kernel-packages team mailing list archive

Thread
Date

[Bug 1271519] [NEW] Restore old recvmsg behavior after CVE-2013-7266 fix is applied

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Luis Henriques <luis.henriques@xxxxxxxxxxxxx>
Date: Wed, 22 Jan 2014 12:16:29 -0000
Reply-to: Bug 1271519 <1271519@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

After commit f3d3342602f8bcbf37d7c46641cb9bca7618eb1c ("net: rework
recvmsg handler msg_name and msg_namelen logic"), which fixes
CVE-2013-7266 to CVE-2013-7271, we end up with a bug in the af_rose.

Upstream commit f81152e35001e91997ec74a7b4e040e6ab0acccf restores the
old behaviour in net/rose/af_rose.c and should get applied to all the
series that got these CVEs fixed.

** Affects: linux (Ubuntu)
     Importance: Undecided
     Assignee: Luis Henriques (henrix)
         Status: Triaged

** Affects: linux (Ubuntu Lucid)
     Importance: Undecided
         Status: Fix Committed

** Affects: linux (Ubuntu Precise)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Quantal)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Raring)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Saucy)
     Importance: Undecided
         Status: New

** Also affects: linux (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Quantal)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Raring)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Saucy)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu Lucid)
       Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1271519

Title:
  Restore old recvmsg behavior after CVE-2013-7266 fix is applied

Status in “linux” package in Ubuntu:
  Triaged
Status in “linux” source package in Lucid:
  Fix Committed
Status in “linux” source package in Precise:
  New
Status in “linux” source package in Quantal:
  New
Status in “linux” source package in Raring:
  New
Status in “linux” source package in Saucy:
  New

Bug description:
  After commit f3d3342602f8bcbf37d7c46641cb9bca7618eb1c ("net: rework
  recvmsg handler msg_name and msg_namelen logic"), which fixes
  CVE-2013-7266 to CVE-2013-7271, we end up with a bug in the af_rose.

  Upstream commit f81152e35001e91997ec74a7b4e040e6ab0acccf restores the
  old behaviour in net/rose/af_rose.c and should get applied to all the
  series that got these CVEs fixed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1271519/+subscriptions

Follow ups

[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-03-06
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-03-05
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-24
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-20
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-19
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-19
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-18
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-18
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-18
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-11
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-11
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-07
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-07
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-02-06
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-23
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-23
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-23
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Andy Whitcroft, 2014-01-22
[Bug 1271519] [NEW] Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Luis Henriques, 2014-01-22

References

[Bug 1271519] [NEW] Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Luis Henriques, 2014-01-22