[PATCH 0/3] CVE-2010-4080 CVE-2010-4081
Brad Figg
brad.figg at canonical.com
Fri Feb 4 17:26:18 UTC 2011
Following this email will be 3 patches associated with these two CVEs. The patch
apply Dapper, Hardy and Karmic. Natty, Maverick and Lucid have already received
this patch as part of upstream stable commits (or just regular upstream
commits).
CVE-2010-4080
CVE-2010-4081
BugLink: http://bugs.launchpad.net/bugs/712723
BugLink: http://bugs.launchpad.net/bugs/712737
The SNDRV_HDSP_IOCTL_GET_CONFIG_INFO and
SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctls in hdspm.c and hdsp.c allow
unprivileged users to read uninitialized kernel stack memory, because
several fields of the hdsp{m}_config_info structs declared on the stack
are not altered or zeroed before being copied back to the user. This
patch takes care of it.
Dan Rosenberg (1):
ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory,
CVE-2010-4080, CVE-2010-4081
sound/pci/rme9652/hdsp.c | 1 +
sound/pci/rme9652/hdspm.c | 1 +
2 files changed, 2 insertions(+), 0 deletions(-)
More information about the kernel-team
mailing list