This bug was fixed in the package linux - 2.6.32-67.134 --------------- linux (2.6.32-67.134) lucid; urgency=low
[ Kamal Mostafa ] * Release Tracking Bug - re-used previous tracking bug [ Upstream Kernel Changes ] * udf: Avoid infinite loop when processing indirect ICBs - LP: #1370042 - CVE-2014-6410 linux (2.6.32-67.133) lucid; urgency=low [ Joseph Salisbury ] * Release Tracking Bug - LP: #1372657 [ Upstream Kernel Changes ] * Revert "nfsd: correctly handle return value from nfsd_map_name_to_*" - LP: #1365914 * HID: fix a couple of off-by-ones - LP: #1370035 - CVE-2014-3184 * USB: whiteheat: Added bounds checking for bulk command response - LP: #1370036 - CVE-2014-3185 -- Kamal Mostafa <ka...@canonical.com> Wed, 24 Sep 2014 11:04:09 -0700 ** Changed in: linux (Ubuntu Lucid) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-3184 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-3185 ** Changed in: linux-ec2 (Ubuntu Lucid) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1370042 Title: CVE-2014-6410 Status in “linux” package in Ubuntu: Fix Released Status in “linux-armadaxp” package in Ubuntu: Invalid Status in “linux-ec2” package in Ubuntu: Invalid Status in “linux-fsl-imx51” package in Ubuntu: Invalid Status in “linux-lts-backport-maverick” package in Ubuntu: New Status in “linux-lts-backport-natty” package in Ubuntu: New Status in “linux-lts-quantal” package in Ubuntu: Invalid Status in “linux-lts-raring” package in Ubuntu: Invalid Status in “linux-lts-saucy” package in Ubuntu: Invalid Status in “linux-mvl-dove” package in Ubuntu: Invalid Status in “linux-ti-omap4” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Fix Released Status in “linux-armadaxp” source package in Lucid: Invalid Status in “linux-ec2” source package in Lucid: Fix Released Status in “linux-fsl-imx51” source package in Lucid: Invalid Status in “linux-lts-backport-maverick” source package in Lucid: New Status in “linux-lts-backport-natty” source package in Lucid: New Status in “linux-lts-quantal” source package in Lucid: Invalid Status in “linux-lts-raring” source package in Lucid: Invalid Status in “linux-lts-saucy” source package in Lucid: Invalid Status in “linux-mvl-dove” source package in Lucid: Invalid Status in “linux-ti-omap4” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux-armadaxp” source package in Precise: Fix Committed Status in “linux-ec2” source package in Precise: Invalid Status in “linux-fsl-imx51” source package in Precise: Invalid Status in “linux-lts-backport-maverick” source package in Precise: New Status in “linux-lts-backport-natty” source package in Precise: New Status in “linux-lts-quantal” source package in Precise: New Status in “linux-lts-raring” source package in Precise: Invalid Status in “linux-lts-saucy” source package in Precise: New Status in “linux-mvl-dove” source package in Precise: Invalid Status in “linux-ti-omap4” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux-armadaxp” source package in Trusty: Invalid Status in “linux-ec2” source package in Trusty: Invalid Status in “linux-fsl-imx51” source package in Trusty: Invalid Status in “linux-lts-backport-maverick” source package in Trusty: New Status in “linux-lts-backport-natty” source package in Trusty: New Status in “linux-lts-quantal” source package in Trusty: Invalid Status in “linux-lts-raring” source package in Trusty: Invalid Status in “linux-lts-saucy” source package in Trusty: Invalid Status in “linux-mvl-dove” source package in Trusty: Invalid Status in “linux-ti-omap4” source package in Trusty: Invalid Status in “linux” source package in Utopic: Fix Released Status in “linux-armadaxp” source package in Utopic: Invalid Status in “linux-ec2” source package in Utopic: Invalid Status in “linux-fsl-imx51” source package in Utopic: Invalid Status in “linux-lts-backport-maverick” source package in Utopic: New Status in “linux-lts-backport-natty” source package in Utopic: New Status in “linux-lts-quantal” source package in Utopic: Invalid Status in “linux-lts-raring” source package in Utopic: Invalid Status in “linux-lts-saucy” source package in Utopic: Invalid Status in “linux-mvl-dove” source package in Utopic: Invalid Status in “linux-ti-omap4” source package in Utopic: Invalid Bug description: The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode. Break-Fix: - c03aa9f6e1f938618e6db2e23afef0574efeeb65 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1370042/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp