zero crash
    - CVE-2010-1085
  * dvb-core: Fix DoS bug in ULE decapsulation code that can be triggered
    by an invalid Payload Pointer
    - CVE-2010-1086
  * GFS2: Skip check for mandatory locks when unlocking
    - CVE-2010-0727
  * tipc: Fix oops on send prior to entering networked mode (v3)
    - CVE-2010-1187
  * inotify: do not reuse watch descriptors
    - LP: #485556
  * idr: fix a critical misallocation bug, take#2
    - LP: #485556
  * tty: release_one_tty() forgets to put pids
    - CVE-2010-1162
  * reiserfs: fix permissions on .reiserfs_priv
    - CVE-2010-1146
  * fix LOOKUP_FOLLOW on automount "symlinks"
    - CVE-2010-1088
  * NFS: Fix an Oops when truncating a file
    - CVE-2010-1087
  * Attempt #2 to handle null nameidata
    - CVE-2010-1148
  * r8169: Fix receive buffer length when MTU is between 1515 and 1536
    - CVE-2009-4537
  * r8169: offical fix for CVE-2009-4537 (overlength frame DMAs)
    - CVE-2009-4537
  * KVM: Use kvm_{read,write}_guest_virt() to read and write segment
    descriptors
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Check CPL level during privilege instruction
    emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Add Virtual-8086 mode of emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: fix memory access during x86 emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Check IOPL level during io instruction emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Fix popf emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: VMX: Use macros instead of hex value on cr0 initialization
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: SVM: Reset cr0 properly on vcpu reset
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86: disable paravirt mmu reporting
    - CVE-2010-0298
    - CVE-2010-0306
 -- Stefan Bader <stefan.bader@canonical.com>   Tue, 25 May 2010 14:01:30 +0200

Ubuntulinux package

Comment 12 for bug 485556

Ubuntu
linux package