** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New => Fix Committed
** Changed in: linux (Ubuntu Precise)
Status: New => Fix Committed
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New => Fix Committed
** Description changed:
- splice: lack of generic write checks
+ The implementation of certain splice_write file operations in the Linux
+ kernel before 3.16 does not enforce a restriction on the maximum size of
+ a single file, which allows local users to cause a denial of service
+ (system crash) or possibly have unspecified other impact via a crafted
+ splice system call, as demonstrated by use of a file descriptor
+ associated with an ext4 filesystem.
Break-Fix: - 8d0207652cbe27d1f962050737848e5ad4671958
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1416498
Title:
CVE-2014-7822
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1416498/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
