← Back to team overview

kernel-packages team mailing list archive

[Bug 710714] Re: CVE-2010-3875

 

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4249

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/710714

Title:
  CVE-2010-3875

Status in linux package in Ubuntu:
  Fix Released
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-mvl-dove package in Ubuntu:
  Invalid
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Lucid:
  Fix Released
Status in linux-fsl-imx51 source package in Lucid:
  Fix Released
Status in linux-mvl-dove source package in Lucid:
  Fix Released
Status in linux-ti-omap4 source package in Lucid:
  Invalid
Status in linux source package in Maverick:
  Fix Released
Status in linux-fsl-imx51 source package in Maverick:
  Invalid
Status in linux-mvl-dove source package in Maverick:
  Fix Released
Status in linux-ti-omap4 source package in Maverick:
  Fix Released
Status in linux source package in Natty:
  Fix Released
Status in linux-fsl-imx51 source package in Natty:
  Invalid
Status in linux-mvl-dove source package in Natty:
  Invalid
Status in linux-ti-omap4 source package in Natty:
  Invalid
Status in linux source package in Dapper:
  Won't Fix
Status in linux-fsl-imx51 source package in Dapper:
  Invalid
Status in linux-mvl-dove source package in Dapper:
  Invalid
Status in linux-ti-omap4 source package in Dapper:
  Invalid
Status in linux source package in Hardy:
  Fix Released
Status in linux-fsl-imx51 source package in Hardy:
  Invalid
Status in linux-mvl-dove source package in Hardy:
  Invalid
Status in linux-ti-omap4 source package in Hardy:
  Invalid
Status in linux source package in Karmic:
  Fix Released
Status in linux-fsl-imx51 source package in Karmic:
  Won't Fix
Status in linux-mvl-dove source package in Karmic:
  Invalid
Status in linux-ti-omap4 source package in Karmic:
  Invalid

Bug description:
  The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before
  2.6.37-rc2 does not initialize a certain structure, which allows local
  users to obtain potentially sensitive information from kernel stack memory
  by reading a copy of this structure.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/710714/+subscriptions