← Back to team overview

kernel-packages team mailing list archive

  1. kernel-packages team
  2. Mailing list archive
  3. Message #125833

[Bug 1274754] Re: CVE-2014-0038

  Thread PreviousDate PreviousThread Next 
*** This bug is a duplicate of bug 1274349 ***
    https://bugs.launchpad.net/bugs/1274349

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2929

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4587

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6367

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6368

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6376

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0038

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1274754

Title:
  CVE-2014-0038

Status in linux package in Ubuntu:
  New
Status in linux-armadaxp package in Ubuntu:
  Invalid
Status in linux-ec2 package in Ubuntu:
  Invalid
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-lts-backport-maverick package in Ubuntu:
  New
Status in linux-lts-backport-natty package in Ubuntu:
  New
Status in linux-lts-quantal package in Ubuntu:
  Invalid
Status in linux-lts-raring package in Ubuntu:
  Invalid
Status in linux-lts-saucy package in Ubuntu:
  Invalid
Status in linux-mvl-dove package in Ubuntu:
  Invalid
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Lucid:
  Invalid
Status in linux-armadaxp source package in Lucid:
  Invalid
Status in linux-ec2 source package in Lucid:
  Invalid
Status in linux-fsl-imx51 source package in Lucid:
  Invalid
Status in linux-lts-backport-maverick source package in Lucid:
  New
Status in linux-lts-backport-natty source package in Lucid:
  New
Status in linux-lts-quantal source package in Lucid:
  Invalid
Status in linux-lts-raring source package in Lucid:
  Invalid
Status in linux-lts-saucy source package in Lucid:
  Invalid
Status in linux-mvl-dove source package in Lucid:
  Invalid
Status in linux-ti-omap4 source package in Lucid:
  Invalid
Status in linux source package in Precise:
  Invalid
Status in linux-armadaxp source package in Precise:
  Invalid
Status in linux-ec2 source package in Precise:
  Invalid
Status in linux-fsl-imx51 source package in Precise:
  Invalid
Status in linux-lts-backport-maverick source package in Precise:
  New
Status in linux-lts-backport-natty source package in Precise:
  New
Status in linux-lts-quantal source package in Precise:
  New
Status in linux-lts-raring source package in Precise:
  Fix Released
Status in linux-lts-saucy source package in Precise:
  Fix Released
Status in linux-mvl-dove source package in Precise:
  Invalid
Status in linux-ti-omap4 source package in Precise:
  Invalid
Status in linux source package in Quantal:
  New
Status in linux-armadaxp source package in Quantal:
  Invalid
Status in linux-ec2 source package in Quantal:
  Invalid
Status in linux-fsl-imx51 source package in Quantal:
  Invalid
Status in linux-lts-backport-maverick source package in Quantal:
  New
Status in linux-lts-backport-natty source package in Quantal:
  New
Status in linux-lts-quantal source package in Quantal:
  Invalid
Status in linux-lts-raring source package in Quantal:
  Invalid
Status in linux-lts-saucy source package in Quantal:
  Invalid
Status in linux-mvl-dove source package in Quantal:
  Invalid
Status in linux-ti-omap4 source package in Quantal:
  Invalid
Status in linux source package in Saucy:
  Fix Released
Status in linux-armadaxp source package in Saucy:
  Invalid
Status in linux-ec2 source package in Saucy:
  Invalid
Status in linux-fsl-imx51 source package in Saucy:
  Invalid
Status in linux-lts-backport-maverick source package in Saucy:
  New
Status in linux-lts-backport-natty source package in Saucy:
  New
Status in linux-lts-quantal source package in Saucy:
  Invalid
Status in linux-lts-raring source package in Saucy:
  Invalid
Status in linux-lts-saucy source package in Saucy:
  Invalid
Status in linux-mvl-dove source package in Saucy:
  Invalid
Status in linux-ti-omap4 source package in Saucy:
  Invalid
Status in linux source package in Trusty:
  New
Status in linux-armadaxp source package in Trusty:
  Invalid
Status in linux-ec2 source package in Trusty:
  Invalid
Status in linux-fsl-imx51 source package in Trusty:
  Invalid
Status in linux-lts-backport-maverick source package in Trusty:
  New
Status in linux-lts-backport-natty source package in Trusty:
  New
Status in linux-lts-quantal source package in Trusty:
  Invalid
Status in linux-lts-raring source package in Trusty:
  Invalid
Status in linux-lts-saucy source package in Trusty:
  Invalid
Status in linux-mvl-dove source package in Trusty:
  Invalid
Status in linux-ti-omap4 source package in Trusty:
  Invalid

Bug description:
  The timeout pointer parameter is provided by userland (hence the
  __user annotation) but for x32 syscalls it's simply cast to a kernel
  pointer and is passed to __sys_recvmmsg which will eventually directly
  dereference it for both reading and writing. Other callers to
  __sys_recvmmsg properly copy from userland to the kernel first. The
  impact is a sort of arbitrary kernel write-where-what primitive by
  unprivileged users where the to-be-written area must contain valid
  timespec data initially (the first 64 bit long field must be positive
  and the second one must be < 1G).

  Break-Fix: ee4fa23c4bfcc635d077a9633d405610de45bc70 lp1274754

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1274754/+subscriptions

References

  Thread PreviousDate PreviousThread Next