~ubuntu-branches/ubuntu/karmic/linux-ec2/karmic-security

Viewing all changes in revision 12.

  • Committer: Bazaar Package Importer
  • Author(s): Stefan Bader, Stefan Bader, Upstream Kernel Changes, Ubuntu: 2.6.31-22.70
  • Date: 2010-12-01 11:17:04 UTC
  • mfrom: (7.2.7 karmic-security)
  • Revision ID: james.westby@ubuntu.com-20101201111704-pt5hbhkjlzpqq66a
Tags: 2.6.31-307.23
[ Stefan Bader ]

* Rebased to 2.6.31-22.70

[ Upstream Kernel Changes ]

* xen, compat: Test %rax for the syscall number, not %eax
  - CVE-2010-3301
* xen, compat: Retruncate rax after ia32 syscall entry tracing
  - CVE-2010-3301

[ Ubuntu: 2.6.31-22.70 ]

* Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
  dereference"
* Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
* Revert "SAUCE: AF_ECONET prevent kernel stack overflow"
* Btrfs: fix checks in BTRFS_IOC_CLONE_RANGE
  - CVE-2010-2538
* xfs: validate untrusted inode numbers during lookup
  - CVE-2010-2943
* xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
  - CVE-2010-2943
* xfs: remove block number from inode lookup code
  - CVE-2010-2943
* xfs: fix untrusted inode number lookup
  - CVE-2010-2943
* drm/i915: Sanity check pread/pwrite
  - CVE-2010-2962
* drm/i915: Rephrase pwrite bounds checking to avoid any potential
  overflow
  - CVE-2010-2962
* tracing: Do not allow llseek to set_ftrace_filter
  - CVE-2010-3079
* drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack
  memory
  - CVE-2010-3296
* drivers/net/eql.c: prevent reading uninitialized stack memory
  - CVE-2010-3297
* drivers/net/usb/hso.c: prevent reading uninitialized memory
  - CVE-2010-3298
* setup_arg_pages: diagnose excessive argument size
  - CVE-2010-3858
* net: clear heap allocation for ETHTOOL_GRXCLSRLALL
  - CVE-2010-3861
* ipc: shm: fix information leak to userland
  - CVE-2010-4072
* econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
  - CVE-2010-3849
* econet: fix CVE-2010-3850
  - CVE-2010-3850
* econet: fix CVE-2010-3848
  - CVE-2010-3848

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: