1
PublicDateAtUSN: 2010-11-30
2
Candidate: CVE-2010-4080
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4080
6
http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc6
7
https://usn.ubuntu.com/usn/usn-1071-1
8
https://usn.ubuntu.com/usn/usn-1072-1
9
https://usn.ubuntu.com/usn/usn-1073-1
10
https://usn.ubuntu.com/usn/usn-1041-1
11
https://usn.ubuntu.com/usn/usn-1083-1
12
https://usn.ubuntu.com/usn/usn-1093-1
13
https://usn.ubuntu.com/usn/usn-1164-1
14
https://usn.ubuntu.com/usn/usn-1202-1
16
The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux
17
kernel before 2.6.36-rc6 does not initialize a certain structure, which
18
allows local users to obtain potentially sensitive information from kernel
19
stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.
21
Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver
22
did not correctly clear kernel memory. A local attacker could exploit this
23
to read kernel stack memory, leading to a loss of privacy.
26
https://bugzilla.redhat.com/show_bug.cgi?id=648669
28
Discovered-by: Dan Rosenberg
31
Patches_linux-source-2.6.15:
32
upstream_linux-source-2.6.15: released (2.6.36~rc6)
33
dapper_linux-source-2.6.15: released (2.6.15-55.93)
34
hardy_linux-source-2.6.15: DNE
35
karmic_linux-source-2.6.15: DNE
36
lucid_linux-source-2.6.15: DNE
37
maverick_linux-source-2.6.15: DNE
38
natty_linux-source-2.6.15: DNE
39
devel_linux-source-2.6.15: DNE
42
upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e68d3b316ab7b02a074edc4f770e6a746390cb7d
43
upstream_linux: released (2.6.36~rc6)
45
hardy_linux: released (2.6.24-28.86)
46
karmic_linux: released (2.6.31-22.73)
47
lucid_linux: released (2.6.32-27.49)
48
maverick_linux: released (2.6.35-24.42)
49
natty_linux: not-affected (2.6.37-2.9)
50
devel_linux: not-affected (2.6.39-0.0)
52
upstream_linux-ec2: released (2.6.36~rc6)
55
karmic_linux-ec2: released (2.6.31-307.27)
56
lucid_linux-ec2: released (2.6.32-311.22)
57
maverick_linux-ec2: ignored (binary supplied by "linux" now)
61
Patches_linux-ti-omap4:
62
upstream_linux-ti-omap4: released (2.6.36~rc6)
63
dapper_linux-ti-omap4: DNE
64
hardy_linux-ti-omap4: DNE
65
karmic_linux-ti-omap4: DNE
66
lucid_linux-ti-omap4: DNE
67
maverick_linux-ti-omap4: released (2.6.35-903.23)
68
natty_linux-ti-omap4: not-affected (2.6.38-1201.2)
69
devel_linux-ti-omap4: not-affected (2.6.38-1309.13)
71
upstream_linux-lts-backport-maverick: released (2.6.36~rc6)
72
dapper_linux-lts-backport-maverick: DNE
73
hardy_linux-lts-backport-maverick: DNE
74
karmic_linux-lts-backport-maverick: DNE
75
lucid_linux-lts-backport-maverick: released (2.6.35-25.44~lucid1)
76
maverick_linux-lts-backport-maverick: DNE
77
natty_linux-lts-backport-maverick: DNE
78
devel_linux-lts-backport-maverick: DNE
80
Patches_linux-mvl-dove:
81
upstream_linux-mvl-dove: released (2.6.36~rc6)
82
dapper_linux-mvl-dove: DNE
83
hardy_linux-mvl-dove: DNE
84
karmic_linux-mvl-dove: ignored (abandonded branch)
85
lucid_linux-mvl-dove: released (2.6.32-213.29)
86
maverick_linux-mvl-dove: released (2.6.32-414.30)
87
natty_linux-mvl-dove: DNE
88
devel_linux-mvl-dove: DNE
90
Patches_linux-fsl-imx51:
91
upstream_linux-fsl-imx51: released (2.6.36~rc6)
92
dapper_linux-fsl-imx51: DNE
93
hardy_linux-fsl-imx51: DNE
94
karmic_linux-fsl-imx51: released (2.6.31-112.30)
95
lucid_linux-fsl-imx51: released (2.6.31-609.26)
96
maverick_linux-fsl-imx51: DNE
97
natty_linux-fsl-imx51: DNE
98
devel_linux-fsl-imx51: DNE
100
Patches_linux-lts-backport-natty:
101
upstream_linux-lts-backport-natty: released (2.6.36~rc6)
102
hardy_linux-lts-backport-natty: DNE
103
lucid_linux-lts-backport-natty: not-affected (2.6.38-1.27~lucid1)
104
maverick_linux-lts-backport-natty: DNE
105
natty_linux-lts-backport-natty: DNE
106
devel_linux-lts-backport-natty: DNE