CVE-2010-4529

Bug #737823 reported by Leann Ogasawara
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
Dapper
Won't Fix
Low
Leann Ogasawara
Hardy
Fix Released
Low
Leann Ogasawara
Karmic
Won't Fix
Low
Leann Ogasawara
Lucid
Fix Released
Low
Leann Ogasawara
Maverick
Fix Released
Low
Leann Ogasawara
Natty
Invalid
Undecided
Unassigned
linux-fsl-imx51 (Ubuntu)
Invalid
Undecided
Unassigned
Dapper
Invalid
Undecided
Unassigned
Hardy
Invalid
Undecided
Unassigned
Karmic
Won't Fix
Undecided
Unassigned
Lucid
Fix Released
Undecided
Paolo Pisati
Maverick
Invalid
Undecided
Unassigned
Natty
Invalid
Undecided
Unassigned
linux-lts-backport-maverick (Ubuntu)
Invalid
Undecided
Unassigned
Dapper
Won't Fix
Undecided
Unassigned
Hardy
Won't Fix
Undecided
Unassigned
Karmic
Won't Fix
Undecided
Unassigned
Lucid
Fix Released
Undecided
Unassigned
Maverick
Won't Fix
Undecided
Unassigned
Natty
Invalid
Undecided
Unassigned
linux-mvl-dove (Ubuntu)
Invalid
Undecided
Unassigned
Dapper
Invalid
Undecided
Unassigned
Hardy
Invalid
Undecided
Unassigned
Karmic
Invalid
Undecided
Unassigned
Lucid
Fix Released
Undecided
Paolo Pisati
Maverick
Fix Released
Undecided
Paolo Pisati
Natty
Invalid
Undecided
Unassigned
linux-ti-omap4 (Ubuntu)
Invalid
Undecided
Unassigned
Dapper
Invalid
Undecided
Unassigned
Hardy
Invalid
Undecided
Unassigned
Karmic
Invalid
Undecided
Unassigned
Lucid
Invalid
Undecided
Unassigned
Maverick
Fix Released
Undecided
Paolo Pisati
Natty
Invalid
Undecided
Unassigned

Bug Description

Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in
the Linux kernel before 2.6.37 on platforms other than x86 allows local
users to obtain potentially sensitive information from kernel heap memory
via an IRLMP_ENUMDEVICES getsockopt call.

security vulnerability: no → yes
description: updated
Revision history for this message
Leann Ogasawara (leannogasawara) wrote :
Revision history for this message
Leann Ogasawara (leannogasawara) wrote :
Revision history for this message
Leann Ogasawara (leannogasawara) wrote :
Revision history for this message
Leann Ogasawara (leannogasawara) wrote :
Revision history for this message
Leann Ogasawara (leannogasawara) wrote :
Changed in linux (Ubuntu Natty):
status: New → Invalid
Changed in linux (Ubuntu Maverick):
assignee: nobody → Leann Ogasawara (leannogasawara)
importance: Undecided → Low
status: New → In Progress
Changed in linux (Ubuntu Lucid):
assignee: nobody → Leann Ogasawara (leannogasawara)
importance: Undecided → Low
status: New → In Progress
Changed in linux (Ubuntu Karmic):
assignee: nobody → Leann Ogasawara (leannogasawara)
importance: Undecided → Low
status: New → In Progress
Changed in linux (Ubuntu Hardy):
assignee: nobody → Leann Ogasawara (leannogasawara)
importance: Undecided → Low
status: New → In Progress
Changed in linux (Ubuntu Dapper):
assignee: nobody → Leann Ogasawara (leannogasawara)
importance: Undecided → Low
status: New → In Progress
Paolo Pisati (p-pisati)
Changed in linux-ti-omap4 (Ubuntu Maverick):
assignee: nobody → Paolo Pisati (p-pisati)
Changed in linux-ti-omap4 (Ubuntu Dapper):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Karmic):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Natty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Maverick):
status: New → In Progress
Paolo Pisati (p-pisati)
Changed in linux-mvl-dove (Ubuntu Dapper):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Karmic):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Lucid):
assignee: nobody → Paolo Pisati (p-pisati)
Paolo Pisati (p-pisati)
Changed in linux-mvl-dove (Ubuntu Maverick):
assignee: nobody → Paolo Pisati (p-pisati)
Changed in linux-fsl-imx51 (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status: New → Invalid
Tim Gardner (timg-tpi)
Changed in linux-ti-omap4 (Ubuntu Maverick):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.4 KiB)

This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.22

---------------
linux-ti-omap4 (2.6.35-903.22) maverick; urgency=low

  [ Paolo Pisati ]

  * Release Tracking Bug
    - LP: #744250

  [ Upstream Kernel Changes ]

  * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open(), CVE-2010-3080
    - CVE-2010-3080
  * tracing: t_start: reset FTRACE_ITER_HASH in case of seek/pread, CVE-2010-3079
    - CVE-2010-3079
  * KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyring, CVE-2010-2960
    - CVE-2010-2960
  * drm/i915: Sanity check pread/pwrite, CVE-2010-2962
    - CVE-2010-2962
  * do_exit(): make sure that we run with get_fs() == USER_DS, CVE-2010-3849
    - CVE-2010-3849
  * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
    - CVE-2010-3849
  * econet: fix CVE-2010-3850
    - CVE-2010-3850
  * econet: fix CVE-2010-3848
    - CVE-2010-3848
  * compat: Make compat_alloc_user_space() incorporate the access_ok(), CVE-2010-3081
    - CVE-2010-3081
  * irda: Correctly clean up self->ias_obj on irda_bind() failure., CVE-2010-2954
    - CVE-2010-2954
  * wireless extensions: fix kernel heap content leak, CVE-2010-2955
    - CVE-2010-2955
  * KEYS: Fix RCU no-lock warning in keyctl_session_to_parent(), CVE-2010-2960
    - CVE-2010-2960
  * Fix pktcdvd ioctl dev_minor range check, CVE-2010-3437
    - CVE-2010-3437
  * Fix out-of-bounds reading in sctp_asoc_get_hmac(), CVE-2010-3705
    - CVE-2010-3705
  * ocfs2: Don't walk off the end of fast symlinks., CVE-2010-NNN2
    - CVE-2010-NNN2
  * v4l: disable dangerous buggy compat function, CVE-2010-2963
    - CVE-2010-2963
  * Local privilege escalation vulnerability in RDS sockets, CVE-2010-3904
    - CVE-2010-3904
  * net: clear heap allocation for ETHTOOL_GRXCLSRLALL, CVE-2010-3861
    - CVE-2010-3861
  * ipc: shm: fix information leak to userland, CVE-2010-4072
    - CVE-2010-4072
  * tcp: Increase TCP_MAXSEG socket option minimum., CVE-2010-4165
    - CVE-2010-4165
  * af_unix: limit unix_tot_inflight, CVE-2010-4249
    - CVE-2010-4249
  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079
    - LP: #707649
    - CVE-2010-4079
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #710714
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * filter: make sure filters dont read uninitialized memory, CVE-2010-4158
    - LP: #721282
    - CVE-2010-4158
  * econet: Fix crash in aun_incoming(). CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * x25: Prevent crashing when parsing bad X.25 facilities, C...

Read more...

Changed in linux-ti-omap4 (Ubuntu Maverick):
status: Fix Committed → Fix Released
Brad Figg (brad-figg)
tags: added: kernel-cve-tracking-bug
Paolo Pisati (p-pisati)
Changed in linux (Ubuntu Lucid):
status: In Progress → Fix Released
Changed in linux (Ubuntu Maverick):
status: In Progress → Fix Released
Paolo Pisati (p-pisati)
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.24-29.89

---------------
linux (2.6.24-29.89) hardy-proposed; urgency=low

  [ Steve Conklin ]

  * Release Tracking Bug
    - LP: #768380

  [Tim Gardner]

  * [Config] remove generated files

  [Upstream Kernel Changes]

  * econet: Fix crash in aun_incoming(). CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * av7110: check for negative array offset, CVE-2011-0521
    - LP: #767526
    - CVE-2011-0521
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
    CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
 -- Steve Conklin <email address hidden> Thu, 21 Apr 2011 09:28:26 -0500

Changed in linux (Ubuntu Hardy):
status: In Progress → Fix Released
Revision history for this message
Paolo Pisati (p-pisati) wrote :

karmic is EOL

Changed in linux-fsl-imx51 (Ubuntu Dapper):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Maverick):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Karmic):
status: New → Won't Fix
Changed in linux-fsl-imx51 (Ubuntu Lucid):
assignee: nobody → Paolo Pisati (p-pisati)
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (29.1 KiB)

This bug was fixed in the package linux-mvl-dove - 2.6.32-217.34

---------------
linux-mvl-dove (2.6.32-217.34) lucid-proposed; urgency=low

  [ Herton R. Krzesinski ]

  * Release Tracking Bug
    - LP: #794695

  [ Paolo Pisati ]

  * Rebased to 2.6.32-33.66

  [ Ubuntu: 2.6.32-33.66 ]

  * Release Tracking Bug
    - LP: #794098
  * Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

  [ Ubuntu: 2.6.32-33.65 ]

  * xhci: Fix full speed bInterval encoding.
    - LP: #792959

  [ Ubuntu: 2.6.32-33.64 ]

   * Release Tracking Bug
     - LP: #789325
  * SAUCE: (no-up) Fix up KVM: VMX: Fix host userspace gsbase corruption
    - LP: #787675
  * SAUCE: vesafb: mtrr module parameter is uint, not bool
    - LP: #778043
  * Revert "(pre-stable): input: Support Clickpad devices in ClickZone
    mode"
    - LP: #780588
  * Revert "GFS2: Fix writing to non-page aligned gfs2_quota structures"
    - LP: #780588
  * Revert "mmc: build fix: mmc_pm_notify is only available with
    CONFIG_PM=y"
    - LP: #780588
  * Revert "mmc: fix all hangs related to mmc/sd card insert/removal during
    suspend/resume"
    - LP: #780588
  * Revert "econet: fix CVE-2010-3848"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #770050
  * video: sn9c102: world-wirtable sysfs files
    - LP: #770050
  * UBIFS: restrict world-writable debugfs files
    - LP: #770050
  * NET: cdc-phonet, handle empty phonet header
    - LP: #770050
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #770050
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #770050
  * mca.c: Fix cast from integer to pointer warning
    - LP: #770050
  * ramfs: fix memleak on no-mmu arch
    - LP: #770050
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #770050
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #770050
  * x86, cpu: AMD errata checking framework
    - LP: #770050
  * x86, cpu: Clean up AMD erratum 400 workaround
    - LP: #770050
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #770050
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #770050
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #770050
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #770050
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #770050
  * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP
    - LP: #770050
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #770050
  * next_pidmap: fix overflow condition
    - LP: #770050
  * proc: do proper range check on readdir offset
    - LP: #770050
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #770050
  * USB: fix formatting of SuperSpeed endpoints in /proc/bus/u...

Changed in linux-mvl-dove (Ubuntu Lucid):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (4.2 KiB)

This bug was fixed in the package linux-fsl-imx51 - 2.6.31-609.26

---------------
linux-fsl-imx51 (2.6.31-609.26) lucid; urgency=low

  [ Paolo Pisati ]

  * Tracking bug
    - LP: #795219
  * [Config] Disable parport_pc on fsl-imx51
    - LP: #601226

  [ Upstream Kernel Changes ]

  * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory
    - LP: #712723, #712737
  * can-bcm: fix minor heap overflow
    - LP: #710680
  * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory
    - LP: #712744
  * gdth: integer overflow in ioctl
    - LP: #711797
  * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #711045
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * net: Truncate recvfrom and sendto length to INT_MAX.
    - LP: #708839
  * posix-cpu-timers: workaround to suppress the problems with mt exec
    - LP: #712609
  * sys_semctl: fix kernel stack leakage
    - LP: #712749
  * x25: Patch to fix bug 15678 - x25 accesses fields beyond end of packet.
    - LP: #709372
  * memory corruption in X.25 facilities parsing
    - LP: #709372
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * net: clear heap allocations for privileged ethtool actions
    - LP: #771445
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code
    - LP: #772543
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #772543
  * exec: make argv/envp memory visible to oom-killer
    - LP: #768408
  * next_pidmap: fix overflow condition
    - LP: #784727
  * proc: do proper range check on readdir offset
    - LP: #784727
  * mpt2sas: prevent heap overflows and unchecked reads
    - LP: #787145
  * agp: fix arbitrary kernel memory writes
    - LP: #788684
  * can: add missing socket check in can/raw release
    - LP: #788694
  * agp: fix OOM and buffer overflow
    - LP: #788700
  * do_exit(): make sure that we run with get_fs() == USER_DS - CVE-2010-4258
    - LP: #723945
    - CVE-2010-4258
  * x25: Prevent crashing when parsing bad X.25 facilities - CVE-2010-4164
    - LP: #731199
    - CVE-2010-4164
  * install_special_mapping skips security_file_mmap check - CVE-2010-4346
    - LP: #731971
    - CVE-2010-4346
  * econet: Fix crash in aun_incoming() - CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes - CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * CAN: Use inode instead of kernel address for /proc file - CVE-2010-4565
    - LP: #765007...

Read more...

Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (29.1 KiB)

This bug was fixed in the package linux-mvl-dove - 2.6.32-417.34

---------------
linux-mvl-dove (2.6.32-417.34) maverick-proposed; urgency=low

  [ Herton R. Krzesinski ]

  * Release Tracking Bug
    - LP: #795153

  [ Paolo Pisati ]

  * Rebased to 2.6.32-33.66

  [ Ubuntu: 2.6.32-33.66 ]

  * Release Tracking Bug
    - LP: #794098
  * Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

  [ Ubuntu: 2.6.32-33.65 ]

  * xhci: Fix full speed bInterval encoding.
    - LP: #792959

  [ Ubuntu: 2.6.32-33.64 ]

   * Release Tracking Bug
     - LP: #789325
  * SAUCE: (no-up) Fix up KVM: VMX: Fix host userspace gsbase corruption
    - LP: #787675
  * SAUCE: vesafb: mtrr module parameter is uint, not bool
    - LP: #778043
  * Revert "(pre-stable): input: Support Clickpad devices in ClickZone
    mode"
    - LP: #780588
  * Revert "GFS2: Fix writing to non-page aligned gfs2_quota structures"
    - LP: #780588
  * Revert "mmc: build fix: mmc_pm_notify is only available with
    CONFIG_PM=y"
    - LP: #780588
  * Revert "mmc: fix all hangs related to mmc/sd card insert/removal during
    suspend/resume"
    - LP: #780588
  * Revert "econet: fix CVE-2010-3848"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #770050
  * video: sn9c102: world-wirtable sysfs files
    - LP: #770050
  * UBIFS: restrict world-writable debugfs files
    - LP: #770050
  * NET: cdc-phonet, handle empty phonet header
    - LP: #770050
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #770050
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #770050
  * mca.c: Fix cast from integer to pointer warning
    - LP: #770050
  * ramfs: fix memleak on no-mmu arch
    - LP: #770050
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #770050
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #770050
  * x86, cpu: AMD errata checking framework
    - LP: #770050
  * x86, cpu: Clean up AMD erratum 400 workaround
    - LP: #770050
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #770050
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #770050
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #770050
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #770050
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #770050
  * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP
    - LP: #770050
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #770050
  * next_pidmap: fix overflow condition
    - LP: #770050
  * proc: do proper range check on readdir offset
    - LP: #770050
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #770050
  * USB: fix formatting of SuperSpeed endpoints in /proc/bu...

Changed in linux-mvl-dove (Ubuntu Maverick):
status: New → Fix Released
Revision history for this message
Leann Ogasawara (leannogasawara) wrote : Closing unsupported series nomination.

This bug was nominated against a series that is no longer supported, ie karmic. The bug task representing the karmic nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu Karmic):
status: In Progress → Won't Fix
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (45.4 KiB)

This bug was fixed in the package linux-lts-backport-maverick - 2.6.35-30.56~lucid1

---------------
linux-lts-backport-maverick (2.6.35-30.56~lucid1) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #811215

  [ Herton Ronaldo Krzesinski ]

  * Revert "SAUCE: mmc: Enable MMC card reader for RICOH [1180:e823]"

  [ Upstream Kernel Changes ]

  * Revert "x86: Flush TLB if PGD entry is changed in i386 PAE mode"
    - LP: #805209

linux (2.6.35-30.55) maverick-proposed; urgency=low

  [Steve Conklin]

  * Release Tracking Bug
    - LP: #801690

  [ Jeremy Kerr ]

  * SAUCE: cx23885: Fix argument to videobuf_dma_unmap
    - LP: #800527

  [ Manoj Iyer ]

  * SAUCE: mmc: Enable MMC card reader for RICOH [1180:e823]
    - LP: #790754

  [ Upstream Kernel Changes ]

  * agp: fix OOM and buffer overflow
    - LP: #791918
    - CVE-2011-1746
  * tty: icount changeover for other main devices, CVE-2010-4076,
    CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * Fix corrupted OSF partition table parsing
    - LP: #796606
    - CVE-2011-1163
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3) CVE-2011-1090
    - LP: #800775
    - CVE-2011-1090

linux (2.6.35-30.54) maverick-proposed; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #794114

  [ Upstream Kernel Changes ]

  * Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - also free streams when resetting devices"
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

linux (2.6.35-30.53) maverick-proposed; urgency=low

  [ Upstream Kernel Changes ]

  * xhci: Fix full speed bInterval encoding.
    - LP: #792959

linux (2.6.35-30.52) maverick-proposed; urgency=low

  [ Herton R. Krzesinski ]

  * Release Tracking Bug
    - LP: #790653

  [ Stefan Bader ]

  * Include nls_iso8859-1 for virtual images
    - LP: #732046

  [ Thomas Schlichter ]

  * SAUCE: vesafb: mtrr module parameter is uint, not bool
    - LP: #778043

  [ Tim Gardner ]

  * [Config] Add cachefiles.ko to virtual flavour
    - LP: #770430

  [ Upstream Kernel Changes ]

  * Revert "intel_idle: PCI quirk to prevent Lenovo Ideapad s10-3 boot
    hang"
    - LP: #772560
  * Revert "TPM: Long default timeout fix"
    - LP: #772560
  * Revert "tpm_tis: Use timeouts returned from TPM"
    - LP: #772560
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565
    - LP: #765007
    - CVE-2010-4565
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
    CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * Treat writes as new when holes span across page boundaries,
    CVE-2011-0463
    - LP: #770483
    - CVE-2011-0463
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * qla2xxx:...

Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Fix Released
Changed in linux-lts-backport-maverick (Ubuntu Dapper):
status: New → Won't Fix
Changed in linux-lts-backport-maverick (Ubuntu Karmic):
status: New → Won't Fix
Changed in linux (Ubuntu Dapper):
status: In Progress → Won't Fix
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. maverick has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against maverick is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

Changed in linux-lts-backport-maverick (Ubuntu Maverick):
status: New → Won't Fix
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.