FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 02-02-2012, 11:53 AM
Tim Gardner
 
Default APPLIED: generic MIDI sequencer underflow

On 02/02/2012 03:14 AM, Andy Whitcroft wrote:

CVE-2011-1476
Specially crafted requests may be written to /dev/sequencer
resulting in an underflow when calculating a size for a
copy_from_user() operation in the driver for MIDI interfaces. On
x86, this just returns an error, but it may cause memory corruption
on other architectures. Other malformed requests may result in
the use of uninitialized variables.

The fix for this has hit lucid and later via mainline and stable.
Following this email is a patch for hardy and maverick/ti-omap4, this is
a simple cherry-pick from the mainline fix.

It should be noted that we do not have OSS enabled in later releases but
people do use our source to make their own kernels so I am proposing we
apply it to the one missed release. It is arguable we should not bother
applying this maverick/ti-omap4.

Proposing for hardy and maverick/ti-omap4.

-apw




--
Tim Gardner tim.gardner@canonical.com

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 08:27 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org