Ubuntu

CVE-2012-6545

Reported by John Johansen on 2013-03-18
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Low
Unassigned
Lucid
Low
Luis Henriques
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-armadaxp (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-ec2 (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-fsl-imx51 (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-lts-backport-maverick (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-lts-backport-natty (Ubuntu)
Undecided
Unassigned
Lucid
Undecided
Unassigned
Precise
Undecided
Unassigned
Quantal
Undecided
Unassigned
Raring
Undecided
Unassigned
Saucy
Undecided
Unassigned
linux-lts-backport-oneiric (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-lts-quantal (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-lts-raring (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-mvl-dove (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned
linux-ti-omap4 (Ubuntu)
Low
Unassigned
Lucid
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
Raring
Low
Unassigned
Saucy
Low
Unassigned

Bug Description

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Break-Fix: - 9344a972961d1a6d2c04d9008b13617bcb6ec2ef
Break-Fix: - f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a
Break-Fix: 8f360119243c214eb5c5549c61981d51a276154a 9ad2de43f1aee7e7274a4e0d41465489299e344b

John Johansen (jjohansen) wrote :

CVE-2012-6545

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Fix Released
Changed in linux-armadaxp (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Raring):
status: New → Fix Committed
Changed in linux-armadaxp (Ubuntu Hardy):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Raring):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-lts-quantal (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Quantal):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Raring):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
status: New → Invalid
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Raring):
status: New → Invalid
Changed in linux (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Raring):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: New → Fix Committed
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Raring):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status: New → Invalid
description: updated
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux (Ubuntu Precise):
importance: Undecided → Low
Changed in linux (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux (Ubuntu Raring):
importance: Undecided → Low
Changed in linux (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Raring):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Precise):
status: Fix Committed → Fix Released
description: updated
description: updated
Luis Henriques (henrix) on 2013-03-26
Changed in linux (Ubuntu Lucid):
assignee: nobody → Luis Henriques (henrix)
status: New → In Progress
Changed in linux-armadaxp (Ubuntu Raring):
status: Fix Committed → Invalid
description: updated

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.32-46.108

---------------
linux (2.6.32-46.108) lucid-proposed; urgency=low

  [Steve Conklin]

  * Release Tracking Bug
    - LP: #1167989

  [ John Johansen ]

  * SAUCE: (no-up) apparmor: Fix quieting of audit messages for network
    mediation
    - LP: #1163259

  [ Upstream Kernel Changes ]

  * llc: fix info leak via getsockname()
    - LP: #1156743
    - CVE-2012-6542
  * Bluetooth: L2CAP - Fix info leak via getsockname()
    - LP: #1156751
    - CVE-2012-6544
  * Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER)
    - LP: #1156751
    - CVE-2012-6544
  * Bluetooth: RFCOMM - Fix info leak via getsockname()
    - LP: #1156757
    - CVE-2012-6545
  * Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST)
    - LP: #1156757
    - CVE-2012-6545
  * atm: fix info leak via getsockname()
    - LP: #1156759
    - CVE-2012-6546
  * atm: fix info leak in getsockopt(SO_ATMPVC)
    - LP: #1156759
    - CVE-2012-6546
  * udf: avoid info leak on export
    - LP: #1156768
    - CVE-2012-6548
  * KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME
    (CVE-2013-1796)
    - LP: #1158254
    - CVE-2013-1796
  * Bluetooth: Fix incorrect strncpy() in hidp_setup_hid()
    - LP: #1134503
    - CVE-2013-0349
  * USB: io_ti: Fix NULL dereference in chase_port()
    - LP: #1143817
    - CVE-2013-1774
  * x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.
    - LP: #1143796
    - CVE-2013-0228
 -- Steve Conklin <email address hidden> Thu, 11 Apr 2013 09:56:45 -0500

Changed in linux (Ubuntu Lucid):
status: In Progress → Fix Released
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux (Ubuntu Oneiric):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ec2 - 2.6.32-351.64

---------------
linux-ec2 (2.6.32-351.64) lucid-proposed; urgency=low

  [ Stefan Bader ]

  * Rebased to Ubuntu-2.6.32-46.108
  * Release Tracking Bug
    - LP: #1168185

  [ Ubuntu: 2.6.32-46.108 ]

  * SAUCE: (no-up) apparmor: Fix quieting of audit messages for network
    mediation
    - LP: #1163259
  * llc: fix info leak via getsockname()
    - LP: #1156743
    - CVE-2012-6542
  * Bluetooth: L2CAP - Fix info leak via getsockname()
    - LP: #1156751
    - CVE-2012-6544
  * Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER)
    - LP: #1156751
    - CVE-2012-6544
  * Bluetooth: RFCOMM - Fix info leak via getsockname()
    - LP: #1156757
    - CVE-2012-6545
  * Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST)
    - LP: #1156757
    - CVE-2012-6545
  * atm: fix info leak via getsockname()
    - LP: #1156759
    - CVE-2012-6546
  * atm: fix info leak in getsockopt(SO_ATMPVC)
    - LP: #1156759
    - CVE-2012-6546
  * udf: avoid info leak on export
    - LP: #1156768
    - CVE-2012-6548
  * KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME
    (CVE-2013-1796)
    - LP: #1158254
    - CVE-2013-1796
  * Bluetooth: Fix incorrect strncpy() in hidp_setup_hid()
    - LP: #1134503
    - CVE-2013-0349
  * USB: io_ti: Fix NULL dereference in chase_port()
    - LP: #1143817
    - CVE-2013-1774
  * x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.
    - LP: #1143796
    - CVE-2013-0228
 -- Stefan Bader <email address hidden> Fri, 12 Apr 2013 10:12:13 +0200

Changed in linux-ec2 (Ubuntu Lucid):
status: Fix Committed → Fix Released
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: Fix Committed → Fix Released
no longer affects: linux-armadaxp (Ubuntu Hardy)
no longer affects: linux-armadaxp (Ubuntu Oneiric)
no longer affects: linux-ec2 (Ubuntu Hardy)
no longer affects: linux-ec2 (Ubuntu Oneiric)
no longer affects: linux-lts-backport-oneiric (Ubuntu Hardy)
no longer affects: linux-lts-backport-oneiric (Ubuntu Oneiric)
no longer affects: linux-lts-backport-natty (Ubuntu Hardy)
no longer affects: linux-lts-backport-natty (Ubuntu Oneiric)
no longer affects: linux-lts-quantal (Ubuntu Hardy)
no longer affects: linux-lts-quantal (Ubuntu Oneiric)
no longer affects: linux-mvl-dove (Ubuntu Hardy)
no longer affects: linux-mvl-dove (Ubuntu Oneiric)
no longer affects: linux-lts-backport-maverick (Ubuntu Hardy)
no longer affects: linux-lts-backport-maverick (Ubuntu Oneiric)
no longer affects: linux (Ubuntu Hardy)
no longer affects: linux (Ubuntu Oneiric)
no longer affects: linux-fsl-imx51 (Ubuntu Hardy)
no longer affects: linux-fsl-imx51 (Ubuntu Oneiric)
no longer affects: linux-ti-omap4 (Ubuntu Hardy)
no longer affects: linux-ti-omap4 (Ubuntu Oneiric)
no longer affects: linux-lts-raring (Ubuntu Hardy)
no longer affects: linux-lts-raring (Ubuntu Oneiric)
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Raring):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Raring):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Saucy):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Raring):
status: Fix Committed → Won't Fix
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers