CVE-2014-1738

Priority
High
Description
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel
through 3.14.3 does not properly restrict access to certain pointers during
processing of an FDRAWCMD ioctl call, which allows local users to obtain
sensitive information from kernel heap memory by leveraging write access to
a /dev/fd device.
Ubuntu-Description
Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory.
References
Bugs
Notes
jdstrand> android kernels (goldfish, grouper, maguro, mako and manta) are not
supported on the Ubuntu Touch 13.10 preview kernels
jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.04 preview kernels
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.13.0-27.50~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-1633.47)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-364.77)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 14.10 (Utopic Unicorn):needs-triage
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (abandoned)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.5.0-51.76~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Patches:
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 14.10 (Utopic Unicorn):not-affected (3.4.0-3.12)
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 14.10 (Utopic Unicorn):not-affected (3.4.0-3.17)
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.11.0-22.38~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-60.122)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-63.95)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.13.0-27.50)
Ubuntu 14.10 (Utopic Unicorn):not-affected (3.15.0-1.5)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 2145e15e0557a01b9195d1c7199a1b92cb9be81f
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 14.10 (Utopic Unicorn):not-affected (3.4.0-5.31)
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-1446.65)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life, does not affect buildd)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.8.0-41.60~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (3.15~rc5)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 14.10 (Utopic Unicorn):not-affected (3.4.0-6.27)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-10-23 21:18:24 UTC (commit 8644)