compiled without -fno-delete-null-pointer-checks
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| linux (Ubuntu) |
Fix Released
|
Medium
|
Stefan Bader | ||
| Dapper |
Invalid
|
Undecided
|
Unassigned | ||
| Hardy |
Fix Released
|
Medium
|
Stefan Bader | ||
| Intrepid |
Fix Released
|
Medium
|
Stefan Bader | ||
| Jaunty |
Fix Released
|
Medium
|
Stefan Bader | ||
| Karmic |
Fix Released
|
Medium
|
Stefan Bader | ||
| linux-source-2.6.15 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
| Dapper |
Fix Released
|
Medium
|
Stefan Bader | ||
| Hardy |
Invalid
|
Undecided
|
Unassigned | ||
| Intrepid |
Invalid
|
Undecided
|
Unassigned | ||
| Jaunty |
Invalid
|
Undecided
|
Unassigned | ||
| Karmic |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
Please backport the following patch for the released kernels, to avoid potentially hidden NULL deref bugs which might be leveraged into security vulnerabilities:
ProblemType: Bug
Architecture: amd64
Date: Thu Jul 23 10:45:53 2009
DistroRelease: Ubuntu 9.10
HibernationDevice: RESUME=/dev/md1
Package: linux-image-
ProcCmdLine: BOOT_IMAGE=
ProcEnviron:
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcVersionSign
RelatedPackageV
SourcePackage: linux
Uname: Linux 2.6.31-3-generic x86_64
dmi.bios.date: 09/22/2008
dmi.bios.vendor: Intel Corp.
dmi.bios.version: JOQ3510J.
dmi.board.
dmi.board.name: DQ35JO
dmi.board.vendor: Intel Corporation
dmi.board.version: AAD82085-800
dmi.chassis.type: 3
dmi.modalias: dmi:bvnIntelCor
| Kees Cook (kees) wrote | #1 |
| visibility: | private → public |
| Changed in linux (Ubuntu): | |
| assignee: | nobody → Stefan Bader (stefan-bader-canonical) |
| importance: | Undecided → Medium |
| status: | New → Triaged |
| Changed in linux (Ubuntu Karmic): | |
| status: | Triaged → Fix Released |
| Changed in linux (Ubuntu Jaunty): | |
| status: | New → In Progress |
| status: | In Progress → Triaged |
| Changed in linux (Ubuntu Intrepid): | |
| status: | New → Triaged |
| Changed in linux (Ubuntu Dapper): | |
| status: | New → Triaged |
| importance: | Undecided → Medium |
| Changed in linux (Ubuntu Hardy): | |
| importance: | Undecided → Medium |
| status: | New → Triaged |
| Changed in linux (Ubuntu Jaunty): | |
| importance: | Undecided → Medium |
| Changed in linux (Ubuntu Intrepid): | |
| importance: | Undecided → Medium |
| Changed in linux (Ubuntu Jaunty): | |
| assignee: | nobody → Stefan Bader (stefan-bader-canonical) |
| Changed in linux (Ubuntu Intrepid): | |
| assignee: | nobody → Stefan Bader (stefan-bader-canonical) |
| Changed in linux (Ubuntu Hardy): | |
| assignee: | nobody → Stefan Bader (stefan-bader-canonical) |
| Changed in linux (Ubuntu Dapper): | |
| assignee: | nobody → Stefan Bader (stefan-bader-canonical) |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in linux (Ubuntu Hardy): | |
| status: | Triaged → Fix Released |
| Launchpad Janitor (janitor) wrote | #3 |
| Changed in linux (Ubuntu Intrepid): | |
| status: | Triaged → Fix Released |
| Launchpad Janitor (janitor) wrote | #4 |
| Changed in linux (Ubuntu Jaunty): | |
| status: | Triaged → Fix Released |
| Changed in linux (Ubuntu Dapper): | |
| status: | Triaged → Invalid |
| Changed in linux-source-2.6.15 (Ubuntu Hardy): | |
| status: | New → Invalid |
| Changed in linux-source-2.6.15 (Ubuntu Intrepid): | |
| status: | New → Invalid |
| Changed in linux-source-2.6.15 (Ubuntu Jaunty): | |
| status: | New → Invalid |
| Changed in linux-source-2.6.15 (Ubuntu Karmic): | |
| status: | New → Invalid |
| Changed in linux-source-2.6.15 (Ubuntu Dapper): | |
| assignee: | nobody → Stefan Bader (stefan-bader-canonical) |
| importance: | Undecided → Medium |
| status: | New → Fix Released |
| Changed in linux (Ubuntu Dapper): | |
| assignee: | Stefan Bader (stefan-bader-canonical) → nobody |
| importance: | Medium → Undecided |
This bug was fixed in the package linux - 2.6.24-24.57
---------------
linux (2.6.24-24.57) hardy-security; urgency=low
[Upstream Kernel Changes]
* Add '-fno-delete-
- LP: #403647
* personality: fix PER_CLEAR_ON_SETID
- CVE-2009-1895
* KVM: detect if VCPU triple faults
- CVE-2009-2287
* KVM: x86: check for cr3 validity in ioctl_set_sregs
- CVE-2009-2287
* r8169: fix crash when large packets are received
- CVE-2009-1389
* eCryptfs: Check Tag 11 literal data buffer size
- CVE-2009-2406
* eCryptfs: parse_tag_3_packet check tag 3 packet encrypted key size
- CVE-2009-2407
-- Stefan Bader <email address hidden> Thu, 23 Jul 2009 15:37:05 +0200