← Back to team overview

kernel-packages team mailing list archive

  1. kernel-packages team
  2. Mailing list archive
  3. Message #109881

[Bug 1364516] Re: CVE-2013-2597

  Thread PreviousDate PreviousThread Next 
** Description changed:

  Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c
  in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in
  Qualcomm Innovation Center (QuIC) Android contributions for MSM devices
  and other products, allows attackers to gain privileges via an
  application that leverages /dev/msm_acdb access and provides a large
  size value in an ioctl argument.
+ 
+ Break-Fix: - I8230fdb00a7b57d398929e8ab0eb6587476f3db1

** Description changed:

  Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c
  in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in
  Qualcomm Innovation Center (QuIC) Android contributions for MSM devices
  and other products, allows attackers to gain privileges via an
  application that leverages /dev/msm_acdb access and provides a large
  size value in an ioctl argument.
  
  Break-Fix: - I8230fdb00a7b57d398929e8ab0eb6587476f3db1
+ Break-Fix: - I4a5b5ca5212bea32b671027d68a66367c5d4c4e7

** Changed in: linux-lts-saucy (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-lts-raring (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-lts-quantal (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-lts-backport-natty (Ubuntu)
       Status: New => Invalid

** Changed in: linux-lts-backport-natty (Ubuntu Lucid)
       Status: New => Invalid

** Changed in: linux-lts-backport-natty (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-lts-backport-natty (Ubuntu Trusty)
       Status: New => Invalid

** Changed in: linux-lts-backport-natty (Ubuntu Utopic)
       Status: New => Invalid

** Changed in: linux-lts-backport-maverick (Ubuntu)
       Status: New => Invalid

** Changed in: linux-lts-backport-maverick (Ubuntu Lucid)
       Status: New => Invalid

** Changed in: linux-lts-backport-maverick (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-lts-backport-maverick (Ubuntu Trusty)
       Status: New => Invalid

** Changed in: linux-lts-backport-maverick (Ubuntu Utopic)
       Status: New => Invalid

** Changed in: linux (Ubuntu)
       Status: New => Invalid

** Changed in: linux (Ubuntu Trusty)
       Status: New => Invalid

** Changed in: linux (Ubuntu Utopic)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1364516

Title:
  CVE-2013-2597

Status in linux package in Ubuntu:
  Invalid
Status in linux-armadaxp package in Ubuntu:
  Invalid
Status in linux-ec2 package in Ubuntu:
  Invalid
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-lts-backport-maverick package in Ubuntu:
  Invalid
Status in linux-lts-backport-natty package in Ubuntu:
  Invalid
Status in linux-lts-quantal package in Ubuntu:
  Invalid
Status in linux-lts-raring package in Ubuntu:
  Invalid
Status in linux-lts-saucy package in Ubuntu:
  Invalid
Status in linux-mvl-dove package in Ubuntu:
  Invalid
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Lucid:
  New
Status in linux-armadaxp source package in Lucid:
  Invalid
Status in linux-ec2 source package in Lucid:
  New
Status in linux-fsl-imx51 source package in Lucid:
  Invalid
Status in linux-lts-backport-maverick source package in Lucid:
  Invalid
Status in linux-lts-backport-natty source package in Lucid:
  Invalid
Status in linux-lts-quantal source package in Lucid:
  Invalid
Status in linux-lts-raring source package in Lucid:
  Invalid
Status in linux-lts-saucy source package in Lucid:
  Invalid
Status in linux-mvl-dove source package in Lucid:
  Invalid
Status in linux-ti-omap4 source package in Lucid:
  Invalid
Status in linux source package in Precise:
  New
Status in linux-armadaxp source package in Precise:
  New
Status in linux-ec2 source package in Precise:
  Invalid
Status in linux-fsl-imx51 source package in Precise:
  Invalid
Status in linux-lts-backport-maverick source package in Precise:
  Invalid
Status in linux-lts-backport-natty source package in Precise:
  Invalid
Status in linux-lts-quantal source package in Precise:
  Invalid
Status in linux-lts-raring source package in Precise:
  Invalid
Status in linux-lts-saucy source package in Precise:
  Invalid
Status in linux-mvl-dove source package in Precise:
  Invalid
Status in linux-ti-omap4 source package in Precise:
  New
Status in linux source package in Trusty:
  Invalid
Status in linux-armadaxp source package in Trusty:
  Invalid
Status in linux-ec2 source package in Trusty:
  Invalid
Status in linux-fsl-imx51 source package in Trusty:
  Invalid
Status in linux-lts-backport-maverick source package in Trusty:
  Invalid
Status in linux-lts-backport-natty source package in Trusty:
  Invalid
Status in linux-lts-quantal source package in Trusty:
  Invalid
Status in linux-lts-raring source package in Trusty:
  Invalid
Status in linux-lts-saucy source package in Trusty:
  Invalid
Status in linux-mvl-dove source package in Trusty:
  Invalid
Status in linux-ti-omap4 source package in Trusty:
  Invalid
Status in linux source package in Utopic:
  Invalid
Status in linux-armadaxp source package in Utopic:
  Invalid
Status in linux-ec2 source package in Utopic:
  Invalid
Status in linux-fsl-imx51 source package in Utopic:
  Invalid
Status in linux-lts-backport-maverick source package in Utopic:
  Invalid
Status in linux-lts-backport-natty source package in Utopic:
  Invalid
Status in linux-lts-quantal source package in Utopic:
  Invalid
Status in linux-lts-raring source package in Utopic:
  Invalid
Status in linux-lts-saucy source package in Utopic:
  Invalid
Status in linux-mvl-dove source package in Utopic:
  Invalid
Status in linux-ti-omap4 source package in Utopic:
  Invalid

Bug description:
  Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c
  in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used
  in Qualcomm Innovation Center (QuIC) Android contributions for MSM
  devices and other products, allows attackers to gain privileges via an
  application that leverages /dev/msm_acdb access and provides a large
  size value in an ioctl argument.

  Break-Fix: - I8230fdb00a7b57d398929e8ab0eb6587476f3db1
  Break-Fix: - I4a5b5ca5212bea32b671027d68a66367c5d4c4e7

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1364516/+subscriptions

References

  Thread PreviousDate PreviousThread Next