Ubuntu

Overview
Code
Bugs
Blueprints
Translations
Answers

CVE-2012-6546

Reported by John Johansen on 2013-03-18

256

This bug affects 1 person

	Status	Importance	Assigned to
linux (Ubuntu)	Invalid	Low	Unassigned
Lucid	Fix Released	Low	Luis Henriques
Precise	Fix Released	Low	Unassigned
Quantal	Fix Committed	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-armadaxp (Ubuntu)	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Precise	Fix Released	Low	Unassigned
Quantal	Invalid	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-ec2 (Ubuntu)	Invalid	Low	Unassigned
Lucid	Fix Released	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-fsl-imx51 (Ubuntu)	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-lts-backport-maverick (Ubuntu)	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-lts-backport-natty (Ubuntu)	Invalid	Undecided	Unassigned
Lucid	Won't Fix	Undecided	Unassigned
Precise	Invalid	Undecided	Unassigned
Quantal	Invalid	Undecided	Unassigned
Raring	Invalid	Undecided	Unassigned
Saucy	Invalid	Undecided	Unassigned
linux-lts-backport-oneiric (Ubuntu)	Invalid	Low	Unassigned
Lucid	Fix Released	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-lts-quantal (Ubuntu)	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Precise	Fix Committed	Low	Unassigned
Quantal	Invalid	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-lts-raring (Ubuntu)	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-mvl-dove (Ubuntu)	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
Raring	Invalid	Low	Unassigned
Saucy	Invalid	Low	Unassigned
linux-ti-omap4 (Ubuntu)	Fix Committed	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Precise	Fix Released	Low	Unassigned
Quantal	Fix Committed	Low	Unassigned
Raring	Fix Committed	Low	Unassigned
Saucy	Fix Committed	Low	Unassigned

(?)

Bug Description

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Break-Fix: - 3c0c5cfdcd4d69ffc4b9c0907cec99039f30a50a
Break-Fix: - e862f1a9b7df4e8196ebec45ac62295138aa3fc2

See original description

Tags: Edit Tag help

Related branches

lp:ubuntu/lucid-proposed/linux-ec2

CVE References

John Johansen (jjohansen) wrote on 2013-03-18:

CVE-2012-6546

tags:	added: kernel-cve-tracking-bug
information type:	Public → Public Security
Changed in linux-armadaxp (Ubuntu Precise):
status:	New → Fix Released
Changed in linux-armadaxp (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-armadaxp (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-armadaxp (Ubuntu Raring):
status:	New → Fix Committed
Changed in linux-armadaxp (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-armadaxp (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Raring):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status:	New → Fix Committed
Changed in linux-lts-backport-oneiric (Ubuntu Raring):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-lts-quantal (Ubuntu Precise):
status:	New → Fix Committed
Changed in linux-lts-quantal (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-quantal (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-lts-quantal (Ubuntu Raring):
status:	New → Invalid
Changed in linux-lts-quantal (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-quantal (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Raring):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Raring):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
status:	New → Invalid
Changed in linux (Ubuntu Precise):
status:	New → Fix Committed
Changed in linux (Ubuntu Oneiric):
status:	New → Fix Committed
Changed in linux (Ubuntu Raring):
status:	New → Invalid
Changed in linux (Ubuntu Quantal):
status:	New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Precise):
status:	New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status:	New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Raring):
status:	New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Quantal):
status:	New → Fix Committed
Changed in linux-fsl-imx51 (Ubuntu Precise):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Raring):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status:	New → Invalid
description:	updated
Changed in linux-armadaxp (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Raring):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Raring):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Raring):
importance:	Undecided → Low

John Johansen (jjohansen) on 2013-03-18

Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-lts-quantal (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-lts-quantal (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-quantal (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-lts-quantal (Ubuntu Raring):
importance:	Undecided → Low
Changed in linux-lts-quantal (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-quantal (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Lucid):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Raring):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Raring):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux (Ubuntu Raring):
importance:	Undecided → Low
Changed in linux (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Raring):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Raring):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance:	Undecided → Low

John Johansen (jjohansen) on 2013-03-20

Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status:	Fix Committed → Fix Released
Changed in linux (Ubuntu Precise):
status:	Fix Committed → Fix Released
Changed in linux (Ubuntu Oneiric):
status:	Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Precise):
status:	Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status:	Fix Committed → Fix Released

John Johansen (jjohansen) on 2013-03-21

description:

updated

Luis Henriques (henrix) on 2013-03-26

Changed in linux (Ubuntu Lucid):
assignee:	nobody → Luis Henriques (henrix)
status:	New → In Progress

John Johansen (jjohansen) on 2013-03-27

Changed in linux-ec2 (Ubuntu Lucid):
status:	New → Fix Committed
Changed in linux (Ubuntu Lucid):
status:	In Progress → Fix Committed

John Johansen (jjohansen) on 2013-04-09

Changed in linux-armadaxp (Ubuntu Raring):
status:	Fix Committed → Invalid

Adam Conrad (adconrad) wrote on 2013-04-18: Update Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Launchpad Janitor (janitor) wrote on 2013-04-18:

This bug was fixed in the package linux - 2.6.32-46.108

---------------
linux (2.6.32-46.108) lucid-proposed; urgency=low

[Steve Conklin]

* Release Tracking Bug
- LP: #1167989

[ John Johansen ]

  * SAUCE: (no-up) apparmor: Fix quieting of audit messages for network
    mediation
    - LP: #1163259

[ Upstream Kernel Changes ]

  * llc: fix info leak via getsockname()
    - LP: #1156743
    - CVE-2012-6542
  * Bluetooth: L2CAP - Fix info leak via getsockname()
    - LP: #1156751
    - CVE-2012-6544
  * Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER)
    - LP: #1156751
    - CVE-2012-6544
  * Bluetooth: RFCOMM - Fix info leak via getsockname()
    - LP: #1156757
    - CVE-2012-6545
  * Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST)
    - LP: #1156757
    - CVE-2012-6545
  * atm: fix info leak via getsockname()
    - LP: #1156759
    - CVE-2012-6546
  * atm: fix info leak in getsockopt(SO_ATMPVC)
    - LP: #1156759
    - CVE-2012-6546
  * udf: avoid info leak on export
    - LP: #1156768
    - CVE-2012-6548
  * KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME
    (CVE-2013-1796)
    - LP: #1158254
    - CVE-2013-1796
  * Bluetooth: Fix incorrect strncpy() in hidp_setup_hid()
    - LP: #1134503
    - CVE-2013-0349
  * USB: io_ti: Fix NULL dereference in chase_port()
    - LP: #1143817
    - CVE-2013-1774
  * x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.
    - LP: #1143796
    - CVE-2013-0228
-- Steve Conklin <email address hidden> Thu, 11 Apr 2013 09:56:45 -0500

Changed in linux (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Launchpad Janitor (janitor) wrote on 2013-04-24:

This bug was fixed in the package linux-ec2 - 2.6.32-351.64

---------------
linux-ec2 (2.6.32-351.64) lucid-proposed; urgency=low

[ Stefan Bader ]

  * Rebased to Ubuntu-2.6.32-46.108
  * Release Tracking Bug
    - LP: #1168185

[ Ubuntu: 2.6.32-46.108 ]

  * SAUCE: (no-up) apparmor: Fix quieting of audit messages for network
    mediation
    - LP: #1163259
  * llc: fix info leak via getsockname()
    - LP: #1156743
    - CVE-2012-6542
  * Bluetooth: L2CAP - Fix info leak via getsockname()
    - LP: #1156751
    - CVE-2012-6544
  * Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER)
    - LP: #1156751
    - CVE-2012-6544
  * Bluetooth: RFCOMM - Fix info leak via getsockname()
    - LP: #1156757
    - CVE-2012-6545
  * Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST)
    - LP: #1156757
    - CVE-2012-6545
  * atm: fix info leak via getsockname()
    - LP: #1156759
    - CVE-2012-6546
  * atm: fix info leak in getsockopt(SO_ATMPVC)
    - LP: #1156759
    - CVE-2012-6546
  * udf: avoid info leak on export
    - LP: #1156768
    - CVE-2012-6548
  * KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME
    (CVE-2013-1796)
    - LP: #1158254
    - CVE-2013-1796
  * Bluetooth: Fix incorrect strncpy() in hidp_setup_hid()
    - LP: #1134503
    - CVE-2013-0349
  * USB: io_ti: Fix NULL dereference in chase_port()
    - LP: #1143817
    - CVE-2013-1774
  * x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.
    - LP: #1143796
    - CVE-2013-0228
-- Stefan Bader <email address hidden> Fri, 12 Apr 2013 10:12:13 +0200

Changed in linux-ec2 (Ubuntu Lucid):
status:	Fix Committed → Fix Released

John Johansen (jjohansen) on 2013-05-10

no longer affects:	linux-armadaxp (Ubuntu Hardy)
no longer affects:	linux-armadaxp (Ubuntu Oneiric)
no longer affects:	linux-ec2 (Ubuntu Hardy)
no longer affects:	linux-ec2 (Ubuntu Oneiric)
no longer affects:	linux-lts-backport-oneiric (Ubuntu Hardy)
no longer affects:	linux-lts-backport-oneiric (Ubuntu Oneiric)
no longer affects:	linux-lts-backport-natty (Ubuntu Hardy)
no longer affects:	linux-lts-backport-natty (Ubuntu Oneiric)
no longer affects:	linux-lts-quantal (Ubuntu Hardy)
no longer affects:	linux-lts-quantal (Ubuntu Oneiric)
no longer affects:	linux-mvl-dove (Ubuntu Hardy)
no longer affects:	linux-mvl-dove (Ubuntu Oneiric)
no longer affects:	linux-lts-backport-maverick (Ubuntu Hardy)
no longer affects:	linux-lts-backport-maverick (Ubuntu Oneiric)
no longer affects:	linux (Ubuntu Hardy)
no longer affects:	linux (Ubuntu Oneiric)
no longer affects:	linux-fsl-imx51 (Ubuntu Hardy)
no longer affects:	linux-fsl-imx51 (Ubuntu Oneiric)
no longer affects:	linux-ti-omap4 (Ubuntu Hardy)
no longer affects:	linux-ti-omap4 (Ubuntu Oneiric)
no longer affects:	linux-lts-raring (Ubuntu Hardy)
no longer affects:	linux-lts-raring (Ubuntu Oneiric)
Changed in linux-lts-raring (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-raring (Ubuntu Lucid):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-raring (Ubuntu Saucy):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-raring (Ubuntu Quantal):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-raring (Ubuntu Raring):
status:	New → Invalid
importance:	Undecided → Low

Jamie Strandboge (jdstrand) on 2013-05-22

Changed in linux-lts-backport-natty (Ubuntu Lucid):
status:	New → Won't Fix

Jamie Strandboge (jdstrand) on 2013-05-22

Changed in linux-lts-backport-natty (Ubuntu Precise):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Raring):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Saucy):
status:	New → Invalid

Report a bug

This report contains Public Security information Edit

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers