kernel-packages team mailing list archive

Thread
Date

[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Andy Whitcroft <apw@xxxxxxxxxxxxx>
Date: Wed, 22 Jan 2014 14:38:14 -0000
Reply-to: Bug 1271519 <1271519@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: linux (Ubuntu Precise)
       Status: New => Confirmed

** Changed in: linux (Ubuntu Saucy)
       Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1271519

Title:
  Restore old recvmsg behavior after CVE-2013-7266 fix is applied

Status in “linux” package in Ubuntu:
  Triaged
Status in “linux” source package in Lucid:
  Fix Committed
Status in “linux” source package in Precise:
  Confirmed
Status in “linux” source package in Quantal:
  New
Status in “linux” source package in Raring:
  New
Status in “linux” source package in Saucy:
  Fix Committed

Bug description:
  After commit f3d3342602f8bcbf37d7c46641cb9bca7618eb1c ("net: rework
  recvmsg handler msg_name and msg_namelen logic"), which fixes
  CVE-2013-7266 to CVE-2013-7271, we end up with a bug in the af_rose.

  Upstream commit f81152e35001e91997ec74a7b4e040e6ab0acccf restores the
  old behaviour in net/rose/af_rose.c and should get applied to all the
  series that got these CVEs fixed.

  break-fix: - f81152e35001e91997ec74a7b4e040e6ab0acccf

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1271519/+subscriptions

References

[Bug 1271519] [NEW] Restore old recvmsg behavior after CVE-2013-7266 fix is applied
From: Luis Henriques, 2014-01-22