CVE-2010-3699
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| linux (Ubuntu) |
Undecided
|
Unassigned | ||
| Hardy |
Undecided
|
Tim Gardner | ||
| Natty |
Undecided
|
Unassigned |
Bug Description
Excerpted from http://
"A flaw was found in the Xenbus code for the unified block-device I/O
interface back end. A privileged guest user could use this flaw to cause a
denial of service on the host system running the Xen hypervisor."
summary: |
- CVE-2010-4079 + CVE-2010-3699 |
visibility: | private → public |
Jeremy Foshee (jeremyfoshee) wrote : | #1 |
tags: | added: needs-kernel-logs |
tags: | added: needs-upstream-testing |
tags: | added: kj-triage |
Changed in linux (Ubuntu): | |
status: | New → Incomplete |
Changed in linux (Ubuntu Hardy): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
status: | New → In Progress |
Changed in linux (Ubuntu Natty): | |
status: | Incomplete → Invalid |
Changed in linux (Ubuntu Hardy): | |
status: | In Progress → Fix Committed |
tags: |
added: kernel-cve-tracker removed: kj-triage needs-kernel-logs needs-upstream-testing |
Launchpad Janitor (janitor) wrote : | #2 |
This bug was fixed in the package linux - 2.6.24-28.86
---------------
linux (2.6.24-28.86) hardy-proposed; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #716166
[Tim Gardner]
* xen unified block-device I/O interface back end can orphan devices,
CVE-2010-3699
- LP: #708019
- CVE-2010-3699
[Upstream Kernel Changes]
* Hardy SRU: thinkpad-acpi: lock down video output state access,
CVE-2010-3448
- LP: #706999
- CVE-2010-3448
* net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859
- LP: #711855, #708839
- CVE-2010-4160
* net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859
- LP: #711855, #708839
- CVE-2010-4160
* net: ax25: fix information leak to userland, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: ax25: fix information leak to userland harder, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* memory corruption in X.25 facilities parsing, CVE-2010-3873
- LP: #709372
- CVE-2010-3873
* net: packet: fix information leak to userland, CVE-2010-3876
- LP: #710714
- CVE-2010-3876
* net: tipc: fix information leak to userland, CVE-2010-3877
- LP: #711291
- CVE-2010-3877
* KVM: VMX: fix vmx null pointer dereference on debug register access,
CVE-2010-0435
- LP: #712615
- CVE-2010-0435
* gdth: integer overflow in ioctl, CVE-2010-4157
- LP: #711797
- CVE-2010-4157
* posix-cpu-timers: workaround to suppress the problems with mt exec,
CVE-2010-4248
- LP: #712609
- CVE-2010-4248
* ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory,
CVE-2010-4080, CVE-2010-4081
- LP: #712723, #712737
- CVE-2010-4081
* sys_semctl: fix kernel stack leakage, CVE-2010-4083
- LP: #712749
- CVE-2010-4083
* inet_diag: Make sure we actually run the same bytecode we audited,
CVE-2010-3880
- LP: #711865
- CVE-2010-3880
linux (2.6.24-28.85) hardy-proposed; urgency=low
[ Brad Figg ]
* Tracking Bug
- LP: #708315
[Upstream Kernel Changes]
* ata_piix: IDE mode SATA patch for Intel ICH10 DeviceID's
- LP: #693401
* USB: serial/mos*: prevent reading uninitialized stack memory,
CVE-2010-4074
- LP: #706149
- CVE-2010-4074
* KVM: Fix fs/gs reload oops with invalid ldt
- LP: #707000
- CVE-2010-3698
* drivers/
memory, CVE-2010-4078
- LP: #707579
- CVE-2010-4078
* V4L/DVB: ivtvfb: prevent reading uninitialized stack memory,
CVE-2010-4079
- LP: #707649
- CVE-2010-4079
linux (2.6.24-28.84) hardy-proposed; urgency=low
[ Steve Conklin ]
* Tracking Bug
- LP: #698185
linux (2.6.24-28.83) hardy-proposed; urgency=low
[ Steve Conklin ]
* tracking bug moved from here to latest entry
linux (2.6.24-28.82) hardy-proposed; urgency=low
[ Leann Ogasawara ]
* Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
dereference"
* Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
* Revert "SAUCE: AF_ECONET prevent kernel stack overflow"
[Upstream Kernel Changes]
* xfs: validate untrust...
Changed in linux (Ubuntu Hardy): | |
status: | Fix Committed → Fix Released |
Hi Tim,
Please be sure to confirm this issue exists with the latest development release of Ubuntu. ISO CD images are available from http:// cdimage. ubuntu. com/daily/ current/ . If the issue remains, please run the following command from a Terminal (Applications- >Accessories- >Terminal) . It will automatically gather and attach updated debug information to this report.
apport-collect -p linux 708019
Also, if you could test the latest upstream kernel available that would be great. It will allow additional upstream developers to examine the issue. Refer to https:/ /wiki.ubuntu. com/KernelMainl ineBuilds . Once you've tested the upstream kernel, please remove the 'needs- upstream- testing' tag. This can be done by clicking on the yellow pencil icon next to the tag located at the bottom of the bug description and deleting the 'needs- upstream- testing' text. Please let us know your results.
Thanks in advance.
[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]