** Changed in: linux-ec2 (Ubuntu Lucid)
Status: New => Fix Committed
** Changed in: linux-ec2 (Ubuntu Oneiric)
Status: New => Invalid
** Changed in: linux-ec2 (Ubuntu Hardy)
Status: New => Invalid
** Changed in: linux-ec2 (Ubuntu Maverick)
Status: New => Invalid
** Changed in: linux-ec2 (Ubuntu Natty)
Status: New => Invalid
** Description changed:
The proc filesystem implementation in the Linux kernel 2.6.37 and
earlier does not restrict access to the /proc directory tree of a
process after this process performs an exec of a setuid program, which
allows local users to obtain sensitive information or cause a denial of
service via open, lseek, read, and write system calls.
- Introduced-by: 85863e475e59afb027b0113290e3796ee6020b7d
- Fixed-by: ca6b0bf0e086513b9ee5efc0aa5770ecb57778af
- Fixed-by: ec6fd8a4355cda81cd9f06bebc048e83eb514ac7
- Fixed-by: d6f64b89d7ff22ce05896ab4a93a653e8d0b123d
- Fixed-by: 2fadaef41283aad7100fa73f01998cddaca25833
- Introduced-by: ebcb67341fee34061430f3367f2e507e52ee051b
- Fixed-by: a9712bc12c40c172e393f85a9b2ba8db4bf59509
+ Break-Fix: 85863e475e59afb027b0113290e3796ee6020b7d
ca6b0bf0e086513b9ee5efc0aa5770ecb57778af
+ Break-Fix: - ec6fd8a4355cda81cd9f06bebc048e83eb514ac7
+ Break-Fix: - d6f64b89d7ff22ce05896ab4a93a653e8d0b123d
+ Break-Fix: - 2fadaef41283aad7100fa73f01998cddaca25833
+ Break-Fix: ebcb67341fee34061430f3367f2e507e52ee051b
a9712bc12c40c172e393f85a9b2ba8db4bf59509
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/813026
Title:
CVE-2011-1020
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/813026/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
