[Bug 647071] Re: 0-day Maverick Kernel Upload
Leann Ogasawara
leann.ogasawara at canonical.com
Tue Oct 5 16:41:19 UTC 2010
3 patches to resolve CVE-2010-2962 were embargoed until Oct 4. They are
meant to prevent a local root escalation hole in the i915 driver. These
patches should also be included in this day 0 kernel upload.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2962
drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow
CVE-2010-2962
... and do the same for pread.
=====
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2962
drm/i915: Skip pread/pwrite if size to copy is 0.
CVE-2010-2962
=====
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2962
drm/i915: Sanity check pread/pwrite
CVE-2010-2962
Move the access control up from the fast paths which are no longer
universally taken first up into the caller. This then duplicates some
sanity checking along the slow paths, but is much simpler.
** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-2962
--
0-day Maverick Kernel Upload
https://bugs.launchpad.net/bugs/647071
You received this bug notification because you are a member of Kernel
Bugs, which is subscribed to linux in ubuntu.
More information about the kernel-bugs
mailing list