APPLIED: [CVE-2011-1476] generic MIDI sequencer underflow
Tim Gardner
rtg.canonical at gmail.com
Thu Feb 2 12:53:58 UTC 2012
On 02/02/2012 03:14 AM, Andy Whitcroft wrote:
> CVE-2011-1476
> Specially crafted requests may be written to /dev/sequencer
> resulting in an underflow when calculating a size for a
> copy_from_user() operation in the driver for MIDI interfaces. On
> x86, this just returns an error, but it may cause memory corruption
> on other architectures. Other malformed requests may result in
> the use of uninitialized variables.
>
> The fix for this has hit lucid and later via mainline and stable.
> Following this email is a patch for hardy and maverick/ti-omap4, this is
> a simple cherry-pick from the mainline fix.
>
> It should be noted that we do not have OSS enabled in later releases but
> people do use our source to make their own kernels so I am proposing we
> apply it to the one missed release. It is arguable we should not bother
> applying this maverick/ti-omap4.
>
> Proposing for hardy and maverick/ti-omap4.
>
> -apw
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list