[Security] pcsc-lite buffer overflows - CVE-2010-0407
Bug #603657 reported by
Brian Thomason
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pcsc-lite (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Dapper |
Won't Fix
|
Undecided
|
Unassigned | ||
Hardy |
Won't Fix
|
Undecided
|
Unassigned | ||
Jaunty |
Fix Released
|
Undecided
|
Brian Thomason | ||
Karmic |
Fix Released
|
Undecided
|
Kees Cook | ||
Lucid |
Fix Released
|
Undecided
|
Kees Cook | ||
Maverick |
Invalid
|
Undecided
|
Unassigned |
Bug Description
pcsc-lite in Jaunty is vulnerable to buffer overflows in the Smart Card daemon which can allow local users to gain root privs.
CVE References
Changed in pcsc-lite (Ubuntu): | |
status: | New → In Progress |
assignee: | nobody → Brian Thomason (brian-thomason) |
tags: | added: jaunty maverick patch |
Changed in pcsc-lite (Ubuntu Dapper): | |
status: | New → Confirmed |
Changed in pcsc-lite (Ubuntu Jaunty): | |
status: | New → Confirmed |
Changed in pcsc-lite (Ubuntu Lucid): | |
status: | New → Confirmed |
Changed in pcsc-lite (Ubuntu Karmic): | |
status: | New → Confirmed |
Changed in pcsc-lite (Ubuntu Maverick): | |
status: | Confirmed → Invalid |
Changed in pcsc-lite (Ubuntu Hardy): | |
status: | New → Confirmed |
To post a comment you must log in.
NAK for jaunty patch. It is not identical to 1.4.102-1+lenny3 (the latest version in Lenny that contains a regression fix).
Please resubmit using the fix in 1.4.102-1+lenny3, resubscribe ubuntu- security- sponsors and set the status to 'NEW' when the changes are complete. Thanks!