kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #103816
[Bug 707579] Re: CVE-2010-4078
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4249
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/707579
Title:
CVE-2010-4078
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Lucid:
Fix Released
Status in linux source package in Maverick:
Fix Released
Status in linux source package in Natty:
Fix Released
Status in linux source package in Dapper:
Won't Fix
Status in linux source package in Hardy:
Fix Released
Status in linux source package in Karmic:
Fix Released
Bug description:
The FBIOGET_VBLANK device ioctl allows unprivileged users to read 16
bytes of uninitialized stack memory, because the "reserved" member of
the fb_vblank struct declared on the stack is not altered or zeroed
before being copied back to the user.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/707579/+subscriptions