This bug was fixed in the package linux - 2.6.32-25.45
---------------
linux (2.6.32-25.45) lucid-security; urgency=low
[ Upstream Kernel Changes ]
* v4l: disable dangerous buggy compat function
- CVE-2010-2963
* Local privilege escalation vulnerability in RDS sockets
- CVE-2010-3904
* mm: (pre-stable) Move vma_stack_continue into mm.h
- LP: #646114
* net sched: fix some kernel memory leaks
- CVE-2010-2942
* irda: Correctly clean up self->ias_obj on irda_bind() failure.
- CVE-2010-2954
* wireless extensions: fix kernel heap content leak
- CVE-2010-2955
* KEYS: Fix RCU no-lock warning in keyctl_session_to_parent()
- CVE-2010-2960
* KEYS: Fix bug in keyctl_session_to_parent() if parent has no session
keyring
- CVE-2010-2960
* aio: check for multiplication overflow in do_io_submit
- CVE-2010-3067
* xfs: prevent reading uninitialized stack memory
- CVE-2010-3078
* ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open()
- CVE-2010-3080
* niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL
- CVE-2010-3084
* rose: Fix signedness issues wrt. digi count.
- CVE-2010-3310
* sctp: Do not reset the packet during sctp_packet_config().
- CVE-2010-3432
* Fix pktcdvd ioctl dev_minor range check
- CVE-2010-3437
* ALSA: prevent heap corruption in snd_ctl_new()
- CVE-2010-3442
* net sched: fix kernel leak in act_police
- CVE-2010-3477
* Fix out-of-bounds reading in sctp_asoc_get_hmac()
- CVE-2010-3705
* ocfs2: Don't walk off the end of fast symlinks.
- CVE-2010-NNN2
-- Steve Conklin <sconk...@canonical.com> Wed, 06 Oct 2010 16:16:20 +0100
** Changed in: linux (Ubuntu Lucid)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2942
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2954
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2955
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2960
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2963
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3067
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3078
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3080
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3084
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3310
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3432
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3437
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3442
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3477
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3705
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3904
** Changed in: linux (Ubuntu Karmic)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-4895
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2066
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2226
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2248
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2478
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2495
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2521
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2524
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2798
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2946
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3015
--
mlock on stack will create guard page gap
https://bugs.launchpad.net/bugs/646114
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
