This bug was fixed in the package linux - 2.6.24-28.86 --------------- linux (2.6.24-28.86) hardy-proposed; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #716166 [Tim Gardner] * xen unified block-device I/O interface back end can orphan devices, CVE-2010-3699 - LP: #708019 - CVE-2010-3699 [Upstream Kernel Changes] * Hardy SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448 - LP: #706999 - CVE-2010-3448 * net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859 - LP: #711855, #708839 - CVE-2010-4160 * net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859 - LP: #711855, #708839 - CVE-2010-4160 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * memory corruption in X.25 facilities parsing, CVE-2010-3873 - LP: #709372 - CVE-2010-3873 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * KVM: VMX: fix vmx null pointer dereference on debug register access, CVE-2010-0435 - LP: #712615 - CVE-2010-0435 * gdth: integer overflow in ioctl, CVE-2010-4157 - LP: #711797 - CVE-2010-4157 * posix-cpu-timers: workaround to suppress the problems with mt exec, CVE-2010-4248 - LP: #712609 - CVE-2010-4248 * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory, CVE-2010-4080, CVE-2010-4081 - LP: #712723, #712737 - CVE-2010-4081 * sys_semctl: fix kernel stack leakage, CVE-2010-4083 - LP: #712749 - CVE-2010-4083 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 linux (2.6.24-28.85) hardy-proposed; urgency=low [ Brad Figg ] * Tracking Bug - LP: #708315 [Upstream Kernel Changes] * ata_piix: IDE mode SATA patch for Intel ICH10 DeviceID's - LP: #693401 * USB: serial/mos*: prevent reading uninitialized stack memory, CVE-2010-4074 - LP: #706149 - CVE-2010-4074 * KVM: Fix fs/gs reload oops with invalid ldt - LP: #707000 - CVE-2010-3698 * drivers/video/sis/sis_main.c: prevent reading uninitialized stack memory, CVE-2010-4078 - LP: #707579 - CVE-2010-4078 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 linux (2.6.24-28.84) hardy-proposed; urgency=low [ Steve Conklin ] * Tracking Bug - LP: #698185 linux (2.6.24-28.83) hardy-proposed; urgency=low [ Steve Conklin ] * tracking bug moved from here to latest entry linux (2.6.24-28.82) hardy-proposed; urgency=low [ Leann Ogasawara ] * Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer dereference" * Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges" * Revert "SAUCE: AF_ECONET prevent kernel stack overflow" [Upstream Kernel Changes] * xfs: validate untrusted inode numbers during lookup - CVE-2010-2943 * xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED - CVE-2010-2943 * xfs: remove block number from inode lookup code - CVE-2010-2943 * xfs: fix untrusted inode number lookup - CVE-2010-2943 * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory - CVE-2010-3296 * drivers/net/eql.c: prevent reading uninitialized stack memory - CVE-2010-3297 * setup_arg_pages: diagnose excessive argument size - CVE-2010-3858 * ipc: shm: fix information leak to userland - CVE-2010-4072 * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849 - CVE-2010-3849 * econet: fix CVE-2010-3850 - CVE-2010-3850 * econet: fix CVE-2010-3848 - CVE-2010-3848 -- Brad Figg