This bug was fixed in the package linux - 2.6.31-22.73 --------------- linux (2.6.31-22.73) karmic-proposed; urgency=low [ Steve Conklin ] * Release Tracking Bug - LP: #716648 [ Upstream Kernel Changes ] * copied ABI directory * net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859 - LP: #708839, #711855 - CVE-2010-4160 * net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859 - LP: #708839, #711855 - CVE-2010-4160 * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * can-bcm: fix minor heap overflow - LP: #710680 - CVE-2010-3874 * memory corruption in X.25 facilities parsing, CVE-2010-3873 - LP: #709372 - CVE-2010-3873 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * KVM: VMX: fix vmx null pointer dereference on debug register access, CVE-2010-0435 - LP: #712615 - CVE-2010-0435 * gdth: integer overflow in ioctl, CVE-2010-4157 - LP: #711797 - CVE-2010-4157 * posix-cpu-timers: workaround to suppress the problems with mt exec, CVE-2010-4248 - LP: #712609 - CVE-2010-4248 * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory, CVE-2010-4080, CVE-2010-4081 - LP: #712723, #712737 - CVE-2010-4081 * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory, CVE-2010-4082 - LP: #712744 - CVE-2010-4082 * sys_semctl: fix kernel stack leakage, CVE-2010-4083 - LP: #712749 - CVE-2010-4083 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 linux (2.6.31-22.72) karmic-proposed; urgency=low [ Brad Figg ] * Tracking Bug - LP: #708860 [ Upstream Kernel Changes ] * Karmic SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448 - LP: #706999 - CVE-2010-3448 * USB: serial/mos*: prevent reading uninitialized stack memory, CVE-2010-4074 - LP: #706149 - CVE-2010-4074 * KVM: Fix fs/gs reload oops with invalid ldt - LP: #707000 - CVE-2010-3698 * drivers/video/sis/sis_main.c: prevent reading uninitialized stack memory, CVE-2010-4078 - LP: #707579 - CVE-2010-4078 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 linux (2.6.31-22.71) karmic-proposed; urgency=low [ Brad Figg ] - LP: #698214 [ Upstream Kernel Changes ] * ipc: initialize structure memory to zero for compat functions * tcp: Increase TCP_MAXSEG socket option minimum. - CVE-2010-4165 * perf_events: Fix perf_counter_mmap() hook in mprotect() - CVE-2010-4169 * af_unix: limit unix_tot_inflight - CVE-2010-4249 -- Steve Conklin