← Back to team overview

kernel-packages team mailing list archive

[Bug 1271519] Re: Restore old recvmsg behavior after CVE-2013-7266 fix is applied

 

** Changed in: linux-ec2 (Ubuntu Lucid)
       Status: New => Confirmed

** Changed in: linux-lts-quantal (Ubuntu Precise)
       Status: New => Confirmed

** Changed in: linux-lts-saucy (Ubuntu Precise)
       Status: New => Fix Committed

** Changed in: linux-armadaxp (Ubuntu Precise)
       Status: New => Confirmed

** Changed in: linux-armadaxp (Ubuntu Quantal)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1271519

Title:
  Restore old recvmsg behavior after CVE-2013-7266 fix is applied

Status in “linux” package in Ubuntu:
  Fix Released
Status in “linux-armadaxp” package in Ubuntu:
  Invalid
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-lts-quantal” package in Ubuntu:
  Invalid
Status in “linux-lts-raring” package in Ubuntu:
  Invalid
Status in “linux-lts-saucy” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Invalid
Status in “linux” source package in Lucid:
  Fix Committed
Status in “linux-armadaxp” source package in Lucid:
  Invalid
Status in “linux-ec2” source package in Lucid:
  Confirmed
Status in “linux-lts-quantal” source package in Lucid:
  Invalid
Status in “linux-lts-raring” source package in Lucid:
  Invalid
Status in “linux-lts-saucy” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “linux” source package in Precise:
  Confirmed
Status in “linux-armadaxp” source package in Precise:
  Confirmed
Status in “linux-ec2” source package in Precise:
  Invalid
Status in “linux-lts-quantal” source package in Precise:
  Confirmed
Status in “linux-lts-raring” source package in Precise:
  Confirmed
Status in “linux-lts-saucy” source package in Precise:
  Fix Committed
Status in “linux-ti-omap4” source package in Precise:
  Confirmed
Status in “linux” source package in Quantal:
  Confirmed
Status in “linux-armadaxp” source package in Quantal:
  Confirmed
Status in “linux-ec2” source package in Quantal:
  Invalid
Status in “linux-lts-quantal” source package in Quantal:
  Invalid
Status in “linux-lts-raring” source package in Quantal:
  Invalid
Status in “linux-lts-saucy” source package in Quantal:
  Invalid
Status in “linux-ti-omap4” source package in Quantal:
  Confirmed
Status in “linux” source package in Raring:
  Invalid
Status in “linux-armadaxp” source package in Raring:
  Invalid
Status in “linux-ec2” source package in Raring:
  Invalid
Status in “linux-lts-quantal” source package in Raring:
  Invalid
Status in “linux-lts-raring” source package in Raring:
  Invalid
Status in “linux-lts-saucy” source package in Raring:
  Invalid
Status in “linux-ti-omap4” source package in Raring:
  Invalid
Status in “linux” source package in Saucy:
  Fix Committed
Status in “linux-armadaxp” source package in Saucy:
  Invalid
Status in “linux-ec2” source package in Saucy:
  Invalid
Status in “linux-lts-quantal” source package in Saucy:
  Invalid
Status in “linux-lts-raring” source package in Saucy:
  Invalid
Status in “linux-lts-saucy” source package in Saucy:
  Invalid
Status in “linux-ti-omap4” source package in Saucy:
  Confirmed

Bug description:
  After commit f3d3342602f8bcbf37d7c46641cb9bca7618eb1c ("net: rework
  recvmsg handler msg_name and msg_namelen logic"), which fixes
  CVE-2013-7266 to CVE-2013-7271, we end up with a bug in the af_rose.

  Upstream commit f81152e35001e91997ec74a7b4e040e6ab0acccf restores the
  old behaviour in net/rose/af_rose.c and should get applied to all the
  series that got these CVEs fixed.

  break-fix: - f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
  break-fix: f3d3342602f8bcbf37d7c46641cb9bca7618eb1c f81152e35001e91997ec74a7b4e040e6ab0acccf

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1271519/+subscriptions


References