← Back to team overview

kernel-packages team mailing list archive

[Bug 712744] Re: CVE-2010-4082

 

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4249

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/712744

Title:
  CVE-2010-4082

Status in linux package in Ubuntu:
  Fix Released
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux source package in Lucid:
  Fix Released
Status in linux-fsl-imx51 source package in Lucid:
  Fix Released
Status in linux source package in Maverick:
  Fix Released
Status in linux-fsl-imx51 source package in Maverick:
  Invalid
Status in linux source package in Natty:
  Fix Released
Status in linux-fsl-imx51 source package in Natty:
  Invalid
Status in linux source package in Dapper:
  Invalid
Status in linux-fsl-imx51 source package in Dapper:
  Invalid
Status in linux source package in Hardy:
  Invalid
Status in linux-fsl-imx51 source package in Hardy:
  Invalid
Status in linux source package in Karmic:
  Fix Released
Status in linux-fsl-imx51 source package in Karmic:
  Won't Fix

Bug description:
  drivers/video/via/ioctl.c: prevent reading uninitialized stack memory

  The VIAFB_GET_INFO device ioctl allows unprivileged users to read 246
  bytes of uninitialized stack memory, because the "reserved" member of
  the viafb_ioctl_info struct declared on the stack is not altered or
  zeroed before being copied back to the user.  This patch takes care of
  it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/712744/+subscriptions