This bug was fixed in the package linux - 2.6.31-22.70
--------------- linux (2.6.31-22.70) karmic-proposed; urgency=low
[ Leann Ogasawara ]
- LP: #683474 * Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer dereference" * Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges" * Revert "SAUCE: AF_ECONET prevent kernel stack overflow"
[ Upstream Kernel Changes ]
* Btrfs: fix checks in BTRFS_IOC_CLONE_RANGE - CVE-2010-2538 * xfs: validate untrusted inode numbers during lookup - CVE-2010-2943 * xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED - CVE-2010-2943 * xfs: remove block number from inode lookup code - CVE-2010-2943 * xfs: fix untrusted inode number lookup - CVE-2010-2943 * drm/i915: Sanity check pread/pwrite - CVE-2010-2962 * drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow - CVE-2010-2962 * tracing: Do not allow llseek to set_ftrace_filter - CVE-2010-3079 * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory - CVE-2010-3296 * drivers/net/eql.c: prevent reading uninitialized stack memory - CVE-2010-3297 * drivers/net/usb/hso.c: prevent reading uninitialized memory - CVE-2010-3298 * setup_arg_pages: diagnose excessive argument size - CVE-2010-3858 * net: clear heap allocation for ETHTOOL_GRXCLSRLALL - CVE-2010-3861 * ipc: shm: fix information leak to userland - CVE-2010-4072 * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849 - CVE-2010-3849 * econet: fix CVE-2010-3850 - CVE-2010-3850 * econet: fix CVE-2010-3848 - CVE-2010-3848 -- Leann Ogasawara <email address hidden> Tue, 30 Nov 2010 20:16:51 -0800
This bug was fixed in the package linux - 2.6.31-22.70
---------------
linux (2.6.31-22.70) karmic-proposed; urgency=low
[ Leann Ogasawara ]
- LP: #683474
* Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
dereference"
* Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
* Revert "SAUCE: AF_ECONET prevent kernel stack overflow"
[ Upstream Kernel Changes ]
* Btrfs: fix checks in BTRFS_IOC_ CLONE_RANGE net/cxgb3/ cxgb3_main. c: prevent reading uninitialized stack net/usb/ hso.c: prevent reading uninitialized memory
- CVE-2010-2538
* xfs: validate untrusted inode numbers during lookup
- CVE-2010-2943
* xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
- CVE-2010-2943
* xfs: remove block number from inode lookup code
- CVE-2010-2943
* xfs: fix untrusted inode number lookup
- CVE-2010-2943
* drm/i915: Sanity check pread/pwrite
- CVE-2010-2962
* drm/i915: Rephrase pwrite bounds checking to avoid any potential
overflow
- CVE-2010-2962
* tracing: Do not allow llseek to set_ftrace_filter
- CVE-2010-3079
* drivers/
memory
- CVE-2010-3296
* drivers/net/eql.c: prevent reading uninitialized stack memory
- CVE-2010-3297
* drivers/
- CVE-2010-3298
* setup_arg_pages: diagnose excessive argument size
- CVE-2010-3858
* net: clear heap allocation for ETHTOOL_GRXCLSRLALL
- CVE-2010-3861
* ipc: shm: fix information leak to userland
- CVE-2010-4072
* econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
- CVE-2010-3849
* econet: fix CVE-2010-3850
- CVE-2010-3850
* econet: fix CVE-2010-3848
- CVE-2010-3848
-- Leann Ogasawara <email address hidden> Tue, 30 Nov 2010 20:16:51 -0800