Ubuntu

CVE-2013-1819

Reported by John Johansen on 2013-03-07
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-armadaxp (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-ec2 (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-fsl-imx51 (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-backport-maverick (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-backport-natty (Ubuntu)
Undecided
Unassigned
Lucid
Undecided
Unassigned
Precise
Undecided
Unassigned
Quantal
Undecided
Unassigned
Raring
Undecided
Unassigned
Saucy
Undecided
Unassigned
linux-lts-backport-oneiric (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-quantal (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-lts-raring (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-mvl-dove (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Medium
Unassigned
Lucid
Medium
Unassigned
Precise
Medium
Unassigned
Quantal
Medium
Unassigned
Raring
Medium
Unassigned
Saucy
Medium
Unassigned

Bug Description

The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map.

Break-Fix: 74f75a0cb7033918eb0fa4a50df25091ac75c16e eb178619f930fa2ba2348de332a1ff1c66a31424

John Johansen (jjohansen) wrote :

CVE-2013-1819

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-armadaxp (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Raring):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Quantal):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Raring):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Raring):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status: New → Invalid
description: updated
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Raring):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance: Undecided → Medium
Changed in linux (Ubuntu Raring):
status: New → Fix Committed
description: updated
Changed in linux-armadaxp (Ubuntu Raring):
status: New → Invalid
no longer affects: linux-armadaxp (Ubuntu Hardy)
no longer affects: linux-armadaxp (Ubuntu Oneiric)
no longer affects: linux-ec2 (Ubuntu Hardy)
no longer affects: linux-ec2 (Ubuntu Oneiric)
no longer affects: linux-lts-backport-oneiric (Ubuntu Hardy)
no longer affects: linux-lts-backport-oneiric (Ubuntu Oneiric)
no longer affects: linux-lts-backport-natty (Ubuntu Hardy)
no longer affects: linux-lts-backport-natty (Ubuntu Oneiric)
no longer affects: linux-lts-quantal (Ubuntu Hardy)
no longer affects: linux-lts-quantal (Ubuntu Oneiric)
no longer affects: linux-mvl-dove (Ubuntu Hardy)
no longer affects: linux-mvl-dove (Ubuntu Oneiric)
no longer affects: linux-lts-backport-maverick (Ubuntu Hardy)
no longer affects: linux-lts-backport-maverick (Ubuntu Oneiric)
no longer affects: linux (Ubuntu Hardy)
no longer affects: linux (Ubuntu Oneiric)
no longer affects: linux-fsl-imx51 (Ubuntu Hardy)
no longer affects: linux-fsl-imx51 (Ubuntu Oneiric)
no longer affects: linux-ti-omap4 (Ubuntu Hardy)
no longer affects: linux-ti-omap4 (Ubuntu Oneiric)
no longer affects: linux-lts-raring (Ubuntu Hardy)
no longer affects: linux-lts-raring (Ubuntu Oneiric)
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Raring):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Saucy):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Saucy):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Raring):
status: New → Fix Committed
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Invalid
Changed in linux (Ubuntu Lucid):
status: New → Invalid
description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.2.0-54.82

---------------
linux (3.2.0-54.82) precise; urgency=low

  [Steve Conklin]

  * Release Tracking Bug
    - LP: #1223490

  [ Upstream Kernel Changes ]

  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path"
    - LP: #1215513
  * x86 thermal: Delete power-limit-notification console messages
    - LP: #1215748
  * x86 thermal: Disable power limit notification interrupt by default
    - LP: #1215748
  * ARM: 7810/1: perf: Fix array out of bounds access in
    armpmu_map_hw_event()
    - LP: #1216442
    - CVE-2013-4254
  * ARM: 7809/1: perf: fix event validation for software group leaders
    - LP: #1216442
    - CVE-2013-4254
  * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
    - LP: #1151527
    - CVE-2013-1819
  * cifs: don't instantiate new dentries in readdir for inodes that need to
    be revalidated immediately
    - LP: #1222442
 -- Steve Conklin <email address hidden> Tue, 10 Sep 2013 12:54:53 -0500

Changed in linux (Ubuntu Precise):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-armadaxp - 3.2.0-1625.37

---------------
linux-armadaxp (3.2.0-1625.37) precise-proposed; urgency=low

  [ Ike Panhc ]

  * Release Tracking Bug
    - LP: #1223609
  * Rebase onto Ubuntu-3.2.0-54.82

  [ Ubuntu: 3.2.0-54.82 ]

  * Release Tracking Bug
    - LP: #1223490
  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path"
    - LP: #1215513
  * x86 thermal: Delete power-limit-notification console messages
    - LP: #1215748
  * x86 thermal: Disable power limit notification interrupt by default
    - LP: #1215748
  * ARM: 7810/1: perf: Fix array out of bounds access in
    armpmu_map_hw_event()
    - LP: #1216442
    - CVE-2013-4254
  * ARM: 7809/1: perf: fix event validation for software group leaders
    - LP: #1216442
    - CVE-2013-4254
  * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
    - LP: #1151527
    - CVE-2013-1819
  * cifs: don't instantiate new dentries in readdir for inodes that need to
    be revalidated immediately
    - LP: #1222442
 -- Ike Panhc <email address hidden> Wed, 11 Sep 2013 14:16:27 +0800

Changed in linux-armadaxp (Ubuntu Precise):
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ti-omap4 - 3.2.0-1438.57

---------------
linux-ti-omap4 (3.2.0-1438.57) precise; urgency=low

  * Release Tracking Bug
    - LP: #1223607

  [ Paolo Pisati ]

  * rebased on Ubuntu-3.2.0-54.82

  [ Ubuntu: 3.2.0-54.82 ]

  * Release Tracking Bug
    - LP: #1223490
  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path"
    - LP: #1215513
  * x86 thermal: Delete power-limit-notification console messages
    - LP: #1215748
  * x86 thermal: Disable power limit notification interrupt by default
    - LP: #1215748
  * ARM: 7810/1: perf: Fix array out of bounds access in
    armpmu_map_hw_event()
    - LP: #1216442
    - CVE-2013-4254
  * ARM: 7809/1: perf: fix event validation for software group leaders
    - LP: #1216442
    - CVE-2013-4254
  * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
    - LP: #1151527
    - CVE-2013-1819
  * cifs: don't instantiate new dentries in readdir for inodes that need to
    be revalidated immediately
    - LP: #1222442
 -- Paolo Pisati <email address hidden> Mon, 16 Sep 2013 18:33:05 +0200

Changed in linux-ti-omap4 (Ubuntu Precise):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (5.7 KiB)

This bug was fixed in the package linux-lts-quantal - 3.5.0-41.64~precise1

---------------
linux-lts-quantal (3.5.0-41.64~precise1) precise; urgency=low

  [Brad Figg]

  * Release Tracking Bug
    - LP: #1224120

  [ Upstream Kernel Changes ]

  * kernel-doc: bugfix - multi-line macros
    - LP: #1223920
  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path"
    - LP: #1215513
  * x86 thermal: Delete power-limit-notification console messages
    - LP: #1215748
  * x86 thermal: Disable power limit notification interrupt by default
    - LP: #1215748
  * ARM: 7810/1: perf: Fix array out of bounds access in
    armpmu_map_hw_event()
    - LP: #1216442
    - CVE-2013-4254
  * ARM: 7809/1: perf: fix event validation for software group leaders
    - LP: #1216442
    - CVE-2013-4254
  * veth: reduce stat overhead
    - LP: #1201869
  * veth: extend device features
    - LP: #1201869
  * veth: avoid a NULL deref in veth_stats_one
    - LP: #1201869
  * veth: fix a NULL deref in netif_carrier_off
    - LP: #1201869
  * veth: fix NULL dereference in veth_dellink()
    - LP: #1201869
  * Bluetooth: Add support for Atheros [0cf3:3121]
    - LP: #1202477
  * efivars: explicitly calculate length of VariableName
    - LP: #1217745
  * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
    - LP: #1151527
    - CVE-2013-1819
  * drm/i915/lvds: ditch ->prepare special case
    - LP: #1221791
  * serial: mxs: fix buffer overflow
    - LP: #1221791
  * fs/proc/task_mmu.c: fix buffer overflow in add_page_map()
    - LP: #1221791
  * af_key: initialize satype in key_notify_policy_flush()
    - LP: #1221791
  * vm: add no-mmu vm_iomap_memory() stub
    - LP: #1221791
  * iwl4965: set power mode early
    - LP: #1221791
  * iwl4965: reset firmware after rfkill off
    - LP: #1221791
  * ASoC: cs42l52: Reorder Min/Max and update to SX_TLV for Beep Volume
    - LP: #1221791
  * can: pcan_usb: fix wrong memcpy() bytes length
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (pcm)
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (midi)
    - LP: #1221791
  * jbd2: Fix use after free after error in jbd2_journal_dirty_metadata()
    - LP: #1221791
  * USB-Serial: Fix error handling of usb_wwan
    - LP: #1221791
  * USB: mos7840: fix big-endian probe
    - LP: #1221791
  * USB: adutux: fix big-endian device-type reporting
    - LP: #1221791
  * USB: ti_usb_3410_5052: fix big-endian firmware handling
    - LP: #1221791
  * m68k/atari: ARAnyM - Fix NatFeat module support
    - LP: #1221791
  * m68k: Truncate base in do_div()
    - LP: #1221791
  * usb: add two quirky touchscreen
    - LP: #1221791
  * USB: mos7720: fix broken control requests
    - LP: #1221791
  * USB: keyspan: fix null-deref at disconnect and release
    - LP: #1221791
  * MIPS: Expose missing pci_io{map,unmap} declarations
    - LP: #1221791
  * microblaze: Update microblaze defconfigs
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS correctly
    - LP: #1221791
  * alpha: makefile: don't enforce small data model for kernel builds
    - LP: #1221791
  * MIPS: Rewrite ...

Read more...

Changed in linux-lts-quantal (Ubuntu Precise):
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (5.7 KiB)

This bug was fixed in the package linux - 3.5.0-41.64

---------------
linux (3.5.0-41.64) quantal; urgency=low

  [Brad Figg]

  * Release Tracking Bug
    - LP: #1223451

  [ Upstream Kernel Changes ]

  * kernel-doc: bugfix - multi-line macros
    - LP: #1223920
  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path"
    - LP: #1215513
  * x86 thermal: Delete power-limit-notification console messages
    - LP: #1215748
  * x86 thermal: Disable power limit notification interrupt by default
    - LP: #1215748
  * ARM: 7810/1: perf: Fix array out of bounds access in
    armpmu_map_hw_event()
    - LP: #1216442
    - CVE-2013-4254
  * ARM: 7809/1: perf: fix event validation for software group leaders
    - LP: #1216442
    - CVE-2013-4254
  * veth: reduce stat overhead
    - LP: #1201869
  * veth: extend device features
    - LP: #1201869
  * veth: avoid a NULL deref in veth_stats_one
    - LP: #1201869
  * veth: fix a NULL deref in netif_carrier_off
    - LP: #1201869
  * veth: fix NULL dereference in veth_dellink()
    - LP: #1201869
  * Bluetooth: Add support for Atheros [0cf3:3121]
    - LP: #1202477
  * efivars: explicitly calculate length of VariableName
    - LP: #1217745
  * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
    - LP: #1151527
    - CVE-2013-1819
  * drm/i915/lvds: ditch ->prepare special case
    - LP: #1221791
  * serial: mxs: fix buffer overflow
    - LP: #1221791
  * fs/proc/task_mmu.c: fix buffer overflow in add_page_map()
    - LP: #1221791
  * af_key: initialize satype in key_notify_policy_flush()
    - LP: #1221791
  * vm: add no-mmu vm_iomap_memory() stub
    - LP: #1221791
  * iwl4965: set power mode early
    - LP: #1221791
  * iwl4965: reset firmware after rfkill off
    - LP: #1221791
  * ASoC: cs42l52: Reorder Min/Max and update to SX_TLV for Beep Volume
    - LP: #1221791
  * can: pcan_usb: fix wrong memcpy() bytes length
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (pcm)
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (midi)
    - LP: #1221791
  * jbd2: Fix use after free after error in jbd2_journal_dirty_metadata()
    - LP: #1221791
  * USB-Serial: Fix error handling of usb_wwan
    - LP: #1221791
  * USB: mos7840: fix big-endian probe
    - LP: #1221791
  * USB: adutux: fix big-endian device-type reporting
    - LP: #1221791
  * USB: ti_usb_3410_5052: fix big-endian firmware handling
    - LP: #1221791
  * m68k/atari: ARAnyM - Fix NatFeat module support
    - LP: #1221791
  * m68k: Truncate base in do_div()
    - LP: #1221791
  * usb: add two quirky touchscreen
    - LP: #1221791
  * USB: mos7720: fix broken control requests
    - LP: #1221791
  * USB: keyspan: fix null-deref at disconnect and release
    - LP: #1221791
  * MIPS: Expose missing pci_io{map,unmap} declarations
    - LP: #1221791
  * microblaze: Update microblaze defconfigs
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS correctly
    - LP: #1221791
  * alpha: makefile: don't enforce small data model for kernel builds
    - LP: #1221791
  * MIPS: Rewrite pfn_valid to work in modules, too.
    - L...

Read more...

Changed in linux (Ubuntu Quantal):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (5.8 KiB)

This bug was fixed in the package linux-ti-omap4 - 3.5.0-233.49

---------------
linux-ti-omap4 (3.5.0-233.49) quantal; urgency=low

  * Release Tracking Bug
    - LP: #1224116

  [ Paolo Pisati ]

  * rebased on Ubuntu-3.5.0-41.64

  [ Ubuntu: 3.5.0-41.64 ]

  * Release Tracking Bug
    - LP: #1223451
  * kernel-doc: bugfix - multi-line macros
    - LP: #1223920
  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path"
    - LP: #1215513
  * x86 thermal: Delete power-limit-notification console messages
    - LP: #1215748
  * x86 thermal: Disable power limit notification interrupt by default
    - LP: #1215748
  * ARM: 7810/1: perf: Fix array out of bounds access in
    armpmu_map_hw_event()
    - LP: #1216442
    - CVE-2013-4254
  * ARM: 7809/1: perf: fix event validation for software group leaders
    - LP: #1216442
    - CVE-2013-4254
  * veth: reduce stat overhead
    - LP: #1201869
  * veth: extend device features
    - LP: #1201869
  * veth: avoid a NULL deref in veth_stats_one
    - LP: #1201869
  * veth: fix a NULL deref in netif_carrier_off
    - LP: #1201869
  * veth: fix NULL dereference in veth_dellink()
    - LP: #1201869
  * Bluetooth: Add support for Atheros [0cf3:3121]
    - LP: #1202477
  * efivars: explicitly calculate length of VariableName
    - LP: #1217745
  * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
    - LP: #1151527
    - CVE-2013-1819
  * drm/i915/lvds: ditch ->prepare special case
    - LP: #1221791
  * serial: mxs: fix buffer overflow
    - LP: #1221791
  * fs/proc/task_mmu.c: fix buffer overflow in add_page_map()
    - LP: #1221791
  * af_key: initialize satype in key_notify_policy_flush()
    - LP: #1221791
  * vm: add no-mmu vm_iomap_memory() stub
    - LP: #1221791
  * iwl4965: set power mode early
    - LP: #1221791
  * iwl4965: reset firmware after rfkill off
    - LP: #1221791
  * ASoC: cs42l52: Reorder Min/Max and update to SX_TLV for Beep Volume
    - LP: #1221791
  * can: pcan_usb: fix wrong memcpy() bytes length
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (pcm)
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (midi)
    - LP: #1221791
  * jbd2: Fix use after free after error in jbd2_journal_dirty_metadata()
    - LP: #1221791
  * USB-Serial: Fix error handling of usb_wwan
    - LP: #1221791
  * USB: mos7840: fix big-endian probe
    - LP: #1221791
  * USB: adutux: fix big-endian device-type reporting
    - LP: #1221791
  * USB: ti_usb_3410_5052: fix big-endian firmware handling
    - LP: #1221791
  * m68k/atari: ARAnyM - Fix NatFeat module support
    - LP: #1221791
  * m68k: Truncate base in do_div()
    - LP: #1221791
  * usb: add two quirky touchscreen
    - LP: #1221791
  * USB: mos7720: fix broken control requests
    - LP: #1221791
  * USB: keyspan: fix null-deref at disconnect and release
    - LP: #1221791
  * MIPS: Expose missing pci_io{map,unmap} declarations
    - LP: #1221791
  * microblaze: Update microblaze defconfigs
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS correctly
    - LP: #1221791
  * alpha: makefile: don't enforce small data mod...

Read more...

Changed in linux-ti-omap4 (Ubuntu Quantal):
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (5.8 KiB)

This bug was fixed in the package linux-armadaxp - 3.5.0-1622.30

---------------
linux-armadaxp (3.5.0-1622.30) quantal-proposed; urgency=low

  [ Ike Panhc ]

  * Release Tracking Bug
    - LP: #1224117
  * Rebase onto Ubuntu-3.5.0-41.64

  [ Ubuntu: 3.5.0-41.64 ]

  * Release Tracking Bug
    - LP: #1223451
  * kernel-doc: bugfix - multi-line macros
    - LP: #1223920
  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path"
    - LP: #1215513
  * x86 thermal: Delete power-limit-notification console messages
    - LP: #1215748
  * x86 thermal: Disable power limit notification interrupt by default
    - LP: #1215748
  * ARM: 7810/1: perf: Fix array out of bounds access in
    armpmu_map_hw_event()
    - LP: #1216442
    - CVE-2013-4254
  * ARM: 7809/1: perf: fix event validation for software group leaders
    - LP: #1216442
    - CVE-2013-4254
  * veth: reduce stat overhead
    - LP: #1201869
  * veth: extend device features
    - LP: #1201869
  * veth: avoid a NULL deref in veth_stats_one
    - LP: #1201869
  * veth: fix a NULL deref in netif_carrier_off
    - LP: #1201869
  * veth: fix NULL dereference in veth_dellink()
    - LP: #1201869
  * Bluetooth: Add support for Atheros [0cf3:3121]
    - LP: #1202477
  * efivars: explicitly calculate length of VariableName
    - LP: #1217745
  * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
    - LP: #1151527
    - CVE-2013-1819
  * drm/i915/lvds: ditch ->prepare special case
    - LP: #1221791
  * serial: mxs: fix buffer overflow
    - LP: #1221791
  * fs/proc/task_mmu.c: fix buffer overflow in add_page_map()
    - LP: #1221791
  * af_key: initialize satype in key_notify_policy_flush()
    - LP: #1221791
  * vm: add no-mmu vm_iomap_memory() stub
    - LP: #1221791
  * iwl4965: set power mode early
    - LP: #1221791
  * iwl4965: reset firmware after rfkill off
    - LP: #1221791
  * ASoC: cs42l52: Reorder Min/Max and update to SX_TLV for Beep Volume
    - LP: #1221791
  * can: pcan_usb: fix wrong memcpy() bytes length
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (pcm)
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (midi)
    - LP: #1221791
  * jbd2: Fix use after free after error in jbd2_journal_dirty_metadata()
    - LP: #1221791
  * USB-Serial: Fix error handling of usb_wwan
    - LP: #1221791
  * USB: mos7840: fix big-endian probe
    - LP: #1221791
  * USB: adutux: fix big-endian device-type reporting
    - LP: #1221791
  * USB: ti_usb_3410_5052: fix big-endian firmware handling
    - LP: #1221791
  * m68k/atari: ARAnyM - Fix NatFeat module support
    - LP: #1221791
  * m68k: Truncate base in do_div()
    - LP: #1221791
  * usb: add two quirky touchscreen
    - LP: #1221791
  * USB: mos7720: fix broken control requests
    - LP: #1221791
  * USB: keyspan: fix null-deref at disconnect and release
    - LP: #1221791
  * MIPS: Expose missing pci_io{map,unmap} declarations
    - LP: #1221791
  * microblaze: Update microblaze defconfigs
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS correctly
    - LP: #1221791
  * alpha: makefile: don't enforce small ...

Read more...

Changed in linux-armadaxp (Ubuntu Quantal):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (5.8 KiB)

This bug was fixed in the package linux-ti-omap4 - 3.5.0-233.49

---------------
linux-ti-omap4 (3.5.0-233.49) quantal; urgency=low

  * Release Tracking Bug
    - LP: #1224116

  [ Paolo Pisati ]

  * rebased on Ubuntu-3.5.0-41.64

  [ Ubuntu: 3.5.0-41.64 ]

  * Release Tracking Bug
    - LP: #1223451
  * kernel-doc: bugfix - multi-line macros
    - LP: #1223920
  * Revert "zram: use zram->lock to protect zram_free_page() in swap free
    notify path"
    - LP: #1215513
  * x86 thermal: Delete power-limit-notification console messages
    - LP: #1215748
  * x86 thermal: Disable power limit notification interrupt by default
    - LP: #1215748
  * ARM: 7810/1: perf: Fix array out of bounds access in
    armpmu_map_hw_event()
    - LP: #1216442
    - CVE-2013-4254
  * ARM: 7809/1: perf: fix event validation for software group leaders
    - LP: #1216442
    - CVE-2013-4254
  * veth: reduce stat overhead
    - LP: #1201869
  * veth: extend device features
    - LP: #1201869
  * veth: avoid a NULL deref in veth_stats_one
    - LP: #1201869
  * veth: fix a NULL deref in netif_carrier_off
    - LP: #1201869
  * veth: fix NULL dereference in veth_dellink()
    - LP: #1201869
  * Bluetooth: Add support for Atheros [0cf3:3121]
    - LP: #1202477
  * efivars: explicitly calculate length of VariableName
    - LP: #1217745
  * xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
    - LP: #1151527
    - CVE-2013-1819
  * drm/i915/lvds: ditch ->prepare special case
    - LP: #1221791
  * serial: mxs: fix buffer overflow
    - LP: #1221791
  * fs/proc/task_mmu.c: fix buffer overflow in add_page_map()
    - LP: #1221791
  * af_key: initialize satype in key_notify_policy_flush()
    - LP: #1221791
  * vm: add no-mmu vm_iomap_memory() stub
    - LP: #1221791
  * iwl4965: set power mode early
    - LP: #1221791
  * iwl4965: reset firmware after rfkill off
    - LP: #1221791
  * ASoC: cs42l52: Reorder Min/Max and update to SX_TLV for Beep Volume
    - LP: #1221791
  * can: pcan_usb: fix wrong memcpy() bytes length
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (pcm)
    - LP: #1221791
  * ALSA: 6fire: make buffers DMA-able (midi)
    - LP: #1221791
  * jbd2: Fix use after free after error in jbd2_journal_dirty_metadata()
    - LP: #1221791
  * USB-Serial: Fix error handling of usb_wwan
    - LP: #1221791
  * USB: mos7840: fix big-endian probe
    - LP: #1221791
  * USB: adutux: fix big-endian device-type reporting
    - LP: #1221791
  * USB: ti_usb_3410_5052: fix big-endian firmware handling
    - LP: #1221791
  * m68k/atari: ARAnyM - Fix NatFeat module support
    - LP: #1221791
  * m68k: Truncate base in do_div()
    - LP: #1221791
  * usb: add two quirky touchscreen
    - LP: #1221791
  * USB: mos7720: fix broken control requests
    - LP: #1221791
  * USB: keyspan: fix null-deref at disconnect and release
    - LP: #1221791
  * MIPS: Expose missing pci_io{map,unmap} declarations
    - LP: #1221791
  * microblaze: Update microblaze defconfigs
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS
    - LP: #1221791
  * sound: Fix make allmodconfig on MIPS correctly
    - LP: #1221791
  * alpha: makefile: don't enforce small data mod...

Read more...

Changed in linux-ti-omap4 (Ubuntu Raring):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Saucy):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Raring):
status: Fix Committed → Won't Fix
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers