CVE-2010-4650

Bug #917804 reported by John Johansen
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Fix Released
Medium
Unassigned
Maverick
Fix Released
Medium
Unassigned
Natty
Won't Fix
Medium
Unassigned
Oneiric
Won't Fix
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
linux-armadaxp (Ubuntu)
Fix Released
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Maverick
Invalid
Undecided
Unassigned
Natty
Invalid
Medium
Unassigned
Oneiric
Invalid
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Quantal
Fix Released
Medium
Unassigned
linux-ec2 (Ubuntu)
Invalid
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Fix Released
Medium
Unassigned
Maverick
Invalid
Medium
Unassigned
Natty
Invalid
Medium
Unassigned
Oneiric
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
linux-fsl-imx51 (Ubuntu)
Invalid
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Andy Whitcroft
Maverick
Invalid
Medium
Unassigned
Natty
Invalid
Medium
Unassigned
Oneiric
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
linux-lts-backport-maverick (Ubuntu)
Invalid
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Fix Released
Medium
Unassigned
Maverick
Invalid
Medium
Unassigned
Natty
Invalid
Medium
Unassigned
Oneiric
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
linux-lts-backport-natty (Ubuntu)
Invalid
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Won't Fix
Medium
Unassigned
Maverick
Invalid
Medium
Unassigned
Natty
Invalid
Medium
Unassigned
Oneiric
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
linux-lts-backport-oneiric (Ubuntu)
Invalid
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Won't Fix
Medium
Unassigned
Maverick
Invalid
Medium
Unassigned
Natty
Invalid
Medium
Unassigned
Oneiric
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
linux-mvl-dove (Ubuntu)
Invalid
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Fix Released
Medium
Unassigned
Maverick
Fix Released
Medium
Unassigned
Natty
Invalid
Medium
Unassigned
Oneiric
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Invalid
Medium
Unassigned
Nominated for Raring by John Johansen
Hardy
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Maverick
Fix Released
Medium
Andy Whitcroft
Natty
Won't Fix
Medium
Unassigned
Oneiric
Won't Fix
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned

Bug Description

Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging the ability to operate a CUSE server.

Break-Fix: 59efec7b903987dcb60b9ebc85c7acd4443a11a1 7572777eef78ebdee1ecb7c258c0ef94d35bad16

Revision history for this message
John Johansen (jjohansen) wrote :

CVE-2010-4650

tags: added: kernel-cve-tracking-bug
security vulnerability: no → yes
security vulnerability: no → yes
Changed in linux-ec2 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Natty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Maverick):
status: New → Fix Committed
Changed in linux-mvl-dove (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status: New → Invalid
Changed in linux (Ubuntu Oneiric):
status: New → Fix Committed
Changed in linux (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux (Ubuntu Precise):
status: New → Invalid
Changed in linux (Ubuntu Hardy):
status: New → Invalid
Changed in linux (Ubuntu Maverick):
status: New → Fix Committed
Changed in linux (Ubuntu Natty):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Natty):
status: New → Fix Committed
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Maverick):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Natty):
status: New → Invalid
description: updated
Changed in linux-ec2 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Maverick):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Natty):
importance: Undecided → Medium
Andy Whitcroft (apw)
Changed in linux-fsl-imx51 (Ubuntu Lucid):
assignee: nobody → Andy Whitcroft (apw)
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Maverick):
assignee: nobody → Andy Whitcroft (apw)
status: New → In Progress
Changed in linux-ti-omap4 (Ubuntu Maverick):
status: In Progress → Fix Committed
Changed in linux-ec2 (Ubuntu Lucid):
status: Fix Committed → Fix Released
Changed in linux-mvl-dove (Ubuntu Lucid):
status: Fix Committed → Fix Released
Changed in linux-mvl-dove (Ubuntu Maverick):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Lucid):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Maverick):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.32

---------------
linux-ti-omap4 (2.6.35-903.32) maverick-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #942766

  [ Paolo Pisati ]

  * [Config] Move to a 3G/1G memory split
    - LP: #861296

linux-ti-omap4 (2.6.35-903.31) maverick-proposed; urgency=low

  * Release Tracking Bug
    - LP: #932237

  [ Upstream Kernel Changes ]

  * net: ip_expire() must revalidate route
    - LP: #922051
    - CVE-2011-1927
  * inotify: stop kernel memory leak on file creation failure
    - LP: #917797
    - CVE-2010-4250
  * inotify: fix double free/corruption of stuct user
    - LP: #869203
    - CVE-2011-1479
  * fuse: verify ioctl retries
    - LP: #917804
    - CVE-2010-4650
  * ima: fix add LSM rule bug
    - LP: #917808
    - CVE-2011-0006
  * bridge: Fix mglist corruption that leads to memory corruption
    - LP: #917813
    - CVE-2011-0716
  * sound/oss: remove offset from load_patch callbacks
    - LP: #925337
    - CVE-2011-1476
  * ARM: 6891/1: prevent heap corruption in OABI semtimedop
    - LP: #925373
    - CVE-2011-1759
  * sound/oss/opl3: validate voice and channel indexes
    - LP: #925335
    - CVE-2011-1477
  * Fix for buffer overflow in ldm_frag_add not sufficient
    - LP: #922371
    - CVE-2011-2182
  * AppArmor: fix oops in apparmor_setprocattr
    - LP: #789409
    - CVE-2011-3619
 -- Herton Ronaldo Krzesinski <email address hidden> Tue, 28 Feb 2012 14:33:28 -0300

Changed in linux-ti-omap4 (Ubuntu Maverick):
status: Fix Committed → Fix Released
Changed in linux-mvl-dove (Ubuntu Maverick):
status: Fix Released → Invalid
Changed in linux (Ubuntu Maverick):
status: Fix Released → Invalid
Changed in linux-ti-omap4 (Ubuntu Maverick):
status: Fix Released → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: Fix Committed → Fix Released
Revision history for this message
John Johansen (jjohansen) wrote :

revert scripting error

Changed in linux (Ubuntu Maverick):
status: Invalid → Fix Released
Changed in linux-mvl-dove (Ubuntu Maverick):
status: Invalid → Fix Released
Changed in linux-ti-omap4 (Ubuntu Maverick):
status: Invalid → Fix Released
Changed in linux-armadaxp (Ubuntu Maverick):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Oneiric):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Hardy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Natty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Fix Committed
importance: Undecided → Medium
description: updated
Ike Panhc (ikepanhc)
Changed in linux-armadaxp (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux-armadaxp (Ubuntu Quantal):
status: Fix Committed → Fix Released
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: Fix Committed → Won't Fix
Changed in linux-ti-omap4 (Ubuntu Natty):
status: Fix Committed → Won't Fix
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: Fix Committed → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: Fix Committed → Won't Fix
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. natty has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against natty is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux (Ubuntu Natty):
status: Fix Committed → Won't Fix
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. oneiric has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against oneiric is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux (Ubuntu Oneiric):
status: Fix Committed → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.