kernel-packages team mailing list archive

Thread
Date
[Bug 800775] Re: CVE-2011-1090

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Mathew Hodson <mathew.hodson@xxxxxxxxx>
Date: Thu, 12 Feb 2015 07:12:15 -0000
Reply-to: Bug 800775 <800775@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4249

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-lts-backport-maverick in Ubuntu.
https://bugs.launchpad.net/bugs/800775

Title:
  CVE-2011-1090

Status in linux package in Ubuntu:
  Invalid
Status in linux-ec2 package in Ubuntu:
  Invalid
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-lts-backport-maverick package in Ubuntu:
  Invalid
Status in linux-lts-backport-natty package in Ubuntu:
  Invalid
Status in linux-mvl-dove package in Ubuntu:
  Invalid
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Lucid:
  Fix Released
Status in linux-ec2 source package in Lucid:
  Fix Released
Status in linux-fsl-imx51 source package in Lucid:
  Fix Released
Status in linux-lts-backport-maverick source package in Lucid:
  Fix Released
Status in linux-lts-backport-natty source package in Lucid:
  Invalid
Status in linux-mvl-dove source package in Lucid:
  Fix Released
Status in linux-ti-omap4 source package in Lucid:
  Invalid
Status in linux source package in Maverick:
  Fix Released
Status in linux-ec2 source package in Maverick:
  Invalid
Status in linux-fsl-imx51 source package in Maverick:
  Invalid
Status in linux-lts-backport-maverick source package in Maverick:
  Invalid
Status in linux-lts-backport-natty source package in Maverick:
  Invalid
Status in linux-mvl-dove source package in Maverick:
  Fix Released
Status in linux-ti-omap4 source package in Maverick:
  Fix Released
Status in linux source package in Natty:
  Fix Released
Status in linux-ec2 source package in Natty:
  Invalid
Status in linux-fsl-imx51 source package in Natty:
  Invalid
Status in linux-lts-backport-maverick source package in Natty:
  Invalid
Status in linux-lts-backport-natty source package in Natty:
  Invalid
Status in linux-mvl-dove source package in Natty:
  Invalid
Status in linux-ti-omap4 source package in Natty:
  Won't Fix
Status in linux source package in Oneiric:
  Invalid
Status in linux-ec2 source package in Oneiric:
  Invalid
Status in linux-fsl-imx51 source package in Oneiric:
  Invalid
Status in linux-lts-backport-maverick source package in Oneiric:
  Invalid
Status in linux-lts-backport-natty source package in Oneiric:
  Invalid
Status in linux-mvl-dove source package in Oneiric:
  Invalid
Status in linux-ti-omap4 source package in Oneiric:
  Invalid
Status in linux source package in Hardy:
  Fix Released
Status in linux-ec2 source package in Hardy:
  Invalid
Status in linux-fsl-imx51 source package in Hardy:
  Invalid
Status in linux-lts-backport-maverick source package in Hardy:
  Invalid
Status in linux-lts-backport-natty source package in Hardy:
  Invalid
Status in linux-mvl-dove source package in Hardy:
  Invalid
Status in linux-ti-omap4 source package in Hardy:
  Invalid

Bug description:
  The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux
  kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated
  by kmalloc but not properly freed, which allows local users to cause a
  denial of service (panic) via a crafted attempt to set an ACL.

  Break-Fix: - e9e3d724e2145f5039b423c290ce2b2c3d8f94bc

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/800775/+subscriptions