1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
PublicDateAtUSN: 2010-11-29
Candidate: CVE-2010-4074
PublicDate: 2010-11-29
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4074
http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc5
http://lkml.org/lkml/2010/9/15/392
http://www.ubuntu.com/usn/usn-1072-1
http://www.ubuntu.com/usn/usn-1073-1
http://www.ubuntu.com/usn/usn-1074-1
http://www.ubuntu.com/usn/usn-1074-2
Description:
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly
initialize certain structure members, which allows local users to obtain
potentially sensitive information from kernel stack memory via vectors
related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in
drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in
drivers/usb/serial/mos7840.c.
Ubuntu-Description:
Dan Rosenberg discovered that the USB subsystem did not correctly
initialize certian structures. A local attacker could exploit this to read
kernel stack memory, leading to a loss of privacy.
Notes:
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=648659
Priority: low
Discovered-by:
Assigned-to:
Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: released (2.6.36~rc5)
dapper_linux-source-2.6.15: not-affected
hardy_linux-source-2.6.15: DNE
karmic_linux-source-2.6.15: DNE
lucid_linux-source-2.6.15: DNE
maverick_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE
Patches_linux:
upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a0846f1868b11cd827bdfeaf4527d8b1b1c0b098
upstream_linux: released (2.6.36~rc5)
dapper_linux: DNE
hardy_linux: released (2.6.24-28.86)
karmic_linux: released (2.6.31-22.73)
lucid_linux: not-affected
maverick_linux: not-affected
devel_linux: not-affected
upstream_linux-ec2: released (2.6.36~rc5)
dapper_linux-ec2: DNE
hardy_linux-ec2: DNE
karmic_linux-ec2: released (2.6.31-307.27)
lucid_linux-ec2: not-affected
maverick_linux-ec2: ignored (binary supplied by "linux" now)
devel_linux-ec2: DNE
Patches_linux-ti-omap4:
upstream_linux-ti-omap4: released (2.6.36~rc5)
dapper_linux-ti-omap4: DNE
hardy_linux-ti-omap4: DNE
karmic_linux-ti-omap4: DNE
lucid_linux-ti-omap4: DNE
maverick_linux-ti-omap4: not-affected
devel_linux-ti-omap4: not-affected
upstream_linux-lts-backport-maverick: released (2.6.36~rc5)
dapper_linux-lts-backport-maverick: DNE
hardy_linux-lts-backport-maverick: DNE
karmic_linux-lts-backport-maverick: DNE
lucid_linux-lts-backport-maverick: not-affected
maverick_linux-lts-backport-maverick: DNE
devel_linux-lts-backport-maverick: DNE
Patches_linux-mvl-dove:
upstream_linux-mvl-dove: released (2.6.36~rc5)
dapper_linux-mvl-dove: DNE
hardy_linux-mvl-dove: DNE
karmic_linux-mvl-dove: ignored (abandonded branch)
lucid_linux-mvl-dove: not-affected
maverick_linux-mvl-dove: not-affected
devel_linux-mvl-dove: DNE
Patches_linux-fsl-imx51:
upstream_linux-fsl-imx51: released (2.6.36~rc5)
dapper_linux-fsl-imx51: DNE
hardy_linux-fsl-imx51: DNE
karmic_linux-fsl-imx51: released (2.6.31-112.30)
lucid_linux-fsl-imx51: released (2.6.31-608.22)
maverick_linux-fsl-imx51: DNE
devel_linux-fsl-imx51: DNE
|