kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #47911
[Bug 1256091] Re: CVE-2013-6382
This bug was fixed in the package linux-ec2 - 2.6.32-362.75
---------------
linux-ec2 (2.6.32-362.75) lucid-proposed; urgency=low
[ Stefan Bader ]
* Rebased to Ubuntu-2.6.32-57.119
* Release Tracking Bug
- LP: #1281942
[ Ubuntu: 2.6.32-57.119 ]
* ubuntu: AUFS: fsnotify_open() now receives a file
- LP: #1097680
- CVE-2013-0160
* KVM: Improve create VCPU parameter (CVE-2013-4587)
- LP: #1261564
- CVE-2013-4587
* KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367)
- LP: #1261566
- CVE-2013-6367
* xfs: underflow bug in xfs_attrlist_by_handle()
- LP: #1256091
- CVE-2013-6382
* aacraid: prevent invalid pointer dereference
- LP: #1256083
- CVE-2013-6380
* wireless: radiotap: fix parsing buffer overrun
- LP: #1260622
- CVE-2013-7027
* net: rework recvmsg handler msg_name and msg_namelen logic
- LP: #1267081
- CVE-2013-7266
* net: rose: restore old recvmsg behavior
- LP: #1267081
- CVE-2013-7266
* fsnotify: pass a file instead of an inode to open, read, and write
- LP: #1097680
- CVE-2013-0160
* vfs: introduce FMODE_NONOTIFY
- LP: #1097680
- CVE-2013-0160
* fanotify: FMODE_NONOTIFY and __O_SYNC in sparc conflict
- LP: #1097680
- CVE-2013-0160
* TTY: do not update atime/mtime on read/write
- LP: #1097680
- CVE-2013-0160
* TTY: fix atime/mtime regression
- LP: #1097680
- CVE-2013-0160
* tty: fix up atime/mtime mess, take three
- LP: #1097680
- CVE-2013-0160
* farsync: fix info leak in ioctl
- LP: #1271442
- CVE-2014-1444
* wanxl: fix info leak in ioctl
- LP: #1271444
- CVE-2014-1445
* hamradio/yam: fix info leak in ioctl
- LP: #1271445
- CVE-2014-1446
* SELinux: Fix kernel BUG on empty security contexts.
- CVE-2014-1874
* exec/ptrace: fix get_dumpable() incorrect tests
- LP: #1260610
- CVE-2013-2929
-- Stefan Bader <stefan.bader@xxxxxxxxxxxxx> Wed, 19 Feb 2014 16:51:53 +0100
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0160
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2929
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4587
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6367
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6380
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7027
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7266
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1444
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1445
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1446
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1874
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1256091
Title:
CVE-2013-6382
Status in “linux” package in Ubuntu:
Invalid
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
Won't Fix
Status in “linux-lts-backport-natty” package in Ubuntu:
Won't Fix
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Fix Committed
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Released
Status in “linux-armadaxp” source package in Precise:
Fix Released
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
Won't Fix
Status in “linux-lts-quantal” source package in Precise:
Fix Committed
Status in “linux-lts-raring” source package in Precise:
Fix Committed
Status in “linux-lts-saucy” source package in Precise:
Fix Released
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
Fix Released
Status in “linux” source package in Quantal:
Fix Committed
Status in “linux-armadaxp” source package in Quantal:
Fix Committed
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-fsl-imx51” source package in Quantal:
Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
Won't Fix
Status in “linux-lts-backport-natty” source package in Quantal:
Won't Fix
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-lts-saucy” source package in Quantal:
Invalid
Status in “linux-mvl-dove” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
Fix Committed
Status in “linux-lts-backport-maverick” source package in Raring:
Won't Fix
Status in “linux-lts-backport-natty” source package in Raring:
Won't Fix
Status in “linux” source package in Saucy:
Fix Released
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
Won't Fix
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
Fix Committed
Status in “linux” source package in Trusty:
Invalid
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Bug description:
Multiple buffer underflows in the XFS implementation in the Linux
kernel through 3.12.1 allow local users to cause a denial of service
(memory corruption) or possibly have unspecified other impact by
leveraging the CAP_SYS_ADMIN capability for a (1)
XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl
call with a crafted length value, related to the
xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the
xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.
Break-Fix: - 31978b5cc66b8ba8a7e8eef60b12395d41b7b890
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1256091/+subscriptions
References
