CVE-2011-4131

Bug #893147 reported by John Johansen
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Medium
Unassigned
Lucid
Won't Fix
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Utopic
Fix Released
Medium
Unassigned
linux-armadaxp (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-ec2 (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Won't Fix
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-fsl-imx51 (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-lts-backport-maverick (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
Raring
Invalid
Medium
Unassigned
Saucy
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-lts-backport-natty (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Fix Released
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
Raring
Invalid
Medium
Unassigned
Saucy
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-lts-backport-oneiric (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Fix Released
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Quantal
Invalid
Medium
Unassigned
Raring
Invalid
Medium
Unassigned
Saucy
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-lts-quantal (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-lts-raring (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-lts-saucy (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-mvl-dove (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Invalid
Medium
Unassigned
Lucid
Invalid
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Utopic
Invalid
Medium
Unassigned

Bug Description

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.

Break-Fix: - bf118a342f10dafe44b14451a1392c3254629a1f

Revision history for this message
John Johansen (jjohansen) wrote :

CVE-2011-4131

tags: added: kernel-cve-tracking-bug
security vulnerability: no → yes
security vulnerability: no → yes
Changed in linux-ec2 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Natty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Maverick):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Natty):
status: New → Invalid
description: updated
Changed in linux-ec2 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Maverick):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-lts-backport-natty (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-lts-backport-maverick (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Natty):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Lucid):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Maverick):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Natty):
importance: Undecided → Medium
description: updated
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Invalid
description: updated
Changed in linux-mvl-dove (Ubuntu Maverick):
status: New → Invalid
Changed in linux (Ubuntu Maverick):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Maverick):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Invalid
Brad Figg (brad-figg)
Changed in linux (Ubuntu Oneiric):
assignee: nobody → Brad Figg (brad-figg)
Brad Figg (brad-figg)
Changed in linux (Ubuntu Natty):
assignee: nobody → Brad Figg (brad-figg)
Brad Figg (brad-figg)
Changed in linux (Ubuntu Lucid):
assignee: nobody → Brad Figg (brad-figg)
Changed in linux-armadaxp (Ubuntu Maverick):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Oneiric):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Hardy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Natty):
status: New → Invalid
importance: Undecided → Medium
Brad Figg (brad-figg)
Changed in linux (Ubuntu Oneiric):
status: New → Fix Committed
Changed in linux (Ubuntu Natty):
status: New → Fix Committed
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: New → Fix Committed
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Fix Committed
importance: Undecided → Medium
description: updated
description: updated
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.38-15.60

---------------
linux (2.6.38-15.60) natty-proposed; urgency=low

  [Luis Henriques]

  * Release Tracking Bug
    - LP: #1002384

  [ Andy Whitcroft ]

  * [Config] control.stub is an intermediate product not a dependancy
    - LP: #992414

  [ Herton Ronaldo Krzesinski ]

  * linux: add Build-Depends for libnewt-dev, to enable perf TUI support
    - LP: #981717

  [ Tim Gardner ]

  * [Config] perarch and indep tools builds need separate build directories

  [ Upstream Kernel Changes ]

  * fcaps: clear the same personality flags as suid when fcaps are used
    - LP: #987571
    - CVE-2012-2123
  * natty security: fix compile error in commoncap.c
    - LP: #987571
    - CVE-2012-2123
  * KVM: Clean up error handling during VCPU creation
    - LP: #971685
    - CVE-2012-1601
  * KVM: Ensure all vcpus are consistent with in-kernel irqchip settings
    - LP: #971685
    - CVE-2012-1601
  * KVM: unmap pages from the iommu when slots are removed
    - LP: #987569
    - CVE-2012-2121
  * NFSv4: include bitmap in nfsv4 get acl data
    - LP: #893147
    - CVE-2011-4131
  * hugepages: fix use after free bug in "quota" handling
    - LP: #990368
    - CVE-2012-2133
 -- Luis Henriques <email address hidden> Mon, 21 May 2012 17:56:07 +0100

Changed in linux (Ubuntu Natty):
status: Fix Committed → Fix Released
Brad Figg (brad-figg)
Changed in linux (Ubuntu Lucid):
assignee: Brad Figg (brad-figg) → nobody
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (8.7 KiB)

This bug was fixed in the package linux - 3.0.0-21.35

---------------
linux (3.0.0-21.35) oneiric-proposed; urgency=low

  [Luis Henriques]

  * Release Tracking Bug
    - LP: #1004571

  [ Andy Whitcroft ]

  * [Config] control.stub is an intermediate product not a dependancy
    - LP: #992414

  [ Herton Ronaldo Krzesinski ]

  * SAUCE: async_populate_rootfs: fix build warnings
    - LP: #1003417

  [ Tim Gardner ]

  * Revert "SAUCE: ite-cir: postpone ISR registration"
    - LP: #1002880
  * [Config] perarch and indep tools builds need separate build directories

  [ Upstream Kernel Changes ]

  * Revert "autofs: work around unhappy compat problem on x86-64"
    - LP: #996109
  * Revert "usb: Fix build error due to dma_mask is not at pdev_archdata at
    ARM"
    - LP: #996109
  * KVM: unmap pages from the iommu when slots are removed
    - LP: #987569
    - CVE-2012-2121
  * NFSv4: include bitmap in nfsv4 get acl data
    - LP: #893147
    - CVE-2011-4131
  * hugepages: fix use after free bug in "quota" handling
    - LP: #990368
    - CVE-2012-2133
  * nfs: Enclose hostname in brackets when needed in nfs_do_root_mount
    - LP: #996109
  * NFSv4: Ensure that the LOCK code sets exception->inode
    - LP: #996109
  * NFSv4: Ensure that we check lock exclusive/shared type against open
    modes
    - LP: #996109
  * x86, apic: APIC code touches invalid MSR on P5 class machines
    - LP: #996109
  * xen: correctly check for pending events when restoring irq flags
    - LP: #996109
  * xen/smp: Fix crash when booting with ACPI hotplug CPUs.
    - LP: #996109
  * ASoC: dapm: Ensure power gets managed for line widgets
    - LP: #996109
  * dmaengine: at_hdmac: remove clear-on-read in atc_dostart()
    - LP: #996109
  * hwmon: fam15h_power: fix bogus values with current BIOSes
    - LP: #996109
  * hwmon: (fam15h_power) Fix pci_device_id array
    - LP: #996109
  * drm/i915: handle input/output sdvo timings separately in mode_set
    - LP: #996109
  * drm/i915: fix integer overflow in i915_gem_execbuffer2()
    - LP: #996109
  * drm/i915: fix integer overflow in i915_gem_do_execbuffer()
    - LP: #996109
  * nl80211: ensure interface is up in various APIs
    - LP: #996109
  * EHCI: fix criterion for resuming the root hub
    - LP: #996109
  * brcm80211: smac: resume transmit fifo upon receiving frames
    - LP: #996109
  * Fix modpost failures in fedora 17
    - LP: #996109
  * mmc: unbreak sdhci-esdhc-imx on i.MX25
    - LP: #996109
  * nfsd: fix b0rken error value for setattr on read-only mount
    - LP: #996109
  * nfsd: fix error values returned by nfsd4_lockt() when nfsd_open() fails
    - LP: #996109
  * USB: cdc-wdm: fix race leading leading to memory corruption
    - LP: #996109
  * USB: EHCI: fix crash during suspend on ASUS computers
    - LP: #996109
  * USB: gadget: storage gadgets send wrong error code for unknown commands
    - LP: #996109
  * usb gadget: uvc: uvc_request_data::length field must be signed
    - LP: #996109
  * pipes: add a "packetized pipe" mode for writing
    - LP: #996109
  * autofs: make the autofsv5 packet file descriptor use a packetized pipe
    - LP: #996109
  * ARM: 7403/1: tls: remove covert channel via...

Read more...

Changed in linux (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (8.8 KiB)

This bug was fixed in the package linux-lts-backport-oneiric - 3.0.0-21.35~lucid1

---------------
linux-lts-backport-oneiric (3.0.0-21.35~lucid1) lucid-proposed; urgency=low

  [Luis Henriques]

  * Release Tracking Bug
    - LP: #1005456

  [ Andy Whitcroft ]

  * [Config] control.stub is an intermediate product not a dependancy
    - LP: #992414

  [ Herton Ronaldo Krzesinski ]

  * SAUCE: async_populate_rootfs: fix build warnings
    - LP: #1003417

  [ Tim Gardner ]

  * Revert "SAUCE: ite-cir: postpone ISR registration"
    - LP: #1002880
  * [Config] perarch and indep tools builds need separate build directories

  [ Upstream Kernel Changes ]

  * Revert "autofs: work around unhappy compat problem on x86-64"
    - LP: #996109
  * Revert "usb: Fix build error due to dma_mask is not at pdev_archdata at
    ARM"
    - LP: #996109
  * KVM: unmap pages from the iommu when slots are removed
    - LP: #987569
    - CVE-2012-2121
  * NFSv4: include bitmap in nfsv4 get acl data
    - LP: #893147
    - CVE-2011-4131
  * hugepages: fix use after free bug in "quota" handling
    - LP: #990368
    - CVE-2012-2133
  * nfs: Enclose hostname in brackets when needed in nfs_do_root_mount
    - LP: #996109
  * NFSv4: Ensure that the LOCK code sets exception->inode
    - LP: #996109
  * NFSv4: Ensure that we check lock exclusive/shared type against open
    modes
    - LP: #996109
  * x86, apic: APIC code touches invalid MSR on P5 class machines
    - LP: #996109
  * xen: correctly check for pending events when restoring irq flags
    - LP: #996109
  * xen/smp: Fix crash when booting with ACPI hotplug CPUs.
    - LP: #996109
  * ASoC: dapm: Ensure power gets managed for line widgets
    - LP: #996109
  * dmaengine: at_hdmac: remove clear-on-read in atc_dostart()
    - LP: #996109
  * hwmon: fam15h_power: fix bogus values with current BIOSes
    - LP: #996109
  * hwmon: (fam15h_power) Fix pci_device_id array
    - LP: #996109
  * drm/i915: handle input/output sdvo timings separately in mode_set
    - LP: #996109
  * drm/i915: fix integer overflow in i915_gem_execbuffer2()
    - LP: #996109
  * drm/i915: fix integer overflow in i915_gem_do_execbuffer()
    - LP: #996109
  * nl80211: ensure interface is up in various APIs
    - LP: #996109
  * EHCI: fix criterion for resuming the root hub
    - LP: #996109
  * brcm80211: smac: resume transmit fifo upon receiving frames
    - LP: #996109
  * Fix modpost failures in fedora 17
    - LP: #996109
  * mmc: unbreak sdhci-esdhc-imx on i.MX25
    - LP: #996109
  * nfsd: fix b0rken error value for setattr on read-only mount
    - LP: #996109
  * nfsd: fix error values returned by nfsd4_lockt() when nfsd_open() fails
    - LP: #996109
  * USB: cdc-wdm: fix race leading leading to memory corruption
    - LP: #996109
  * USB: EHCI: fix crash during suspend on ASUS computers
    - LP: #996109
  * USB: gadget: storage gadgets send wrong error code for unknown commands
    - LP: #996109
  * usb gadget: uvc: uvc_request_data::length field must be signed
    - LP: #996109
  * pipes: add a "packetized pipe" mode for writing
    - LP: #996109
  * autofs: make the autofsv5 packet file descriptor use a packetized pipe
    - LP: #...

Read more...

Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-backport-natty - 2.6.38-15.60~lucid1

---------------
linux-lts-backport-natty (2.6.38-15.60~lucid1) lucid-proposed; urgency=low

  [Luis Henriques]

  * Release Tracking Bug
    - LP: #1003079

  [ Andy Whitcroft ]

  * [Config] control.stub is an intermediate product not a dependancy
    - LP: #992414

  [ Herton Ronaldo Krzesinski ]

  * linux: add Build-Depends for libnewt-dev, to enable perf TUI support
    - LP: #981717

  [ Tim Gardner ]

  * [Config] perarch and indep tools builds need separate build directories

  [ Upstream Kernel Changes ]

  * fcaps: clear the same personality flags as suid when fcaps are used
    - LP: #987571
    - CVE-2012-2123
  * natty security: fix compile error in commoncap.c
    - LP: #987571
    - CVE-2012-2123
  * KVM: Clean up error handling during VCPU creation
    - LP: #971685
    - CVE-2012-1601
  * KVM: Ensure all vcpus are consistent with in-kernel irqchip settings
    - LP: #971685
    - CVE-2012-1601
  * KVM: unmap pages from the iommu when slots are removed
    - LP: #987569
    - CVE-2012-2121
  * NFSv4: include bitmap in nfsv4 get acl data
    - LP: #893147
    - CVE-2011-4131
  * hugepages: fix use after free bug in "quota" handling
    - LP: #990368
    - CVE-2012-2133
 -- Luis Henriques <email address hidden> Wed, 23 May 2012 09:43:28 +0100

Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (8.7 KiB)

This bug was fixed in the package linux-ti-omap4 - 3.0.0-1211.23

---------------
linux-ti-omap4 (3.0.0-1211.23) oneiric-proposed; urgency=low

  * Release Tracking Bug
    - LP: #1005455

  [ Paolo Pisati ]

  * rebased on Ubuntu-3.0.0-21.35

  [ Ubuntu: 3.0.0-21.35 ]

  * Release Tracking Bug
    - LP: #1004571
  * [Config] control.stub is an intermediate product not a dependancy
    - LP: #992414
  * SAUCE: async_populate_rootfs: fix build warnings
    - LP: #1003417
  * Revert "SAUCE: ite-cir: postpone ISR registration"
    - LP: #1002880
  * [Config] perarch and indep tools builds need separate build directories
  * Revert "autofs: work around unhappy compat problem on x86-64"
    - LP: #996109
  * Revert "usb: Fix build error due to dma_mask is not at pdev_archdata at
    ARM"
    - LP: #996109
  * KVM: unmap pages from the iommu when slots are removed
    - LP: #987569
    - CVE-2012-2121
  * NFSv4: include bitmap in nfsv4 get acl data
    - LP: #893147
    - CVE-2011-4131
  * hugepages: fix use after free bug in "quota" handling
    - LP: #990368
    - CVE-2012-2133
  * nfs: Enclose hostname in brackets when needed in nfs_do_root_mount
    - LP: #996109
  * NFSv4: Ensure that the LOCK code sets exception->inode
    - LP: #996109
  * NFSv4: Ensure that we check lock exclusive/shared type against open
    modes
    - LP: #996109
  * x86, apic: APIC code touches invalid MSR on P5 class machines
    - LP: #996109
  * xen: correctly check for pending events when restoring irq flags
    - LP: #996109
  * xen/smp: Fix crash when booting with ACPI hotplug CPUs.
    - LP: #996109
  * ASoC: dapm: Ensure power gets managed for line widgets
    - LP: #996109
  * dmaengine: at_hdmac: remove clear-on-read in atc_dostart()
    - LP: #996109
  * hwmon: fam15h_power: fix bogus values with current BIOSes
    - LP: #996109
  * hwmon: (fam15h_power) Fix pci_device_id array
    - LP: #996109
  * drm/i915: handle input/output sdvo timings separately in mode_set
    - LP: #996109
  * drm/i915: fix integer overflow in i915_gem_execbuffer2()
    - LP: #996109
  * drm/i915: fix integer overflow in i915_gem_do_execbuffer()
    - LP: #996109
  * nl80211: ensure interface is up in various APIs
    - LP: #996109
  * EHCI: fix criterion for resuming the root hub
    - LP: #996109
  * brcm80211: smac: resume transmit fifo upon receiving frames
    - LP: #996109
  * Fix modpost failures in fedora 17
    - LP: #996109
  * mmc: unbreak sdhci-esdhc-imx on i.MX25
    - LP: #996109
  * nfsd: fix b0rken error value for setattr on read-only mount
    - LP: #996109
  * nfsd: fix error values returned by nfsd4_lockt() when nfsd_open() fails
    - LP: #996109
  * USB: cdc-wdm: fix race leading leading to memory corruption
    - LP: #996109
  * USB: EHCI: fix crash during suspend on ASUS computers
    - LP: #996109
  * USB: gadget: storage gadgets send wrong error code for unknown commands
    - LP: #996109
  * usb gadget: uvc: uvc_request_data::length field must be signed
    - LP: #996109
  * pipes: add a "packetized pipe" mode for writing
    - LP: #996109
  * autofs: make the autofsv5 packet file descriptor use a packetized pipe
    - LP: #996109
  * ARM: 7403/1: tls: remov...

Read more...

Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Natty):
status: New → Fix Committed
Revision history for this message
Adam Conrad (adconrad) wrote : Update Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ti-omap4 - 2.6.38-1209.25

---------------
linux-ti-omap4 (2.6.38-1209.25) natty-proposed; urgency=low

  * Release Tracking Bug
    - LP: #1029784

  [ Andy Whitcroft ]

  * SAUCE: rds_ib_send() -- prevent local pings triggering BUG_ON()
    - LP: #1016299
    - CVE-2012-2372

  [ Upstream Kernel Changes ]

  * fcaps: clear the same personality flags as suid when fcaps are used
    - LP: #987571
    - CVE-2012-2123
  * security: fix compile error in commoncap.c
    - LP: #987571
    - CVE-2012-2123
  * net: sock: validate data_len before allocating skb in
    sock_alloc_send_pskb()
    - LP: #1006622
    - CVE-2012-2136
  * dl2k: Clean up rio_ioctl
    - CVE-2012-2313
  * hfsplus: Fix potential buffer overflows
    - CVE-2012-2319
  * nfs: don't lose MS_SYNCHRONOUS on remount of noac mount
    - LP: #775809
  * NFSv4.1: Ensure state manager thread dies on last umount
    - LP: #775809
  * NFSv4: Handle expired stateids when the lease is still valid
    - LP: #793702
  * NFSv4.1: Fix the handling of NFS4ERR_SEQ_MISORDERED errors
    - LP: #793702
  * NFSv4: include bitmap in nfsv4 get acl data
    - LP: #893147
    - CVE-2011-4131
  * Avoid reading past buffer when calling GETACL
    - LP: #1002505
    - CVE-2012-2375
  * Avoid beyond bounds copy while caching ACL
    - LP: #1002505
    - CVE-2012-2375
  * Fix length of buffer copied in __nfs4_get_acl_uncached
    - LP: #1002505
    - CVE-2012-2375
 -- Paolo Pisati <email address hidden> Fri, 27 Jul 2012 15:54:18 +0200

Changed in linux-ti-omap4 (Ubuntu Natty):
status: Fix Committed → Fix Released
Revision history for this message
Tim Gardner (timg-tpi) wrote :

The NFS code for 2.6.32 is substantially different then the code fixed by bf118a342f10dafe44b14451a1392c3254629a1f

Changed in linux (Ubuntu Lucid):
status: New → Won't Fix
Changed in linux (Ubuntu Hardy):
status: New → Won't Fix
Changed in linux (Ubuntu Quantal):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Ike Panhc (ikepanhc) wrote :

Can not find bf118a342f10dafe44b14451a1392c3254629a1f in linux-armadaxp

Changed in linux-armadaxp (Ubuntu Precise):
status: Fix Committed → Fix Released
status: Fix Released → Fix Committed
status: Fix Committed → Confirmed
Changed in linux-armadaxp (Ubuntu Quantal):
status: Fix Committed → Confirmed
Paolo Pisati (p-pisati)
Changed in linux-ti-omap4 (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: Fix Committed → Fix Released
Changed in linux-armadaxp (Ubuntu Precise):
status: Confirmed → Fix Committed
Revision history for this message
Ike Panhc (ikepanhc) wrote :

Patch bf118a342f10dafe44b14451a1392c3254629a1f already in upstream 3.5

Changed in linux-armadaxp (Ubuntu Quantal):
status: Confirmed → Fix Released
Revision history for this message
Ike Panhc (ikepanhc) wrote :

Patch bf118a342f10dafe44b14451a1392c3254629a1f in linux-armadaxp through 3.2.2 and Ubuntu-3.2.0-12.20

Changed in linux-armadaxp (Ubuntu Precise):
status: Fix Committed → Fix Released
no longer affects: linux-armadaxp (Ubuntu Maverick)
no longer affects: linux-armadaxp (Ubuntu Natty)
no longer affects: linux-ec2 (Ubuntu Maverick)
no longer affects: linux-ec2 (Ubuntu Natty)
no longer affects: linux-lts-backport-oneiric (Ubuntu Maverick)
no longer affects: linux-lts-backport-oneiric (Ubuntu Natty)
no longer affects: linux-lts-backport-natty (Ubuntu Maverick)
no longer affects: linux-lts-backport-natty (Ubuntu Natty)
no longer affects: linux-lts-quantal (Ubuntu Maverick)
no longer affects: linux-lts-quantal (Ubuntu Natty)
no longer affects: linux-mvl-dove (Ubuntu Maverick)
no longer affects: linux-mvl-dove (Ubuntu Natty)
no longer affects: linux-lts-backport-maverick (Ubuntu Maverick)
no longer affects: linux-lts-backport-maverick (Ubuntu Natty)
no longer affects: linux (Ubuntu Maverick)
no longer affects: linux (Ubuntu Natty)
no longer affects: linux-fsl-imx51 (Ubuntu Maverick)
no longer affects: linux-fsl-imx51 (Ubuntu Natty)
no longer affects: linux-ti-omap4 (Ubuntu Maverick)
no longer affects: linux-ti-omap4 (Ubuntu Natty)
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Oneiric):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Raring):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Hardy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Raring):
status: Fix Released → Invalid
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Oneiric):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Hardy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Raring):
status: New → Invalid
importance: Undecided → Medium
no longer affects: linux-armadaxp (Ubuntu Hardy)
no longer affects: linux-armadaxp (Ubuntu Oneiric)
no longer affects: linux-ec2 (Ubuntu Hardy)
no longer affects: linux-ec2 (Ubuntu Oneiric)
no longer affects: linux-lts-backport-oneiric (Ubuntu Hardy)
no longer affects: linux-lts-backport-oneiric (Ubuntu Oneiric)
no longer affects: linux-lts-backport-natty (Ubuntu Hardy)
no longer affects: linux-lts-backport-natty (Ubuntu Oneiric)
no longer affects: linux-lts-quantal (Ubuntu Hardy)
no longer affects: linux-lts-quantal (Ubuntu Oneiric)
no longer affects: linux-mvl-dove (Ubuntu Hardy)
no longer affects: linux-mvl-dove (Ubuntu Oneiric)
no longer affects: linux-lts-backport-maverick (Ubuntu Hardy)
no longer affects: linux-lts-backport-maverick (Ubuntu Oneiric)
no longer affects: linux (Ubuntu Hardy)
no longer affects: linux (Ubuntu Oneiric)
no longer affects: linux-fsl-imx51 (Ubuntu Hardy)
no longer affects: linux-fsl-imx51 (Ubuntu Oneiric)
no longer affects: linux-ti-omap4 (Ubuntu Hardy)
no longer affects: linux-ti-omap4 (Ubuntu Oneiric)
no longer affects: linux-lts-raring (Ubuntu Hardy)
no longer affects: linux-lts-raring (Ubuntu Oneiric)
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Raring):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: Fix Released → Invalid
no longer affects: linux-armadaxp (Ubuntu Raring)
no longer affects: linux-ec2 (Ubuntu Raring)
no longer affects: linux-lts-saucy (Ubuntu Raring)
no longer affects: linux-lts-quantal (Ubuntu Raring)
no longer affects: linux-mvl-dove (Ubuntu Raring)
no longer affects: linux (Ubuntu Raring)
no longer affects: linux-fsl-imx51 (Ubuntu Raring)
no longer affects: linux-ti-omap4 (Ubuntu Raring)
no longer affects: linux-lts-raring (Ubuntu Raring)
no longer affects: linux-armadaxp (Ubuntu Quantal)
no longer affects: linux-ec2 (Ubuntu Quantal)
no longer affects: linux-lts-saucy (Ubuntu Quantal)
no longer affects: linux-lts-quantal (Ubuntu Quantal)
no longer affects: linux-mvl-dove (Ubuntu Quantal)
no longer affects: linux (Ubuntu Quantal)
no longer affects: linux-fsl-imx51 (Ubuntu Quantal)
no longer affects: linux-ti-omap4 (Ubuntu Quantal)
no longer affects: linux-lts-raring (Ubuntu Quantal)
no longer affects: linux-armadaxp (Ubuntu Saucy)
no longer affects: linux-ec2 (Ubuntu Saucy)
no longer affects: linux-lts-saucy (Ubuntu Saucy)
no longer affects: linux-lts-quantal (Ubuntu Saucy)
no longer affects: linux-mvl-dove (Ubuntu Saucy)
no longer affects: linux (Ubuntu Saucy)
no longer affects: linux-fsl-imx51 (Ubuntu Saucy)
no longer affects: linux-ti-omap4 (Ubuntu Saucy)
no longer affects: linux-lts-raring (Ubuntu Saucy)
Revision history for this message
Rolf Leggewie (r0lf) wrote :

lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".

Changed in linux-ec2 (Ubuntu Lucid):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.