kernel-packages team mailing list archive

Thread
Date
[Bug 1189833] Re: CVE-2013-2852

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: John Johansen <john.johansen@xxxxxxxxxxxxx>
Date: Sat, 15 Feb 2014 00:16:05 -0000
Reply-to: Bug 1189833 <1189833@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** Also affects: linux (Ubuntu Trusty)
   Importance: Medium
       Status: Invalid

** Also affects: linux-fsl-imx51 (Ubuntu Trusty)
   Importance: Medium
       Status: Invalid

** Also affects: linux-mvl-dove (Ubuntu Trusty)
   Importance: Medium
       Status: Invalid

** Also affects: linux-ec2 (Ubuntu Trusty)
   Importance: Medium
       Status: Invalid

** Also affects: linux-ti-omap4 (Ubuntu Trusty)
   Importance: Medium
       Status: Fix Committed

** Also affects: linux-lts-backport-maverick (Ubuntu Trusty)
   Importance: Medium
       Status: Invalid

** Also affects: linux-lts-backport-natty (Ubuntu Trusty)
   Importance: Undecided
       Status: Invalid

** Also affects: linux-lts-backport-oneiric (Ubuntu Trusty)
   Importance: Undecided
       Status: Invalid

** Also affects: linux-armadaxp (Ubuntu Trusty)
   Importance: Medium
       Status: Invalid

** Also affects: linux-lts-quantal (Ubuntu Trusty)
   Importance: Medium
       Status: Invalid

** Also affects: linux-lts-raring (Ubuntu Trusty)
   Importance: Medium
       Status: Invalid

** No longer affects: linux-armadaxp (Ubuntu Raring)

** No longer affects: linux-ec2 (Ubuntu Raring)

** No longer affects: linux-lts-saucy (Ubuntu Raring)

** No longer affects: linux-lts-quantal (Ubuntu Raring)

** No longer affects: linux-mvl-dove (Ubuntu Raring)

** No longer affects: linux (Ubuntu Raring)

** No longer affects: linux-fsl-imx51 (Ubuntu Raring)

** No longer affects: linux-ti-omap4 (Ubuntu Raring)

** No longer affects: linux-lts-raring (Ubuntu Raring)

** Changed in: linux-ti-omap4 (Ubuntu Trusty)
       Status: Fix Committed => Invalid

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1189833

Title:
  CVE-2013-2852

Status in “linux” package in Ubuntu:
  Invalid
Status in “linux-armadaxp” package in Ubuntu:
  Invalid
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-natty” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-oneiric” package in Ubuntu:
  Invalid
Status in “linux-lts-quantal” package in Ubuntu:
  Invalid
Status in “linux-lts-raring” package in Ubuntu:
  Invalid
Status in “linux-lts-saucy” package in Ubuntu:
  New
Status in “linux-mvl-dove” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Invalid
Status in “linux” source package in Lucid:
  Fix Released
Status in “linux-armadaxp” source package in Lucid:
  Invalid
Status in “linux-ec2” source package in Lucid:
  Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
  Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
  Invalid
Status in “linux-lts-backport-natty” source package in Lucid:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Lucid:
  Invalid
Status in “linux-lts-quantal” source package in Lucid:
  Invalid
Status in “linux-lts-raring” source package in Lucid:
  Invalid
Status in “linux-lts-saucy” source package in Lucid:
  New
Status in “linux-mvl-dove” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “linux” source package in Precise:
  Fix Released
Status in “linux-armadaxp” source package in Precise:
  Fix Released
Status in “linux-ec2” source package in Precise:
  Invalid
Status in “linux-fsl-imx51” source package in Precise:
  Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
  Invalid
Status in “linux-lts-backport-natty” source package in Precise:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Precise:
  Invalid
Status in “linux-lts-quantal” source package in Precise:
  Fix Released
Status in “linux-lts-raring” source package in Precise:
  Fix Released
Status in “linux-lts-saucy” source package in Precise:
  New
Status in “linux-mvl-dove” source package in Precise:
  Invalid
Status in “linux-ti-omap4” source package in Precise:
  Fix Released
Status in “linux” source package in Quantal:
  Fix Released
Status in “linux-armadaxp” source package in Quantal:
  Fix Released
Status in “linux-ec2” source package in Quantal:
  Invalid
Status in “linux-fsl-imx51” source package in Quantal:
  Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
  Invalid
Status in “linux-lts-backport-natty” source package in Quantal:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Quantal:
  Invalid
Status in “linux-lts-quantal” source package in Quantal:
  Invalid
Status in “linux-lts-raring” source package in Quantal:
  Invalid
Status in “linux-lts-saucy” source package in Quantal:
  New
Status in “linux-mvl-dove” source package in Quantal:
  Invalid
Status in “linux-ti-omap4” source package in Quantal:
  Fix Released
Status in “linux-lts-backport-maverick” source package in Raring:
  Invalid
Status in “linux-lts-backport-natty” source package in Raring:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Raring:
  Invalid
Status in “linux” source package in Saucy:
  Invalid
Status in “linux-armadaxp” source package in Saucy:
  Invalid
Status in “linux-ec2” source package in Saucy:
  Invalid
Status in “linux-fsl-imx51” source package in Saucy:
  Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
  Invalid
Status in “linux-lts-backport-natty” source package in Saucy:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Saucy:
  Invalid
Status in “linux-lts-quantal” source package in Saucy:
  Invalid
Status in “linux-lts-raring” source package in Saucy:
  Invalid
Status in “linux-lts-saucy” source package in Saucy:
  New
Status in “linux-mvl-dove” source package in Saucy:
  Invalid
Status in “linux-ti-omap4” source package in Saucy:
  Fix Committed
Status in “linux” source package in Trusty:
  Invalid
Status in “linux-armadaxp” source package in Trusty:
  Invalid
Status in “linux-ec2” source package in Trusty:
  Invalid
Status in “linux-fsl-imx51” source package in Trusty:
  Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
  Invalid
Status in “linux-lts-backport-natty” source package in Trusty:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Trusty:
  Invalid
Status in “linux-lts-quantal” source package in Trusty:
  Invalid
Status in “linux-lts-raring” source package in Trusty:
  Invalid
Status in “linux-lts-saucy” source package in Trusty:
  New
Status in “linux-mvl-dove” source package in Trusty:
  Invalid
Status in “linux-ti-omap4” source package in Trusty:
  Invalid

Bug description:
  Format string vulnerability in the b43_request_firmware function in
  drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in
  the Linux kernel through 3.9.4 allows local users to gain privileges
  by leveraging root access and including format string specifiers in an
  fwpostfix modprobe parameter, leading to improper construction of an
  error message.

  Break-Fix: - e0e29b683d6784ef59bbc914eac85a04b650e63c

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1189833/+subscriptions