← Back to team overview

kernel-packages team mailing list archive

[Bug 1333612] Re: CVE-2014-4027

 

** No longer affects: linux-armadaxp (Ubuntu Saucy)

** No longer affects: linux-ec2 (Ubuntu Saucy)

** No longer affects: linux-lts-saucy (Ubuntu Saucy)

** No longer affects: linux-lts-quantal (Ubuntu Saucy)

** No longer affects: linux-mvl-dove (Ubuntu Saucy)

** No longer affects: linux (Ubuntu Saucy)

** No longer affects: linux-fsl-imx51 (Ubuntu Saucy)

** No longer affects: linux-ti-omap4 (Ubuntu Saucy)

** No longer affects: linux-lts-raring (Ubuntu Saucy)

** Changed in: linux-ec2 (Ubuntu Lucid)
       Status: New => Invalid

** Changed in: linux (Ubuntu Lucid)
       Status: New => Invalid

** Description changed:

  The rd_build_device_space function in drivers/target/target_core_rd.c in
  the Linux kernel before 3.14 does not properly initialize a certain data
  structure, which allows local users to obtain sensitive information from
  ramdisk_mcp memory by leveraging access to a SCSI initiator.
  
- Break-Fix: - 4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
+ Break-Fix: c66ac9db8d4ad9994a02b3e933ea2ccc643e1fe5
+ 4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1333612

Title:
  CVE-2014-4027

Status in “linux” package in Ubuntu:
  Invalid
Status in “linux-armadaxp” package in Ubuntu:
  Invalid
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
  New
Status in “linux-lts-backport-natty” package in Ubuntu:
  New
Status in “linux-lts-quantal” package in Ubuntu:
  Invalid
Status in “linux-lts-raring” package in Ubuntu:
  Invalid
Status in “linux-lts-saucy” package in Ubuntu:
  Invalid
Status in “linux-mvl-dove” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Invalid
Status in “linux” source package in Lucid:
  Invalid
Status in “linux-armadaxp” source package in Lucid:
  Invalid
Status in “linux-ec2” source package in Lucid:
  Invalid
Status in “linux-fsl-imx51” source package in Lucid:
  Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
  Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
  Invalid
Status in “linux-lts-raring” source package in Lucid:
  Invalid
Status in “linux-lts-saucy” source package in Lucid:
  Invalid
Status in “linux-mvl-dove” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “linux” source package in Precise:
  New
Status in “linux-armadaxp” source package in Precise:
  New
Status in “linux-ec2” source package in Precise:
  Invalid
Status in “linux-fsl-imx51” source package in Precise:
  Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
  Won't Fix
Status in “linux-lts-quantal” source package in Precise:
  Fix Released
Status in “linux-lts-raring” source package in Precise:
  New
Status in “linux-lts-saucy” source package in Precise:
  New
Status in “linux-mvl-dove” source package in Precise:
  Invalid
Status in “linux-ti-omap4” source package in Precise:
  New
Status in “linux-lts-backport-maverick” source package in Saucy:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
  Won't Fix
Status in “linux” source package in Trusty:
  New
Status in “linux-armadaxp” source package in Trusty:
  Invalid
Status in “linux-ec2” source package in Trusty:
  Invalid
Status in “linux-fsl-imx51” source package in Trusty:
  Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
  Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
  Invalid
Status in “linux-lts-raring” source package in Trusty:
  Invalid
Status in “linux-lts-saucy” source package in Trusty:
  Invalid
Status in “linux-mvl-dove” source package in Trusty:
  Invalid
Status in “linux-ti-omap4” source package in Trusty:
  Invalid
Status in “linux” source package in Utopic:
  Invalid
Status in “linux-armadaxp” source package in Utopic:
  Invalid
Status in “linux-ec2” source package in Utopic:
  Invalid
Status in “linux-fsl-imx51” source package in Utopic:
  Invalid
Status in “linux-lts-backport-maverick” source package in Utopic:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Utopic:
  Won't Fix
Status in “linux-lts-quantal” source package in Utopic:
  Invalid
Status in “linux-lts-raring” source package in Utopic:
  Invalid
Status in “linux-lts-saucy” source package in Utopic:
  Invalid
Status in “linux-mvl-dove” source package in Utopic:
  Invalid
Status in “linux-ti-omap4” source package in Utopic:
  Invalid

Bug description:
  The rd_build_device_space function in drivers/target/target_core_rd.c
  in the Linux kernel before 3.14 does not properly initialize a certain
  data structure, which allows local users to obtain sensitive
  information from ramdisk_mcp memory by leveraging access to a SCSI
  initiator.

  Break-Fix: c66ac9db8d4ad9994a02b3e933ea2ccc643e1fe5
  4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1333612/+subscriptions


References