kernel-packages team mailing list archive

Thread
Date
[Bug 784727] Re: CVE-2011-1593

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Rolf Leggewie <784727@xxxxxxxxxxxxxxxxxx>
Date: Wed, 17 Jun 2015 12:09:27 -0000
Reply-to: Bug 784727 <784727@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
lucid has seen the end of its life and is no longer receiving any
updates. Marking the lucid task for this ticket as "Won't Fix".

** Changed in: linux-mvl-dove (Ubuntu Lucid)
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-lts-backport-maverick in Ubuntu.
https://bugs.launchpad.net/bugs/784727

Title:
  CVE-2011-1593

Status in linux package in Ubuntu:
  Fix Released
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-lts-backport-maverick package in Ubuntu:
  Invalid
Status in linux-mvl-dove package in Ubuntu:
  Invalid
Status in linux-ti-omap4 package in Ubuntu:
  Fix Released
Status in linux source package in Lucid:
  Fix Released
Status in linux-fsl-imx51 source package in Lucid:
  Fix Released
Status in linux-lts-backport-maverick source package in Lucid:
  Won't Fix
Status in linux-mvl-dove source package in Lucid:
  Won't Fix
Status in linux-ti-omap4 source package in Lucid:
  Invalid
Status in linux source package in Maverick:
  Fix Released
Status in linux-fsl-imx51 source package in Maverick:
  Invalid
Status in linux-lts-backport-maverick source package in Maverick:
  Invalid
Status in linux-mvl-dove source package in Maverick:
  Won't Fix
Status in linux-ti-omap4 source package in Maverick:
  Won't Fix
Status in linux source package in Natty:
  Fix Released
Status in linux-fsl-imx51 source package in Natty:
  Invalid
Status in linux-lts-backport-maverick source package in Natty:
  Invalid
Status in linux-mvl-dove source package in Natty:
  Invalid
Status in linux-ti-omap4 source package in Natty:
  Fix Released
Status in linux source package in Oneiric:
  Fix Released
Status in linux-fsl-imx51 source package in Oneiric:
  Invalid
Status in linux-lts-backport-maverick source package in Oneiric:
  Invalid
Status in linux-mvl-dove source package in Oneiric:
  Invalid
Status in linux-ti-omap4 source package in Oneiric:
  Fix Released
Status in linux source package in Dapper:
  Invalid
Status in linux-fsl-imx51 source package in Dapper:
  Invalid
Status in linux-lts-backport-maverick source package in Dapper:
  Invalid
Status in linux-mvl-dove source package in Dapper:
  Invalid
Status in linux-ti-omap4 source package in Dapper:
  Invalid
Status in linux source package in Hardy:
  Fix Released
Status in linux-fsl-imx51 source package in Hardy:
  Invalid
Status in linux-lts-backport-maverick source package in Hardy:
  Invalid
Status in linux-mvl-dove source package in Hardy:
  Invalid
Status in linux-ti-omap4 source package in Hardy:
  Invalid

Bug description:
  next_pidmap: fix overflow condition

  next_pidmap() just quietly accepted whatever 'last' pid that was passed
  in, which is not all that safe when one of the users is /proc.

  Admittedly the proc code should do some sanity checking on the range
  (and that will be the next commit), but that doesn't mean that the
  helper functions should just do that pidmap pointer arithmetic without
  checking the range of its arguments.

  So clamp 'last' to PID_MAX_LIMIT.  The fact that we then do "last+1"
  doesn't really matter, the for-loop does check against the end of the
  pidmap array properly (it's only the actual pointer arithmetic overflow
  case we need to worry about, and going one bit beyond isn't going to
  overflow).

  ---

  proc: do proper range check on readdir offset

  Rather than pass in some random truncated offset to the pid-related
  functions, check that the offset is in range up-front.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/784727/+subscriptions