3 patches to resolve CVE-2010-2962 were embargoed until Oct 4. They are meant to prevent a local root escalation hole in the i915 driver. These patches should also be included in this day 0 kernel upload.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2962 drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow CVE-2010-2962 ... and do the same for pread. ===== http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2962 drm/i915: Skip pread/pwrite if size to copy is 0. CVE-2010-2962 ===== http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2962 drm/i915: Sanity check pread/pwrite CVE-2010-2962 Move the access control up from the fast paths which are no longer universally taken first up into the caller. This then duplicates some sanity checking along the slow paths, but is much simpler. ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-2962 -- 0-day Maverick Kernel Upload https://bugs.launchpad.net/bugs/647071 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
