This bug was fixed in the package linux - 2.6.32-53.115
---------------
linux (2.6.32-53.115) lucid; urgency=low
[Steve Conklin]
* Release Tracking Bug
- LP: #1242800
[ Upstream Kernel Changes ]
* HID: provide a helper for validating hid reports
- LP: #1220190
- CVE-2013-2889
* HID: zeroplus: validate output report details
- LP: #1220190
- CVE-2013-2889
* HID: LG: validate HID output report details
- LP: #1220190
- CVE-2013-2893
* cciss: fix info leak in cciss_ioctl32_passthru()
- LP: #1188355
- CVE-2013-2147
* cpqarray: fix info leak in ida_locked_ioctl()
- LP: #1188355
- CVE-2013-2147
* HID: add usage_index in struct hid_usage.
- LP: #1220205
- CVE-CVE-2013-2897
* HID: validate feature and input report details
- LP: #1220205
- CVE-2013-2897
* dm snapshot: fix data corruption
- LP: #1241769
- CVE-2013-4299
-- Steve Conklin <sconk...@canonical.com> Mon, 21 Oct 2013 12:34:57 -0600
** Changed in: linux (Ubuntu Lucid)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2889
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2893
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2897
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4299
** Changed in: linux (Ubuntu Lucid)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1188355
Title:
CVE-2013-2147
Status in “linux” package in Ubuntu:
Fix Released
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
Invalid
Status in “linux-lts-backport-natty” package in Ubuntu:
Invalid
Status in “linux-lts-backport-oneiric” package in Ubuntu:
Invalid
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
New
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Fix Committed
Status in “linux” source package in Lucid:
Fix Released
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
Invalid
Status in “linux-lts-backport-natty” source package in Lucid:
Invalid
Status in “linux-lts-backport-oneiric” source package in Lucid:
Invalid
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
New
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Released
Status in “linux-armadaxp” source package in Precise:
Fix Released
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
Invalid
Status in “linux-lts-backport-natty” source package in Precise:
Invalid
Status in “linux-lts-backport-oneiric” source package in Precise:
Invalid
Status in “linux-lts-quantal” source package in Precise:
Fix Released
Status in “linux-lts-raring” source package in Precise:
Fix Released
Status in “linux-lts-saucy” source package in Precise:
New
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
Fix Released
Status in “linux” source package in Quantal:
Fix Released
Status in “linux-armadaxp” source package in Quantal:
Fix Released
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-fsl-imx51” source package in Quantal:
Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
Invalid
Status in “linux-lts-backport-natty” source package in Quantal:
Invalid
Status in “linux-lts-backport-oneiric” source package in Quantal:
Invalid
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-lts-saucy” source package in Quantal:
New
Status in “linux-mvl-dove” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
Fix Released
Status in “linux” source package in Raring:
Fix Released
Status in “linux-armadaxp” source package in Raring:
Invalid
Status in “linux-ec2” source package in Raring:
Invalid
Status in “linux-fsl-imx51” source package in Raring:
Invalid
Status in “linux-lts-backport-maverick” source package in Raring:
Invalid
Status in “linux-lts-backport-natty” source package in Raring:
Invalid
Status in “linux-lts-backport-oneiric” source package in Raring:
Invalid
Status in “linux-lts-quantal” source package in Raring:
Invalid
Status in “linux-lts-raring” source package in Raring:
Invalid
Status in “linux-lts-saucy” source package in Raring:
New
Status in “linux-mvl-dove” source package in Raring:
Invalid
Status in “linux-ti-omap4” source package in Raring:
Fix Released
Status in “linux” source package in Saucy:
Fix Released
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
Invalid
Status in “linux-lts-backport-natty” source package in Saucy:
Invalid
Status in “linux-lts-backport-oneiric” source package in Saucy:
Invalid
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
New
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
Fix Released
Status in “linux” source package in Trusty:
Fix Released
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
Invalid
Status in “linux-lts-backport-natty” source package in Trusty:
Invalid
Status in “linux-lts-backport-oneiric” source package in Trusty:
Invalid
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
New
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Fix Committed
Bug description:
The HP Smart Array controller disk-array driver and Compaq SMART2
controller disk-array driver in the Linux kernel through 3.9.4 do not
initialize certain data structures, which allows local users to obtain
sensitive information from kernel memory via (1) a crafted
IDAGETPCIINFO command for a /dev/ida device, related to the
ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted
CCISS_PASSTHRU32 command for a /dev/cciss device, related to the
cciss_ioctl32_passthru function in drivers/block/cciss.c.
Break-Fix: - 627aad1c01da6f881e7f98d71fd928ca0c316b1a
Break-Fix: - 58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1188355/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
