kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #103805
[Bug 711855] Re: CVE-2010-4160
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4249
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/711855
Title:
CVE-2010-4160
Status in linux package in Ubuntu:
Invalid
Status in linux-fsl-imx51 package in Ubuntu:
Invalid
Status in linux source package in Lucid:
Fix Released
Status in linux-fsl-imx51 source package in Lucid:
In Progress
Status in linux source package in Maverick:
Fix Released
Status in linux-fsl-imx51 source package in Maverick:
Invalid
Status in linux source package in Natty:
Invalid
Status in linux-fsl-imx51 source package in Natty:
Invalid
Status in linux source package in Dapper:
Won't Fix
Status in linux-fsl-imx51 source package in Dapper:
Invalid
Status in linux source package in Hardy:
Fix Released
Status in linux-fsl-imx51 source package in Hardy:
Invalid
Status in linux source package in Karmic:
Fix Released
Status in linux-fsl-imx51 source package in Karmic:
Won't Fix
Bug description:
Multiple integer overflows in the (1) pppol2tp_sendmsg function in
net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in
net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the
Linux kernel before 2.6.36.2 allow local users to cause a denial of service
(heap memory corruption and panic) or possibly gain privileges via a
crafted sendto call.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/711855/+subscriptions