kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #11682
[Bug 1220185] Re: CVE-2013-2888
CVE-2013-2888
** Also affects: linux (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: linux-ec2 (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-natty (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: linux-ec2 (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-natty (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: linux-ec2 (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-natty (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: linux-ec2 (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-natty (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-ec2 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-natty (Ubuntu Lucid)
Importance: Undecided
Status: New
** Changed in: linux-armadaxp (Ubuntu Lucid)
Status: New => Invalid
** Changed in: linux-armadaxp (Ubuntu Saucy)
Status: New => Invalid
** Changed in: linux-armadaxp (Ubuntu Raring)
Status: New => Invalid
** Changed in: linux-ec2 (Ubuntu Precise)
Status: New => Invalid
** Changed in: linux-ec2 (Ubuntu Saucy)
Status: New => Invalid
** Changed in: linux-ec2 (Ubuntu Quantal)
Status: New => Invalid
** Changed in: linux-ec2 (Ubuntu Raring)
Status: New => Invalid
** Changed in: linux-lts-quantal (Ubuntu Lucid)
Status: New => Invalid
** Changed in: linux-lts-quantal (Ubuntu Saucy)
Status: New => Invalid
** Changed in: linux-lts-quantal (Ubuntu Quantal)
Status: New => Invalid
** Changed in: linux-lts-quantal (Ubuntu Raring)
Status: New => Invalid
** Changed in: linux-mvl-dove (Ubuntu Precise)
Status: New => Invalid
** Changed in: linux-mvl-dove (Ubuntu Saucy)
Status: New => Invalid
** Changed in: linux-mvl-dove (Ubuntu Quantal)
Status: New => Invalid
** Changed in: linux-mvl-dove (Ubuntu Raring)
Status: New => Invalid
** Changed in: linux-ti-omap4 (Ubuntu Lucid)
Status: New => Invalid
** Changed in: linux-fsl-imx51 (Ubuntu Precise)
Status: New => Invalid
** Changed in: linux-fsl-imx51 (Ubuntu Saucy)
Status: New => Invalid
** Changed in: linux-fsl-imx51 (Ubuntu Quantal)
Status: New => Invalid
** Changed in: linux-fsl-imx51 (Ubuntu Raring)
Status: New => Invalid
** Changed in: linux-lts-raring (Ubuntu Lucid)
Status: New => Invalid
** Changed in: linux-lts-raring (Ubuntu Saucy)
Status: New => Invalid
** Changed in: linux-lts-raring (Ubuntu Quantal)
Status: New => Invalid
** Changed in: linux-lts-raring (Ubuntu Raring)
Status: New => Invalid
** Description changed:
- Placeholder
+ Memory write via arbitrary heap array index. This is the most serious,
+ IMO, as it allows (on 32-bit) access to the entire memory range (the
+ index is unsigned 32 bit). This is mitigated slightly by the fact that
+ the starting address is at an "unknown" location on the heap, and that
+ the value written is an "arbitrary" kernel pointer. Still, this could
+ almost certainly be turned into full kernel execution given enough
+ study.
** Changed in: linux-armadaxp (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux-armadaxp (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: linux-armadaxp (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: linux-armadaxp (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: linux-armadaxp (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: linux-ec2 (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux-ec2 (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: linux-ec2 (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: linux-ec2 (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: linux-ec2 (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: linux-lts-quantal (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux-lts-quantal (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: linux-lts-quantal (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: linux-lts-quantal (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: linux-lts-quantal (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: linux-mvl-dove (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: New => Invalid
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: linux-mvl-dove (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: linux-mvl-dove (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: linux-mvl-dove (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux-ti-omap4 (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: linux-ti-omap4 (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: linux-ti-omap4 (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: linux-ti-omap4 (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: linux-fsl-imx51 (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux-fsl-imx51 (Ubuntu Lucid)
Status: New => Invalid
** Changed in: linux-fsl-imx51 (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: linux-fsl-imx51 (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: linux-fsl-imx51 (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: linux-fsl-imx51 (Ubuntu Raring)
Importance: Undecided => Medium
** Changed in: linux-lts-raring (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: linux-lts-raring (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: linux-lts-raring (Ubuntu Saucy)
Importance: Undecided => Medium
** Changed in: linux-lts-raring (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: linux-lts-raring (Ubuntu Raring)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1220185
Title:
CVE-2013-2888
Status in “linux” package in Ubuntu:
New
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
New
Status in “linux-lts-backport-natty” package in Ubuntu:
New
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
New
Status in “linux” source package in Lucid:
New
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
New
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
New
Status in “linux-lts-backport-natty” source package in Lucid:
New
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
New
Status in “linux-armadaxp” source package in Precise:
New
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
New
Status in “linux-lts-backport-natty” source package in Precise:
New
Status in “linux-lts-quantal” source package in Precise:
New
Status in “linux-lts-raring” source package in Precise:
New
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
New
Status in “linux” source package in Quantal:
New
Status in “linux-armadaxp” source package in Quantal:
New
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-fsl-imx51” source package in Quantal:
Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
New
Status in “linux-lts-backport-natty” source package in Quantal:
New
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-mvl-dove” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
New
Status in “linux” source package in Raring:
New
Status in “linux-armadaxp” source package in Raring:
Invalid
Status in “linux-ec2” source package in Raring:
Invalid
Status in “linux-fsl-imx51” source package in Raring:
Invalid
Status in “linux-lts-backport-maverick” source package in Raring:
New
Status in “linux-lts-backport-natty” source package in Raring:
New
Status in “linux-lts-quantal” source package in Raring:
Invalid
Status in “linux-lts-raring” source package in Raring:
Invalid
Status in “linux-mvl-dove” source package in Raring:
Invalid
Status in “linux-ti-omap4” source package in Raring:
New
Status in “linux” source package in Saucy:
New
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
New
Status in “linux-lts-backport-natty” source package in Saucy:
New
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
New
Bug description:
Memory write via arbitrary heap array index. This is the most serious,
IMO, as it allows (on 32-bit) access to the entire memory range (the
index is unsigned 32 bit). This is mitigated slightly by the fact that
the starting address is at an "unknown" location on the heap, and that
the value written is an "arbitrary" kernel pointer. Still, this could
almost certainly be turned into full kernel execution given enough
study.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1220185/+subscriptions
References
