Ubuntu

CVE-2012-2137

Reported by John Johansen on 2012-06-21
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned
Lucid
Medium
Tim Gardner
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-armadaxp (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-ec2 (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-fsl-imx51 (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-backport-maverick (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-backport-natty (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-backport-oneiric (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-quantal (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-raring (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-mvl-dove (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned

Bug Description

Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function.

Break-Fix: 46e624b95c36d729bdf24010fff11d16f6fe94fa f2ebd422f71cda9c791f76f85d2ca102ae34a1ed

John Johansen (jjohansen) wrote :

CVE-2012-2137

tags: added: kernel-cve-tracking-bug
security vulnerability: no → yes
Changed in linux-armadaxp (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Hardy):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Natty):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Natty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Quantal):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Natty):
status: New → Invalid
description: updated
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Natty):
importance: Undecided → Medium
description: updated
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Invalid
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Lucid):
status: New → Invalid
Changed in linux (Ubuntu Quantal):
status: New → Invalid
Changed in linux (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: New → Invalid
Changed in linux (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux-armadaxp (Ubuntu Precise):
status: Fix Committed → Fix Released
Tim Gardner (timg-tpi) on 2012-09-06
Changed in linux (Ubuntu Lucid):
assignee: nobody → Tim Gardner (timg-tpi)
status: Invalid → In Progress
Tim Gardner (timg-tpi) on 2012-09-07
Changed in linux (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Natty):
status: New → Won't Fix
Tim Gardner (timg-tpi) on 2012-09-07
Changed in linux (Ubuntu Oneiric):
assignee: nobody → Tim Gardner (timg-tpi)
status: New → In Progress
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux (Ubuntu Oneiric):
status: In Progress → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: New → Fix Committed
Ike Panhc (ikepanhc) wrote :

Patch 46e624b95c36d729bdf24010fff11d16f6fe94fa f2ebd422f71cda9c791f76f85d2ca102ae34a1ed already in upstream 3.5

Changed in linux-armadaxp (Ubuntu Quantal):
status: Fix Committed → Fix Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Launchpad Janitor (janitor) wrote :
Download full text (4.5 KiB)

This bug was fixed in the package linux-lts-backport-oneiric - 3.0.0-26.43~lucid1

---------------
linux-lts-backport-oneiric (3.0.0-26.43~lucid1) lucid-proposed; urgency=low

  [Luis Henriques]

  * Release Tracking Bug
    - LP: #1056607

  [ Dave Airlie ]

  * SAUCE: drm/vmwgfx: add MODULE_DEVICE_TABLE so vmwgfx loads at boot
    - LP: #1039157

  [ Stefan Bader ]

  * Revert "SAUCE: fix pv-ops for legacy Xen"
    - LP: #1044550

  [ Upstream Kernel Changes ]

  * KVM: Fix buffer overflow in kvm_set_irq()
    - LP: #1016298
    - CVE-2012-2137
  * VFS : mount lock scalability for internal mounts
    - LP: #990365
    - CVE-2012-2127
  * procfs: fix a vfsmount longterm reference leak
    - LP: #990365
    - CVE-2012-2127
  * eCryptfs: Copy up attributes of the lower target inode after rename
    - LP: #561129
  * eCryptfs: Write out all dirty pages just before releasing the lower
    file
    - LP: #1047261
  * eCryptfs: Call lower ->flush() from ecryptfs_flush()
    - LP: #1047261
  * USB: vt6656: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * USB: emi62: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * ALSA: hda - fix Copyright debug message
    - LP: #1052005
  * ARM: 7487/1: mm: avoid setting nG bit for user mappings that aren't
    present
    - LP: #1052005
  * ARM: 7488/1: mm: use 5 bits for swapfile type encoding
    - LP: #1052005
  * ARM: 7489/1: errata: fix workaround for erratum #720789 on UP systems
    - LP: #1052005
  * ARM: S3C24XX: Fix s3c2410_dma_enqueue parameters
    - LP: #1052005
  * ARM: imx: select CPU_FREQ_TABLE when needed
    - LP: #1052005
  * ASoC: wm9712: Fix microphone source selection
    - LP: #1052005
  * vfs: missed source of ->f_pos races
    - LP: #1052005
  * vfs: canonicalize create mode in build_open_flags()
    - LP: #1052005
  * alpha: Don't export SOCK_NONBLOCK to user space.
    - LP: #1052005
  * USB: winbond: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * mm: hugetlbfs: correctly populate shared pmd
    - LP: #1052005
  * NFSv3: Ensure that do_proc_get_root() reports errors correctly
    - LP: #1052005
  * NFSv4.1: Remove a bogus BUG_ON() in nfs4_layoutreturn_done
    - LP: #1052005
  * NFS: Alias the nfs module to nfs4
    - LP: #1052005
  * audit: don't free_chunk() after fsnotify_add_mark()
    - LP: #1052005
  * audit: fix refcounting in audit-tree
    - LP: #1052005
  * svcrpc: fix BUG() in svc_tcp_clear_pages
    - LP: #1052005
  * svcrpc: fix svc_xprt_enqueue/svc_recv busy-looping
    - LP: #1052005
  * svcrpc: sends on closed socket should stop immediately
    - LP: #1052005
  * cciss: fix incorrect scsi status reporting
    - LP: #1052005
  * ACPI: export symbol acpi_get_table_with_size
    - LP: #1052005
  * ath9k: fix decrypt_error initialization in ath_rx_tasklet()
    - LP: #1052005
  * PCI: EHCI: Fix crash during hibernation on ASUS computers
    - LP: #1052005
  * block: replace __getblk_slow misfix by grow_dev_page fix
    - LP: #1052005
  * USB: spca506: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * USB: p54usb: remove __devinit* from the struct usb_device_id ta...

Read more...

Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ec2 - 2.6.32-349.55

---------------
linux-ec2 (2.6.32-349.55) lucid-proposed; urgency=low

  [ Stefan Bader ]

  * Revert "SAUCE: EC2: Backport changes to limit GSO segments"
    - LP: #1037456
    - CVE-2012-3412
  * Rebased to Ubuntu-2.6.32-44.98
  * Release Tracking Bug
    - LP: #1056081

  [ Ubuntu: 2.6.32-44.98 ]

  * SAUCE: drm/vmwgfx: add MODULE_DEVICE_TABLE so vmwgfx loads at boot
    - LP: #1039157
  * Revert "sfc: Fix maximum number of TSO segments and minimum TX queue
    size"
    - LP: #1037456
    - CVE-2012-3412
  * Revert "sfc: Replace some literal constants with
    EFX_PAGE_SIZE/EFX_BUF_SIZE"
    - LP: #1037456
    - CVE-2012-3412
  * Revert "tcp: Apply device TSO segment limit earlier"
    - LP: #1037456
    - CVE-2012-3412
  * Revert "tcp: do not scale TSO segment size with reordering degree"
    - LP: #1037456
    - CVE-2012-3412
  * Revert "net: Allow driver to limit number of GSO segments per skb"
    - LP: #1037456
    - CVE-2012-3412
  * cred: copy_process() should clear child->replacement_session_keyring
    - LP: #1023535
    - CVE-2012-2745
  * KVM: Change irq routing table to use gsi indexed array
    - LP: #1016298
    - CVE-2012-2137
  * KVM: Fix buffer overflow in kvm_set_irq()
    - LP: #1016298
    - CVE-2012-2137
  * xen: just completely disable XSAVE
    - LP: #1044550
  * xen: Allow PV-OPS kernel to detect whether XSAVE is supported
    - LP: #1044550
  * sfc: Fix maximum number of TSO segments and minimum TX queue size
    - LP: #1037456
    - CVE-2012-3412
 -- Stefan Bader <email address hidden> Fri, 28 Sep 2012 15:24:48 +0200

Changed in linux-ec2 (Ubuntu Lucid):
status: Invalid → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (4.4 KiB)

This bug was fixed in the package linux - 3.0.0-26.43

---------------
linux (3.0.0-26.43) oneiric-proposed; urgency=low

  [Luis Henriques]

  * Release Tracking Bug
    - LP: #1055532

  [ Dave Airlie ]

  * SAUCE: drm/vmwgfx: add MODULE_DEVICE_TABLE so vmwgfx loads at boot
    - LP: #1039157

  [ Stefan Bader ]

  * Revert "SAUCE: fix pv-ops for legacy Xen"
    - LP: #1044550

  [ Upstream Kernel Changes ]

  * KVM: Fix buffer overflow in kvm_set_irq()
    - LP: #1016298
    - CVE-2012-2137
  * VFS : mount lock scalability for internal mounts
    - LP: #990365
    - CVE-2012-2127
  * procfs: fix a vfsmount longterm reference leak
    - LP: #990365
    - CVE-2012-2127
  * eCryptfs: Copy up attributes of the lower target inode after rename
    - LP: #561129
  * eCryptfs: Write out all dirty pages just before releasing the lower
    file
    - LP: #1047261
  * eCryptfs: Call lower ->flush() from ecryptfs_flush()
    - LP: #1047261
  * USB: vt6656: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * USB: emi62: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * ALSA: hda - fix Copyright debug message
    - LP: #1052005
  * ARM: 7487/1: mm: avoid setting nG bit for user mappings that aren't
    present
    - LP: #1052005
  * ARM: 7488/1: mm: use 5 bits for swapfile type encoding
    - LP: #1052005
  * ARM: 7489/1: errata: fix workaround for erratum #720789 on UP systems
    - LP: #1052005
  * ARM: S3C24XX: Fix s3c2410_dma_enqueue parameters
    - LP: #1052005
  * ARM: imx: select CPU_FREQ_TABLE when needed
    - LP: #1052005
  * ASoC: wm9712: Fix microphone source selection
    - LP: #1052005
  * vfs: missed source of ->f_pos races
    - LP: #1052005
  * vfs: canonicalize create mode in build_open_flags()
    - LP: #1052005
  * alpha: Don't export SOCK_NONBLOCK to user space.
    - LP: #1052005
  * USB: winbond: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * mm: hugetlbfs: correctly populate shared pmd
    - LP: #1052005
  * NFSv3: Ensure that do_proc_get_root() reports errors correctly
    - LP: #1052005
  * NFSv4.1: Remove a bogus BUG_ON() in nfs4_layoutreturn_done
    - LP: #1052005
  * NFS: Alias the nfs module to nfs4
    - LP: #1052005
  * audit: don't free_chunk() after fsnotify_add_mark()
    - LP: #1052005
  * audit: fix refcounting in audit-tree
    - LP: #1052005
  * svcrpc: fix BUG() in svc_tcp_clear_pages
    - LP: #1052005
  * svcrpc: fix svc_xprt_enqueue/svc_recv busy-looping
    - LP: #1052005
  * svcrpc: sends on closed socket should stop immediately
    - LP: #1052005
  * cciss: fix incorrect scsi status reporting
    - LP: #1052005
  * ACPI: export symbol acpi_get_table_with_size
    - LP: #1052005
  * ath9k: fix decrypt_error initialization in ath_rx_tasklet()
    - LP: #1052005
  * PCI: EHCI: Fix crash during hibernation on ASUS computers
    - LP: #1052005
  * block: replace __getblk_slow misfix by grow_dev_page fix
    - LP: #1052005
  * USB: spca506: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * USB: p54usb: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * USB: rtl8187: remove __devi...

Read more...

Changed in linux (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.32-44.98

---------------
linux (2.6.32-44.98) lucid-proposed; urgency=low

  [Luis Henriques]

  * Release Tracking Bug
    - LP: #1055438

  [ Dave Airlie ]

  * SAUCE: drm/vmwgfx: add MODULE_DEVICE_TABLE so vmwgfx loads at boot
    - LP: #1039157

  [ Upstream Kernel Changes ]

  * Revert "sfc: Fix maximum number of TSO segments and minimum TX queue
    size"
    - LP: #1037456
    - CVE-2012-3412
  * Revert "sfc: Replace some literal constants with
    EFX_PAGE_SIZE/EFX_BUF_SIZE"
    - LP: #1037456
    - CVE-2012-3412
  * Revert "tcp: Apply device TSO segment limit earlier"
    - LP: #1037456
    - CVE-2012-3412
  * Revert "tcp: do not scale TSO segment size with reordering degree"
    - LP: #1037456
    - CVE-2012-3412
  * Revert "net: Allow driver to limit number of GSO segments per skb"
    - LP: #1037456
    - CVE-2012-3412
  * cred: copy_process() should clear child->replacement_session_keyring
    - LP: #1023535
    - CVE-2012-2745
  * KVM: Change irq routing table to use gsi indexed array
    - LP: #1016298
    - CVE-2012-2137
  * KVM: Fix buffer overflow in kvm_set_irq()
    - LP: #1016298
    - CVE-2012-2137
  * xen: just completely disable XSAVE
    - LP: #1044550
  * xen: Allow PV-OPS kernel to detect whether XSAVE is supported
    - LP: #1044550
  * sfc: Fix maximum number of TSO segments and minimum TX queue size
    - LP: #1037456
    - CVE-2012-3412
 -- Tim Gardner <email address hidden> Thu, 06 Sep 2012 11:20:13 -0400

Changed in linux (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (4.5 KiB)

This bug was fixed in the package linux-ti-omap4 - 3.0.0-1216.29

---------------
linux-ti-omap4 (3.0.0-1216.29) oneiric-proposed; urgency=low

  * Release Tracking Bug
    - LP: #1056605

  [ Paolo Pisati ]

  * rebased on Ubuntu-3.0.0-26.43

  [ Ubuntu: 3.0.0-26.43 ]

  * Release Tracking Bug
    - LP: #1055532
  * SAUCE: drm/vmwgfx: add MODULE_DEVICE_TABLE so vmwgfx loads at boot
    - LP: #1039157
  * Revert "SAUCE: fix pv-ops for legacy Xen"
    - LP: #1044550
  * KVM: Fix buffer overflow in kvm_set_irq()
    - LP: #1016298
    - CVE-2012-2137
  * VFS : mount lock scalability for internal mounts
    - LP: #990365
    - CVE-2012-2127
  * procfs: fix a vfsmount longterm reference leak
    - LP: #990365
    - CVE-2012-2127
  * eCryptfs: Copy up attributes of the lower target inode after rename
    - LP: #561129
  * eCryptfs: Write out all dirty pages just before releasing the lower
    file
    - LP: #1047261
  * eCryptfs: Call lower ->flush() from ecryptfs_flush()
    - LP: #1047261
  * USB: vt6656: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * USB: emi62: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * ALSA: hda - fix Copyright debug message
    - LP: #1052005
  * ARM: 7487/1: mm: avoid setting nG bit for user mappings that aren't
    present
    - LP: #1052005
  * ARM: 7488/1: mm: use 5 bits for swapfile type encoding
    - LP: #1052005
  * ARM: 7489/1: errata: fix workaround for erratum #720789 on UP systems
    - LP: #1052005
  * ARM: S3C24XX: Fix s3c2410_dma_enqueue parameters
    - LP: #1052005
  * ARM: imx: select CPU_FREQ_TABLE when needed
    - LP: #1052005
  * ASoC: wm9712: Fix microphone source selection
    - LP: #1052005
  * vfs: missed source of ->f_pos races
    - LP: #1052005
  * vfs: canonicalize create mode in build_open_flags()
    - LP: #1052005
  * alpha: Don't export SOCK_NONBLOCK to user space.
    - LP: #1052005
  * USB: winbond: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * mm: hugetlbfs: correctly populate shared pmd
    - LP: #1052005
  * NFSv3: Ensure that do_proc_get_root() reports errors correctly
    - LP: #1052005
  * NFSv4.1: Remove a bogus BUG_ON() in nfs4_layoutreturn_done
    - LP: #1052005
  * NFS: Alias the nfs module to nfs4
    - LP: #1052005
  * audit: don't free_chunk() after fsnotify_add_mark()
    - LP: #1052005
  * audit: fix refcounting in audit-tree
    - LP: #1052005
  * svcrpc: fix BUG() in svc_tcp_clear_pages
    - LP: #1052005
  * svcrpc: fix svc_xprt_enqueue/svc_recv busy-looping
    - LP: #1052005
  * svcrpc: sends on closed socket should stop immediately
    - LP: #1052005
  * cciss: fix incorrect scsi status reporting
    - LP: #1052005
  * ACPI: export symbol acpi_get_table_with_size
    - LP: #1052005
  * ath9k: fix decrypt_error initialization in ath_rx_tasklet()
    - LP: #1052005
  * PCI: EHCI: Fix crash during hibernation on ASUS computers
    - LP: #1052005
  * block: replace __getblk_slow misfix by grow_dev_page fix
    - LP: #1052005
  * USB: spca506: remove __devinit* from the struct usb_device_id table
    - LP: #1052005
  * USB: p54usb: remove __devinit* from the struct usb_device_id ...

Read more...

Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Oneiric):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Hardy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → Medium
no longer affects: linux-armadaxp (Ubuntu Natty)
no longer affects: linux-ec2 (Ubuntu Natty)
no longer affects: linux-lts-backport-oneiric (Ubuntu Natty)
no longer affects: linux-lts-backport-natty (Ubuntu Natty)
no longer affects: linux-lts-quantal (Ubuntu Natty)
no longer affects: linux-mvl-dove (Ubuntu Natty)
no longer affects: linux-lts-backport-maverick (Ubuntu Natty)
no longer affects: linux (Ubuntu Natty)
no longer affects: linux-fsl-imx51 (Ubuntu Natty)
no longer affects: linux-ti-omap4 (Ubuntu Natty)
Changed in linux-lts-quantal (Ubuntu Raring):
status: New → Invalid
importance: Undecided → Medium
description: updated
Changed in linux-armadaxp (Ubuntu Raring):
status: Fix Released → Invalid
no longer affects: linux-armadaxp (Ubuntu Hardy)
no longer affects: linux-armadaxp (Ubuntu Oneiric)
no longer affects: linux-ec2 (Ubuntu Hardy)
no longer affects: linux-ec2 (Ubuntu Oneiric)
no longer affects: linux-lts-backport-oneiric (Ubuntu Hardy)
no longer affects: linux-lts-backport-oneiric (Ubuntu Oneiric)
no longer affects: linux-lts-backport-natty (Ubuntu Hardy)
no longer affects: linux-lts-backport-natty (Ubuntu Oneiric)
no longer affects: linux-lts-quantal (Ubuntu Hardy)
no longer affects: linux-lts-quantal (Ubuntu Oneiric)
no longer affects: linux-mvl-dove (Ubuntu Hardy)
no longer affects: linux-mvl-dove (Ubuntu Oneiric)
no longer affects: linux-lts-backport-maverick (Ubuntu Hardy)
no longer affects: linux-lts-backport-maverick (Ubuntu Oneiric)
no longer affects: linux (Ubuntu Hardy)
no longer affects: linux (Ubuntu Oneiric)
no longer affects: linux-fsl-imx51 (Ubuntu Hardy)
no longer affects: linux-fsl-imx51 (Ubuntu Oneiric)
no longer affects: linux-ti-omap4 (Ubuntu Hardy)
no longer affects: linux-ti-omap4 (Ubuntu Oneiric)
no longer affects: linux-lts-raring (Ubuntu Hardy)
no longer affects: linux-lts-raring (Ubuntu Oneiric)
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Raring):
status: New → Invalid
importance: Undecided → Medium
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. lucid has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against lucid is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers