kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #74601
[Bug 1354019] [NEW] CVE-2014-0972
*** This bug is a security vulnerability ***
Public security bug reported:
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm
Innovation Center (QuIC) Android contributions for MSM devices and other
products, does not properly prevent write access to IOMMU context
registers, which allows local users to select a custom page table, and
consequently write to arbitrary memory locations, by using a crafted GPU
command stream to modify the contents of a certain register.
** Affects: linux (Ubuntu)
Importance: High
Status: New
** Affects: linux-armadaxp (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux-ec2 (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux-lts-raring (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux (Ubuntu Lucid)
Importance: High
Status: New
** Affects: linux-armadaxp (Ubuntu Lucid)
Importance: High
Status: Invalid
** Affects: linux-ec2 (Ubuntu Lucid)
Importance: High
Status: New
** Affects: linux-fsl-imx51 (Ubuntu Lucid)
Importance: High
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Lucid)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Lucid)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Lucid)
Importance: High
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Lucid)
Importance: High
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Lucid)
Importance: High
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu Lucid)
Importance: High
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Lucid)
Importance: High
Status: Invalid
** Affects: linux (Ubuntu Precise)
Importance: High
Status: New
** Affects: linux-armadaxp (Ubuntu Precise)
Importance: High
Status: New
** Affects: linux-ec2 (Ubuntu Precise)
Importance: High
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu Precise)
Importance: High
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Precise)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Precise)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Precise)
Importance: High
Status: New
** Affects: linux-lts-raring (Ubuntu Precise)
Importance: High
Status: New
** Affects: linux-lts-saucy (Ubuntu Precise)
Importance: High
Status: New
** Affects: linux-mvl-dove (Ubuntu Precise)
Importance: High
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Precise)
Importance: High
Status: New
** Affects: linux (Ubuntu Trusty)
Importance: High
Status: New
** Affects: linux-armadaxp (Ubuntu Trusty)
Importance: High
Status: Invalid
** Affects: linux-ec2 (Ubuntu Trusty)
Importance: High
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu Trusty)
Importance: High
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Trusty)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Trusty)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Trusty)
Importance: High
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Trusty)
Importance: High
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Trusty)
Importance: High
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu Trusty)
Importance: High
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Trusty)
Importance: High
Status: Invalid
** Affects: linux (Ubuntu Utopic)
Importance: High
Status: New
** Affects: linux-armadaxp (Ubuntu Utopic)
Importance: High
Status: Invalid
** Affects: linux-ec2 (Ubuntu Utopic)
Importance: High
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu Utopic)
Importance: High
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Utopic)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Utopic)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Utopic)
Importance: High
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Utopic)
Importance: High
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Utopic)
Importance: High
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu Utopic)
Importance: High
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Utopic)
Importance: High
Status: Invalid
** Tags: kernel-cve-tracking-bug
** Tags added: kernel-cve-tracking-bug
** Information type changed from Public to Public Security
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0972
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1354019
Title:
CVE-2014-0972
Status in “linux” package in Ubuntu:
New
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
New
Status in “linux-lts-backport-natty” package in Ubuntu:
New
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
New
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
New
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
New
Status in “linux-lts-backport-natty” source package in Lucid:
New
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
New
Status in “linux-armadaxp” source package in Precise:
New
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
New
Status in “linux-lts-backport-natty” source package in Precise:
New
Status in “linux-lts-quantal” source package in Precise:
New
Status in “linux-lts-raring” source package in Precise:
New
Status in “linux-lts-saucy” source package in Precise:
New
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
New
Status in “linux” source package in Trusty:
New
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
New
Status in “linux-lts-backport-natty” source package in Trusty:
New
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Status in “linux” source package in Utopic:
New
Status in “linux-armadaxp” source package in Utopic:
Invalid
Status in “linux-ec2” source package in Utopic:
Invalid
Status in “linux-fsl-imx51” source package in Utopic:
Invalid
Status in “linux-lts-backport-maverick” source package in Utopic:
New
Status in “linux-lts-backport-natty” source package in Utopic:
New
Status in “linux-lts-quantal” source package in Utopic:
Invalid
Status in “linux-lts-raring” source package in Utopic:
Invalid
Status in “linux-lts-saucy” source package in Utopic:
Invalid
Status in “linux-mvl-dove” source package in Utopic:
Invalid
Status in “linux-ti-omap4” source package in Utopic:
Invalid
Bug description:
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm
Innovation Center (QuIC) Android contributions for MSM devices and
other products, does not properly prevent write access to IOMMU
context registers, which allows local users to select a custom page
table, and consequently write to arbitrary memory locations, by using
a crafted GPU command stream to modify the contents of a certain
register.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1354019/+subscriptions
Follow ups
-
[Bug 1354019] Re: CVE-2014-0972
From: Steve Beattie, 2016-05-05
-
[Bug 1354019] Re: CVE-2014-0972
From: Steve Beattie, 2016-04-26
-
[Bug 1354019] Re: CVE-2014-0972
From: Rolf Leggewie, 2016-04-24
-
[Bug 1354019] Re: CVE-2014-0972
From: Rolf Leggewie, 2016-04-24
-
[Bug 1354019] Re: CVE-2014-0972
From: Steve Beattie, 2016-02-10
-
[Bug 1354019] Re: CVE-2014-0972
From: Steve Beattie, 2015-11-16
-
[Bug 1354019] Re: CVE-2014-0972
From: Steve Beattie, 2015-11-10
-
[Bug 1354019] Re: CVE-2014-0972
From: Steve Beattie, 2015-10-28
-
[Bug 1354019] Re: CVE-2014-0972
From: John Johansen, 2015-07-28
-
[Bug 1354019] Re: CVE-2014-0972
From: Rolf Leggewie, 2015-06-17
-
[Bug 1354019] Re: CVE-2014-0972
From: Rolf Leggewie, 2015-06-17
-
[Bug 1354019] Re: CVE-2014-0972
From: John Johansen, 2015-05-08
-
[Bug 1354019] Re: CVE-2014-0972
From: John Johansen, 2015-05-04
-
[Bug 1354019] Re: CVE-2014-0972
From: John Johansen, 2015-01-28
-
[Bug 1354019] Re: CVE-2014-0972
From: John Johansen, 2014-08-12
-
[Bug 1354019] Re: CVE-2014-0972
From: John Johansen, 2014-08-07
-
[Bug 1354019] [NEW] CVE-2014-0972
From: John Johansen, 2014-08-07
References
