CVE-2011-2484

Bug #806390 reported by Andy Whitcroft on 2011-07-06
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned
Hardy
Medium
Andy Whitcroft
Lucid
Medium
Andy Whitcroft
Maverick
Medium
Andy Whitcroft
Natty
Medium
Andy Whitcroft
Oneiric
Medium
Unassigned
Precise
Medium
Unassigned
linux-ec2 (Ubuntu)
Medium
Unassigned
Hardy
Medium
Unassigned
Lucid
Medium
Unassigned
Maverick
Medium
Unassigned
Natty
Medium
Unassigned
Oneiric
Medium
Unassigned
Precise
Medium
Unassigned
linux-fsl-imx51 (Ubuntu)
Medium
Unassigned
Hardy
Medium
Unassigned
Lucid
Medium
Andy Whitcroft
Maverick
Medium
Unassigned
Natty
Medium
Unassigned
Oneiric
Medium
Unassigned
Precise
Medium
Unassigned
linux-lts-backport-maverick (Ubuntu)
Medium
Unassigned
Hardy
Medium
Unassigned
Lucid
Medium
Unassigned
Maverick
Medium
Unassigned
Natty
Medium
Unassigned
Oneiric
Medium
Unassigned
Precise
Medium
Unassigned
linux-lts-backport-natty (Ubuntu)
Medium
Unassigned
Hardy
Medium
Unassigned
Lucid
Medium
Unassigned
Maverick
Medium
Unassigned
Natty
Medium
Unassigned
Oneiric
Medium
Unassigned
Precise
Medium
Unassigned
linux-lts-backport-oneiric (Ubuntu)
Medium
Unassigned
Hardy
Medium
Unassigned
Lucid
Medium
Unassigned
Maverick
Medium
Unassigned
Natty
Medium
Unassigned
Oneiric
Medium
Unassigned
Precise
Medium
Unassigned
linux-mvl-dove (Ubuntu)
Medium
Unassigned
Hardy
Medium
Unassigned
Lucid
Medium
Unassigned
Maverick
Medium
Unassigned
Natty
Medium
Unassigned
Oneiric
Medium
Unassigned
Precise
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Medium
Unassigned
Hardy
Medium
Unassigned
Lucid
Medium
Unassigned
Maverick
Medium
Andy Whitcroft
Natty
Medium
Andy Whitcroft
Oneiric
Medium
Unassigned
Precise
Medium
Unassigned

Bug Description

The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application.

Break-Fix: f9fd8914c1acca0d98b69d831b128d5b52f03c51 26c4caea9d697043cc5a458b96411b86d7f6babd

Andy Whitcroft (apw) wrote :

CVE-2011-2484

tags: added: kernel-cve-tracking-bug
security vulnerability: no → yes
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status: New → Invalid
Andy Whitcroft (apw) on 2011-07-07
Changed in linux (Ubuntu Oneiric):
status: New → Invalid
description: updated
Andy Whitcroft (apw) on 2011-07-07
Changed in linux (Ubuntu Natty):
assignee: nobody → Andy Whitcroft (apw)
status: New → In Progress
Changed in linux (Ubuntu Maverick):
assignee: nobody → Andy Whitcroft (apw)
status: New → In Progress
Andy Whitcroft (apw) on 2011-07-07
Changed in linux (Ubuntu Lucid):
assignee: nobody → Andy Whitcroft (apw)
status: New → In Progress
Changed in linux (Ubuntu Hardy):
assignee: nobody → Andy Whitcroft (apw)
status: New → In Progress
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → In Progress
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → In Progress
Andy Whitcroft (apw) on 2011-07-07
Changed in linux-lts-backport-natty (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Maverick):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Natty):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Lucid):
assignee: nobody → Andy Whitcroft (apw)
status: New → In Progress
Andy Whitcroft (apw) on 2011-07-07
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → In Progress
Changed in linux-mvl-dove (Ubuntu Maverick):
status: New → In Progress
Andy Whitcroft (apw) on 2011-07-07
Changed in linux-ti-omap4 (Ubuntu Maverick):
assignee: nobody → Andy Whitcroft (apw)
status: New → In Progress
Changed in linux-ti-omap4 (Ubuntu Natty):
assignee: nobody → Andy Whitcroft (apw)
status: New → In Progress
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: New → In Progress
Tim Gardner (timg-tpi) on 2011-07-07
Changed in linux (Ubuntu Hardy):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Maverick):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Natty):
status: In Progress → Fix Committed
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Maverick):
status: In Progress → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Natty):
status: In Progress → Fix Committed
Andy Whitcroft (apw) on 2011-07-07
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Fix Committed
Kees Cook (kees) on 2011-08-02
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in linux-mvl-dove (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in linux-mvl-dove (Ubuntu Maverick):
status: In Progress → Fix Committed
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: In Progress → Fix Committed
description: updated
Kees Cook (kees) on 2011-08-02
description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.24-29.92

---------------
linux (2.6.24-29.92) hardy-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #812360

  [Upstream Kernel Changes]

  * af_unix: limit unix_tot_inflight CVE-2010-4249
    - LP: #769182
    - CVE-2010-4249
  * xfs: zero proper structure size for geometry calls CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * netfilter: ip_tables: fix infoleak to userspace CVE-2011-1171
    - LP: #801482
    - CVE-2011-1171
  * econet: 4 byte infoleak to the network CVE-2011-1173
    - LP: #801484
    - CVE-2011-1173
  * netfilter: arp_tables: fix infoleak to userspace CVE-2011-1170
    - LP: #801480
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace CVE-2011-1172
    - LP: #801483
    - CVE-2011-1172
  * xen: don't allow blkback virtual CDROM device, CVE-2010-4238
    - LP: #803931
    - CVE-2010-4238
  * IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649
    - LP: #805512
  * ipc: initialize structure memory to zero for compat functions
    CVE-2010-4073
    - LP: #806366
    - CVE-2010-4073
  * tcp: Increase TCP_MAXSEG socket option minimum CVE-2010-4165
    - LP: #806374
    - CVE-2010-4165
  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * netfilter: ipt_CLUSTERIP: fix buffer overflow, CVE-2011-2534
    - LP: #801473
    - CVE-2011-2534
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3), CVE-2011-1090
    - LP: #800775
    - CVE-2011-1090
  * fs/partitions: Validate map_count in Mac partition tables
    - LP: #804225
    - CVE-2011-1010
 -- Herton Ronaldo Krzesinski <email address hidden> Mon, 18 Jul 2011 12:36:01 -0300

Changed in linux (Ubuntu Hardy):
status: Fix Committed → Fix Released
Kees Cook (kees) on 2011-08-10
description: updated
Kees Cook (kees) on 2011-08-16
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Natty):
importance: Undecided → Medium
Launchpad Janitor (janitor) wrote :
Download full text (13.4 KiB)

This bug was fixed in the package linux - 2.6.38-11.48

---------------
linux (2.6.38-11.48) natty-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #818175

  [ Upstream Kernel Changes ]

  * Revert "HID: magicmouse: ignore 'ivalid report id' while switching
    modes"
    - LP: #814250

linux (2.6.38-11.47) natty-proposed; urgency=low

  [Steve Conklin]

  * Release Tracking Bug
    - LP: #811180

  [ Keng-Yu Lin ]

  * SAUCE: Revert: "dell-laptop: Toggle the unsupported hardware
    killswitch"
    - LP: #775281

  [ Ming Lei ]

  * SAUCE: fix yama_ptracer_del lockdep warning
    - LP: #791019

  [ Stefan Bader ]

  * SAUCE: Re-enable RODATA for i386 virtual
    - LP: #809838

  [ Tim Gardner ]

  * [Config] Add grub-efi as a recommended bootloader for server and
    generic
    - LP: #800910
  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494

  [ Upstream Kernel Changes ]

  * Revert "bridge: Forward reserved group addresses if !STP"
    - LP: #793702
  * Fix up ABI directory
  * bonding: Incorrect TX queue offset, CVE-2011-1581
    - LP: #792312
    - CVE-2011-1581
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * usbnet/cdc_ncm: add missing .reset_resume hook
    - LP: #793892
  * ath5k: Disable fast channel switching by default
    - LP: #767192
  * mm: vmscan: correctly check if reclaimer should schedule during
    shrink_slab
    - LP: #755066
  * mm: vmscan: correct use of pgdat_balanced in sleeping_prematurely
    - LP: #755066
  * ALSA: hda - Use LPIB for ATI/AMD chipsets as default
    - LP: #741825
  * ALSA: hda - Enable snoop bit for AMD controllers
    - LP: #741825
  * ALSA: hda - Enable sync_write workaround for AMD generically
    - LP: #741825
  * cpuidle: menu: fixed wrapping timers at 4.294 seconds
    - LP: #774947
  * drm/i915: Fix gen6 (SNB) missed BLT ring interrupts.
    - LP: #761065
  * USB: ehci: remove structure packing from ehci_def
    - LP: #791552
  * drm/i915: disable PCH ports if needed when disabling a CRTC
    - LP: #791752
  * kmemleak: Do not return a pointer to an object that kmemleak did not
    get
    - LP: #793702
  * kmemleak: Initialise kmemleak after debug_objects_mem_init()
    - LP: #793702
  * Fix _OSC UUID in pcc-cpufreq
    - LP: #793702
  * CPU hotplug, re-create sysfs directory and symlinks
    - LP: #793702
  * Fix memory leak in cpufreq_stat
    - LP: #793702
  * net: recvmmsg: Strip MSG_WAITFORONE when calling recvmsg
    - LP: #793702
  * ftrace: Only update the function code on write to filter files
    - LP: #793702
  * qla2xxx: Fix hang during driver unload when vport is active.
    - LP: #793702
  * qla2xxx: Fix virtual port failing to login after chip reset.
    - LP: #793702
  * qla2xxx: Fix vport delete hang when logins are outstanding.
    - LP: #793702
  * powerpc/kdump64: Don't reference freed memory as pacas
    - LP: #793702
  * powerpc/kexec: Fix memory corruption from unallocated slaves
    - LP: #793702
  * x86, cpufeature: Fix cpuid leaf 7 feature detection
    - LP: #793702
  * ath9k_hw: do noise floor calibration only on required chain...

Changed in linux (Ubuntu Natty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (6.2 KiB)

This bug was fixed in the package linux-fsl-imx51 - 2.6.31-610.28

---------------
linux-fsl-imx51 (2.6.31-610.28) lucid-proposed; urgency=low

  * Release tracking bug
    - LP: #837802

  [ Upstream Kernel Changes ]

  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-fsl-imx51 (2.6.31-610.27) lucid-proposed; urgency=low

  * Release tracking bug
    - LP: #829160

  [ Upstream Kernel Changes ]

  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * Fix corrupted OSF partition table parsing
    - LP: #796606
    - CVE-2011-1163
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * proc: protect mm start_code/end_code in /proc/pid/stat
    - LP: #799906
    - CVE-2011-0726
  * sctp: Fix a race between ICMP protocol unreachable and connect()
  * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077
    - LP: #794034
    - CVE-2010-4077
  * filter: make sure filters dont read uninitialized memory CVE-2010-4158
    - LP: #721282
    - CVE-2010-4158
  * bio: take care not overflow page count when mapping/copying user data
    CVE-2010-4162
    - LP: #721441
    - CVE-2010-4162
  * block: check for proper length of iov entries in blk_rq_map_user_iov()
    - LP: #721504
    - CVE-2010-4163
  * block: check for proper length of iov entries earlier in
    blk_rq_map_user_iov(), CVE-2010-4163
    - LP: #721504
    - CVE-2010-4163
  * rds: Integer overflow in RDS cmsg handling, CVE-2010-4175
    - LP: #721455
    - CVE-2010-4175
  * bluetooth: Fix missing NULL check CVE-2010-4242
    - LP: #714846
    - CVE-2010-4242
  * IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649
    - LP: #800121
    - CVE-2010-4649
  * epoll: prevent creating circular epoll structures CVE-2011-1082
    - LP: #800758
    - CVE-2011-1082
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3) CVE-2011-1090
    - LP: #800775
  * ldm: corrupted partition table can cause kernel oops CVE-2011-1012
    - LP: #801083
    - CVE-2011-1012
  * netfilter: ipt_CLUSTERIP: fix buffer overflow CVE-2011-2534
    - LP: #801473
    - CVE-2011-2534
  * netfilter: arp_tables: fix infoleak to userspace CVE-2011-1170
    - LP: #801480
    - CVE-2011-1170
  * netfilter: ip_tables: fix infoleak to userspace CVE-2011-1171
    - LP: #801482
    - CVE-2011-1171
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace CVE-2011-1172
    - LP: #801483
    - CVE-2011-1172
  * econet: 4 byte infoleak to the network CVE-2011-1173
    - LP: #801484
    - CVE-2011-1173
  * net: Limit socket I/O iovec total length to INT_MAX.
    - LP: #708839
  * fs/partitions: Validate map_count in Mac partition tables -
    CVE-2011-1010
    - LP: #804225
    - CVE-2011-1010
  * drm: fix unsigned vs signed comparison issue in modeset ctl ioctl,
    CVE-2011-1013
    - LP: #804229
    - CVE-2011-1013
...

Read more...

Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (17.0 KiB)

This bug was fixed in the package linux-mvl-dove - 2.6.32-218.36

---------------
linux-mvl-dove (2.6.32-218.36) lucid-proposed; urgency=low

  * Release tracking bug
    - LP: #837803

  [ Paolo Pisati ]

  * Rebased to 2.6.32-34.76

  [ Ubuntu: 2.6.32-34.76 ]

  * Release Tracking Bug
    - LP: #836914
  * Revert "drm/nv50-nvc0: work around an evo channel hang that some people
    see"
  * Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "tunnels: fix netns vs proto registration ordering"

  [ Ubuntu: 2.6.32-34.75 ]

  * Release Tracking Bug
    - LP: #832332
  * drm/i915: Remove BUG_ON from i915_gem_evict_something
    - LP: #828550

linux-mvl-dove (2.6.32-218.35) lucid-proposed; urgency=low

  [ Paolo Pisati ]

  * Release Tracking Bug
    - LP: #829161
  * Rebased to 2.6.32-34.74

  [ Ubuntu: 2.6.32-34.74 ]

  * Release Tracking Bug
    - LP: #828375
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

  [ Ubuntu: 2.6.32-34.73 ]

  * Release Tracking Bug
    - LP: #824148
  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494
  * [Config] Add enic/fnic to udebs
    - LP: #801610
  * tty: icount changeover for other main devices, CVE-2010-4076,
    CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * ftrace: Only update the function code on write to filter files
    - LP: #802383
  * kmemleak: Do not return a pointer to an object that kmemleak did not
    get
    - LP: #802383
  * CPU hotplug, re-create sysfs directory and symlinks
    - LP: #802383
  * Fix memory leak in cpufreq_stat
    - LP: #802383
  * powerpc/kexec: Fix memory corruption from unallocated slaves
    - LP: #802383
  * powerpc/oprofile: Handle events that raise an exception without
    overflowing
    - LP: #802383
  * mtd: mtdconcat: fix NAND OOB write
    - LP: #802383
  * x86, 64-bit: Fix copy_[to/from]_user() checks for the userspace address
    limit
    - LP: #802383
  * ext3: Fix fs corruption when make_indexed_dir() fails
    - LP: #802383
  * jbd: Fix forever sleeping process in do_get_write_access()
    - LP: #802383
  * jbd: fix fsync() tid wraparound bug
    - LP: #802383
  * ext4: release page cache in ext4_mb_load_buddy error path
    - LP: #802383
  * Fix Ultrastor asm snippet
    - LP: #802383
  * x86, amd: Do not enable ARAT feature on AMD processors below family
    0x12
    - LP: #802383
  * x86, amd: Use _safe() msr access for GartTlbWlk disable code
    - LP: #802383
  * rcu: Fix unpaired rcu_irq_enter() from locking selftests
    - LP: #802383
  * staging: usbip: fix wrong endian conversion
    - LP: #802383
  * Fix for buffer overflow in ldm_frag_add not sufficient
    - LP: #802383
  * seqlock: Don't smp_rmb in seqlock reader spin loop
    - LP: #802383
  * ALSA: HDA: Use one dmic only for Dell Studio 1558
    - LP: #731706, #802383
  * ASoC: Ensure output PGA is enabled for line outputs in wm_hubs
    - LP: #802383
  * ASoC: Add some missing volume update bit sets for wm_hubs devices
    - LP: #802383
  * mm/page_alloc.c: prevent u...

Changed in linux-mvl-dove (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (9.1 KiB)

This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.24

---------------
linux-ti-omap4 (2.6.35-903.24) maverick-proposed; urgency=low

  * Release tracking bug
    - LP: #838037

  [ Upstream Kernel Changes ]

  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-ti-omap4 (2.6.35-903.23) maverick-proposed; urgency=low

  * Release tracking bug
    - LP: #829655

  [ Upstream Kernel Changes ]

  * drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * drm/radeon: fix regression with AA resolve checking, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * can-bcm: fix minor heap overflow
    - LP: #690730
  * CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565
    - LP: #765007
    - CVE-2010-4565
  * av7110: check for negative array offset
    - LP: #747520
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
    CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * ALSA: caiaq - Fix possible string-buffer overflow
    - LP: #747520
  * IB/cm: Bump reference count on cm_id before invoking callback,
    CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * RDMA/cma: Fix crash in request handlers, CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * Treat writes as new when holes span across page boundaries,
    CVE-2011-0463
    - LP: #770483
    - CVE-2011-0463
  * net: clear heap allocations for privileged ethtool actions
    - LP: #686158
  * usb: iowarrior: don't trust report_size for buffer size
    - LP: #747520
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal
    code
    - LP: #747520
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #747520
  * exec: make argv/envp memory visible to oom-killer
    - LP: #690730
  * next_pidmap: fix overflow condition
    - LP: #772560
  * proc: do proper range check on readdir offset
    - LP: #772560
  * ALSA: sound/pci/asihpi: check adapter index in hpi_ioctl, CVE-2011-1169
    - LP: #785331
    - CVE-2011-1169
  * mpt2sas: prevent heap overflows and unchecked reads, CVE-2011-1494
    - LP: #787145
    - CVE-2011-1494
  * agp: fix arbitrary kernel memory writes, CVE-1011-2022
    - LP: #788684
    - CVE-1011-2022
  * can: add missing socket check in can/raw release, CVE-2011-1748
    - LP: #788694
    - CVE-2011-1748
  * agp: fix OOM and buffer overflow
    - LP: #788700
  * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack
    memory - CVE-2010-3296
    - CVE-2010-3296
  * drivers/net/eql.c: prevent reading uninitialized stack memory -
    CVE-2010-3297
    - CVE-2010-3297
  * inet_diag: Make sure we actually run the same bytecode we audited,
    CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880
  * setup_arg_pages: diagnose excessive argume...

Read more...

Changed in linux-ti-omap4 (Ubuntu Maverick):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.35-30.59

---------------
linux (2.6.35-30.59) maverick-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #837449

  [ Upstream Kernel Changes ]

  * Revert "drm/nv50-nvc0: work around an evo channel hang that some people
    see"
  * Revert "eCryptfs: Handle failed metadata read in lookup"

linux (2.6.35-30.58) maverick-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #828376

  [ Upstream Kernel Changes ]

  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux (2.6.35-30.57) maverick-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #823306

  [ Tim Gardner ]

  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494
  * [Config] Add enic/fnic to udebs
    - LP: #801610

  [ Upstream Kernel Changes ]

  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * dccp: handle invalid feature options length, CVE-2011-1770
    - LP: #806375
    - CVE-2011-1770
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * drm/nv50-nvc0: work around an evo channel hang that some people see
    - LP: #583760
 -- Herton Ronaldo Krzesinski <email address hidden> Tue, 30 Aug 2011 12:11:13 -0300

Changed in linux (Ubuntu Maverick):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-backport-maverick - 2.6.35-30.59~lucid1

---------------
linux-lts-backport-maverick (2.6.35-30.59~lucid1) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #838043

  [ Upstream Kernel Changes ]

  * Revert "drm/nv50-nvc0: work around an evo channel hang that some people
    see"
  * Revert "eCryptfs: Handle failed metadata read in lookup"

linux (2.6.35-30.58) maverick-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #828376

  [ Upstream Kernel Changes ]

  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux (2.6.35-30.57) maverick-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #823306

  [ Tim Gardner ]

  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494
  * [Config] Add enic/fnic to udebs
    - LP: #801610

  [ Upstream Kernel Changes ]

  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * dccp: handle invalid feature options length, CVE-2011-1770
    - LP: #806375
    - CVE-2011-1770
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * drm/nv50-nvc0: work around an evo channel hang that some people see
    - LP: #583760

linux (2.6.35-30.56) maverick-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #808934

  [ Herton Ronaldo Krzesinski ]

  * Revert "SAUCE: mmc: Enable MMC card reader for RICOH [1180:e823]"

  [ Upstream Kernel Changes ]

  * Revert "x86: Flush TLB if PGD entry is changed in i386 PAE mode"
    - LP: #805209
 -- Herton Ronaldo Krzesinski <email address hidden> Thu, 01 Sep 2011 13:40:57 -0300

Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: Fix Committed → Fix Released
Changed in linux-mvl-dove (Ubuntu Maverick):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (38.0 KiB)

This bug was fixed in the package linux-ti-omap4 - 2.6.38-1209.15

---------------
linux-ti-omap4 (2.6.38-1209.15) natty-proposed; urgency=low

  * Release tracking bug
    - LP: #837761

  [ Paolo Pisati ]

  * [Config] Turn on CONFIG_USER_NS and DEVPTS_MULTIPLE_INSTANCES.
    - LP: #787749

  [ Tim Gardner ]

  * [Config] Add enic/fnic to nic-modules udeb, CVE-2011-1020
    - LP: #801610

  [ Upstream Kernel Changes ]

  * mpt2sas: prevent heap overflows and unchecked reads
    - LP: #780546
  * agp: fix arbitrary kernel memory writes
    - LP: #775809
  * can: add missing socket check in can/raw release
    - LP: #780546
  * agp: fix OOM and buffer overflow
    - LP: #775809
  * bonding: Incorrect TX queue offset, CVE-2011-1581
    - LP: #792312
    - CVE-2011-1581
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * USB: ehci: remove structure packing from ehci_def
    - LP: #791552
  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * ext4: init timer earlier to avoid a kernel panic in __save_error_info,
    CVE-2011-2493
    - LP: #806929
    - CVE-2011-2493
  * dccp: handle invalid feature options length, CVE-2011-1770
    - LP: #806375
    - CVE-2011-1770
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-ti-omap4 (2.6.38-1209.13) natty; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #772381

  [ Brad Figg ]

  * Ubuntu-2.6.38-9.43

  [ Bryan Wu ]

  * merge Ubuntu-2.6.38-9.43
  * cherry-pick 6 patches from u2 of 'for-ubuntu' branch
  * [Config] Sync up configs for 2.6.38.4

  [ Herton Ronaldo Krzesinski ]

  * SAUCE: Revert "x86, hibernate: Initialize mmu_cr4_features during boot"
    - LP: #764758

  [ Leann Ogasawara ]

  * [Config] updateconfigs for 2.6.38.4

  [ Paolo Pisati ]

  * [Conf...

Changed in linux-ti-omap4 (Ubuntu Natty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (16.4 KiB)

This bug was fixed in the package linux-ec2 - 2.6.32-318.38

---------------
linux-ec2 (2.6.32-318.38) lucid-proposed; urgency=low

  [ Stefan Bader ]

  * Rebased to 2.6.32-34.76
  * Release Tracking Bug
    - LP: #837804

  [ Ubuntu: 2.6.32-34.76 ]

  * Revert "drm/nv50-nvc0: work around an evo channel hang that some people
    see"
  * Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "tunnels: fix netns vs proto registration ordering"

  [ Ubuntu: 2.6.32-34.75 ]

  * drm/i915: Remove BUG_ON from i915_gem_evict_something
    - LP: #828550

linux-ec2 (2.6.32-318.37) lucid-proposed; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #829162
  * XEN: exec: delay address limit change until point of no return
    - LP: #802383
  * Rebased to 2.6.32-34.74

  [ Ubuntu: 2.6.32-34.74 ]

  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

  [ Ubuntu: 2.6.32-34.73 ]

  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494
  * [Config] Add enic/fnic to udebs
    - LP: #801610
  * tty: icount changeover for other main devices, CVE-2010-4076,
    CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * ftrace: Only update the function code on write to filter files
    - LP: #802383
  * kmemleak: Do not return a pointer to an object that kmemleak did not
    get
    - LP: #802383
  * CPU hotplug, re-create sysfs directory and symlinks
    - LP: #802383
  * Fix memory leak in cpufreq_stat
    - LP: #802383
  * powerpc/kexec: Fix memory corruption from unallocated slaves
    - LP: #802383
  * powerpc/oprofile: Handle events that raise an exception without
    overflowing
    - LP: #802383
  * mtd: mtdconcat: fix NAND OOB write
    - LP: #802383
  * x86, 64-bit: Fix copy_[to/from]_user() checks for the userspace address
    limit
    - LP: #802383
  * ext3: Fix fs corruption when make_indexed_dir() fails
    - LP: #802383
  * jbd: Fix forever sleeping process in do_get_write_access()
    - LP: #802383
  * jbd: fix fsync() tid wraparound bug
    - LP: #802383
  * ext4: release page cache in ext4_mb_load_buddy error path
    - LP: #802383
  * Fix Ultrastor asm snippet
    - LP: #802383
  * x86, amd: Do not enable ARAT feature on AMD processors below family
    0x12
    - LP: #802383
  * x86, amd: Use _safe() msr access for GartTlbWlk disable code
    - LP: #802383
  * rcu: Fix unpaired rcu_irq_enter() from locking selftests
    - LP: #802383
  * staging: usbip: fix wrong endian conversion
    - LP: #802383
  * Fix for buffer overflow in ldm_frag_add not sufficient
    - LP: #802383
  * seqlock: Don't smp_rmb in seqlock reader spin loop
    - LP: #802383
  * ALSA: HDA: Use one dmic only for Dell Studio 1558
    - LP: #731706, #802383
  * ASoC: Ensure output PGA is enabled for line outputs in wm_hubs
    - LP: #802383
  * ASoC: Add some missing volume update bit sets for wm_hubs devices
    - LP: #802383
  * mm/page_alloc.c: prevent unending loop in __alloc_pages_slowpath()
    - LP: #802383
  * loop: limit 'max_part' module param to D...

Changed in linux-ec2 (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (16.5 KiB)

This bug was fixed in the package linux-lts-backport-natty - 2.6.38-11.50~lucid1

---------------
linux-lts-backport-natty (2.6.38-11.50~lucid1) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #848588

  [ Upstream Kernel Changes ]

  * Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "KVM: fix kvmclock regression due to missing clock update"
  * Revert "ath9k: use split rx buffers to get rid of order-1 skb
    allocations"

linux (2.6.38-11.49) natty-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #836903

  [ Adam Jackson ]

  * SAUCE: drm/i915/pch: Fix integer math bugs in panel fitting
    - LP: #753994

  [ Keng-Yu Lin ]

  * SAUCE: Input: ALPS - Enable Intellimouse mode for Lenovo Zhaoyang E47
    - LP: #632884, #803005

  [ Stefan Bader ]

  * [Config] Force perf to use libiberty for demangling
    - LP: #783660

  [ Tim Gardner ]

  * [Config] Add enic/fnic to udebs
    - LP: #801610

  [ Upstream Kernel Changes ]

  * eeepc-wmi: add keys found on EeePC 1215T
    - LP: #812644
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * vmscan: fix a livelock in kswapd
    - LP: #813797
  * mmc: Add PCI fixup quirks for Ricoh 1180:e823 reader
    - LP: #773524
  * mmc: Added quirks for Ricoh 1180:e823 lower base clock frequency
    - LP: #773524
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * pata_marvell: Add support for 88SE91A0, 88SE91A4
    - LP: #777325
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * drm/nv50-nvc0: work around an evo channel hang that some people see
    - LP: #583760
  * KVM: fix kvmclock regression due to missing clock update
    - LP: #795717
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * ath9k: use split rx buffers to get rid of order-1 skb allocations
    - LP: #728835
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918

linux (2.6.38-11.48) natty-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #818175

  [ Upstream Kernel Changes ]

  * Revert "HID: magicmouse: ignore 'ivalid report id' while switching
   ...

Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (16.9 KiB)

This bug was fixed in the package linux - 2.6.32-34.77

---------------
linux (2.6.32-34.77) lucid-proposed; urgency=low

  [Steve Conklin]

  * Release Tracking Bug
    - LP: #849228

  [ Upstream Kernel Changes ]

  * Revert "drm/i915: Remove BUG_ON from i915_gem_evict_something"
  * Revert "drm/i915: Periodically flush the active lists and requests"
  * Revert "drm/i915/evict: Ensure we completely cleanup on failure"
  * Revert "drm/i915: Maintain LRU order of inactive objects upon access by
    CPU (v2)"
  * Revert "drm/i915: Implement fair lru eviction across both rings. (v2)"
  * Revert "drm/i915: Move the eviction logic to its own file."
  * Revert "drm/i915: prepare for fair lru eviction"

linux (2.6.32-34.76) lucid-proposed; urgency=low

  [Steve Conklin]

  * Release Tracking Bug
    - LP: #836914

  [ Upstream Kernel Changes ]

  * Revert "drm/nv50-nvc0: work around an evo channel hang that some people
    see"
  * Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "tunnels: fix netns vs proto registration ordering"

linux (2.6.32-34.75) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #832332

  [ Upstream Kernel Changes ]

  * drm/i915: Remove BUG_ON from i915_gem_evict_something
    - LP: #828550

linux (2.6.32-34.74) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #828375

  [ Upstream Kernel Changes ]

  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux (2.6.32-34.73) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #824148

  [ Tim Gardner ]

  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494
  * [Config] Add enic/fnic to udebs
    - LP: #801610

  [ Upstream Kernel Changes ]

  * tty: icount changeover for other main devices, CVE-2010-4076,
    CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * ftrace: Only update the function code on write to filter files
    - LP: #802383
  * kmemleak: Do not return a pointer to an object that kmemleak did not
    get
    - LP: #802383
  * CPU hotplug, re-create sysfs directory and symlinks
    - LP: #802383
  * Fix memory leak in cpufreq_stat
    - LP: #802383
  * powerpc/kexec: Fix memory corruption from unallocated slaves
    - LP: #802383
  * powerpc/oprofile: Handle events that raise an exception without
    overflowing
    - LP: #802383
  * mtd: mtdconcat: fix NAND OOB write
    - LP: #802383
  * x86, 64-bit: Fix copy_[to/from]_user() checks for the userspace address
    limit
    - LP: #802383
  * ext3: Fix fs corruption when make_indexed_dir() fails
    - LP: #802383
  * jbd: Fix forever sleeping process in do_get_write_access()
    - LP: #802383
  * jbd: fix fsync() tid wraparound bug
    - LP: #802383
  * ext4: release page cache in ext4_mb_load_buddy error path
    - LP: #802383
  * Fix Ultrastor asm snippet
    - LP: #802383
  * x86, amd: Do not enable ARAT feature on AMD processors below family
    0x12
    - LP: #802383
  * x86, ...

Changed in linux (Ubuntu Lucid):
status: Fix Committed → Fix Released
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Maverick):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
status: New → Invalid
importance: Undecided → Medium
Paolo Pisati (p-pisati) on 2011-12-21
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers