Launchpad.net

CVE 2009-0065

Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.

Related bugs and status

CVE-2009-0065 (Candidate) is related to these bugs:

Bug #69925: Amilo L1310G laptop fan stops at kernel load

		In	Importance	Status
69925	Amilo L1310G laptop fan stops at kernel load	Ubuntu	Undecided	Invalid
69925	Amilo L1310G laptop fan stops at kernel load	linux-source-2.6.20 (Ubuntu)	Undecided	Won't Fix
69925	Amilo L1310G laptop fan stops at kernel load	linux (Ubuntu)	Undecided	Fix Released
69925	Amilo L1310G laptop fan stops at kernel load	linux (Ubuntu Hardy)	High	Fix Released
69925	Amilo L1310G laptop fan stops at kernel load	Ubuntu Hardy	Undecided	Invalid
69925	Amilo L1310G laptop fan stops at kernel load	linux-source-2.6.20 (Ubuntu Hardy)	Undecided	Invalid
69925	Amilo L1310G laptop fan stops at kernel load	linux (Ubuntu Intrepid)	High	Fix Released
69925	Amilo L1310G laptop fan stops at kernel load	Ubuntu Intrepid	Undecided	Invalid
69925	Amilo L1310G laptop fan stops at kernel load	linux-source-2.6.20 (Ubuntu Intrepid)	Undecided	Invalid

Bug #193970: iwl3945 | iwl4965: Wireless can't be activated after disabling kill switch

		In	Importance	Status
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux-ubuntu-modules-2.6.24 (Ubuntu)	Undecided	Invalid
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux (Ubuntu)	Medium	Fix Released
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	hal (Ubuntu)	Medium	Invalid
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux-backports-modules-2.6.24 (Ubuntu)	Medium	Invalid
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux-ubuntu-modules-2.6.24 (Baltix)	Undecided	New
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	hal (Ubuntu Intrepid)	Medium	Invalid
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux (Ubuntu Intrepid)	Medium	Fix Released
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux-backports-modules-2.6.24 (Ubuntu Intrepid)	Medium	Invalid
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux-ubuntu-modules-2.6.24 (Ubuntu Intrepid)	Undecided	Invalid
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	Release Notes for Ubuntu	Undecided	Fix Released
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	Mandriva	Medium	Unknown
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	hal (Ubuntu Jaunty)	Medium	Invalid
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux (Ubuntu Jaunty)	Medium	Fix Released
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux-backports-modules-2.6.24 (Ubuntu Jaunty)	Medium	Invalid
193970	iwl3945 \| iwl4965: Wireless can't be activated after disabling kill switch	linux-ubuntu-modules-2.6.24 (Ubuntu Jaunty)	Undecided	Invalid

Bug #224138: NFSv4 not enabled in JeOS

		In	Importance	Status
224138	NFSv4 not enabled in JeOS	Linux	Undecided	Invalid
224138	NFSv4 not enabled in JeOS	linux (Ubuntu)	Medium	Fix Released
224138	NFSv4 not enabled in JeOS	linux (Ubuntu Hardy)	Undecided	Fix Released

Bug #231276: ti_usb_3410_5052 driver doesn't load some devices

		In	Importance	Status
231276	ti_usb_3410_5052 driver doesn't load some devices	linux (Ubuntu)	Medium	Fix Released
231276	ti_usb_3410_5052 driver doesn't load some devices	linux (Ubuntu Hardy)	Medium	Fix Released
231276	ti_usb_3410_5052 driver doesn't load some devices	linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #237724: linux-image-2.6.24-18-xen breaks mono

		In	Importance	Status
237724	linux-image-2.6.24-18-xen breaks mono	linux (Ubuntu)	High	Invalid
237724	linux-image-2.6.24-18-xen breaks mono	linux (Ubuntu Hardy)	High	Fix Released
237724	linux-image-2.6.24-18-xen breaks mono	launchpad-buildd	Undecided	Fix Released

Bug #251338: Defective AMI BIOS on multiple Foxconn, MSI, and ASUS Intel LGA 775 motherboards breaks ACPI support

		In	Importance	Status
251338	Defective AMI BIOS on multiple Foxconn, MSI, and ASUS Intel LGA 775 motherboards breaks ACPI support	linux (Ubuntu)	High	Fix Released
251338	Defective AMI BIOS on multiple Foxconn, MSI, and ASUS Intel LGA 775 motherboards breaks ACPI support	linux (Fedora)	High	Fix Released
251338	Defective AMI BIOS on multiple Foxconn, MSI, and ASUS Intel LGA 775 motherboards breaks ACPI support	linux (Ubuntu Hardy)	High	Fix Released

Bug #255651: floppy disk drive not detected (module not loaded) in Intrepid and Jaunty

		In	Importance	Status
255651	floppy disk drive not detected (module not loaded) in Intrepid and Jaunty	linux (Ubuntu)	Medium	Fix Released
255651	floppy disk drive not detected (module not loaded) in Intrepid and Jaunty	linux (Baltix)	Undecided	Invalid
255651	floppy disk drive not detected (module not loaded) in Intrepid and Jaunty	module-init-tools (Ubuntu)	Undecided	Invalid
255651	floppy disk drive not detected (module not loaded) in Intrepid and Jaunty	linux (Ubuntu Intrepid)	Undecided	Fix Released
255651	floppy disk drive not detected (module not loaded) in Intrepid and Jaunty	module-init-tools (Ubuntu Intrepid)	Undecided	Invalid
255651	floppy disk drive not detected (module not loaded) in Intrepid and Jaunty	linux (Ubuntu Jaunty)	Medium	Fix Released
255651	floppy disk drive not detected (module not loaded) in Intrepid and Jaunty	module-init-tools (Ubuntu Jaunty)	Undecided	Invalid

Bug #261721: X never sees brightness key release events on Dell laptops

		In	Importance	Status
261721	X never sees brightness key release events on Dell laptops	linux (Ubuntu)	Medium	Fix Released
261721	X never sees brightness key release events on Dell laptops	xorg-server (Ubuntu)	Undecided	Invalid
261721	X never sees brightness key release events on Dell laptops	acpid (Ubuntu)	Undecided	Invalid
261721	X never sees brightness key release events on Dell laptops	acpid (Ubuntu Intrepid)	Undecided	Invalid
261721	X never sees brightness key release events on Dell laptops	linux (Ubuntu Intrepid)	High	Fix Released
261721	X never sees brightness key release events on Dell laptops	xorg-server (Ubuntu Intrepid)	Undecided	Invalid
261721	X never sees brightness key release events on Dell laptops	acpid (Ubuntu Jaunty)	Undecided	Invalid
261721	X never sees brightness key release events on Dell laptops	linux (Ubuntu Jaunty)	Medium	Fix Released
261721	X never sees brightness key release events on Dell laptops	xorg-server (Ubuntu Jaunty)	Undecided	Invalid

Bug #280821: serial deadlock with SMP

Summary				In	Importance	Status
	280821	serial deadlock with SMP		linux (Ubuntu)	High	Fix Released
	280821	serial deadlock with SMP		linux (Ubuntu Hardy)	High	Fix Released

Bug #281993: [intrepid] REGRESSION: multimedia keys no longer working

		In	Importance	Status
281993	[intrepid] REGRESSION: multimedia keys no longer working	linux (Ubuntu)	Low	Fix Released
281993	[intrepid] REGRESSION: multimedia keys no longer working	Linux	Low	Confirmed
281993	[intrepid] REGRESSION: multimedia keys no longer working	linux (Ubuntu Intrepid)	Low	Fix Released
281993	[intrepid] REGRESSION: multimedia keys no longer working	linux (Ubuntu Jaunty)	Low	Fix Released

Bug #288385: On HP EliteBook 8530w; Kernel stops booting at ACPI: Thermal Zone [DTSZ]

		In	Importance	Status
288385	On HP EliteBook 8530w; Kernel stops booting at ACPI: Thermal Zone [DTSZ]	linux (Ubuntu)	High	Fix Released
288385	On HP EliteBook 8530w; Kernel stops booting at ACPI: Thermal Zone [DTSZ]	Linux	Medium	Fix Released
288385	On HP EliteBook 8530w; Kernel stops booting at ACPI: Thermal Zone [DTSZ]	linux (Ubuntu Intrepid)	High	Fix Released

Bug #291878: HP Pavillion zv6000 series Notebook Volume Up/Down Buttons Misbehaving

Summary				In	Importance	Status
	291878	HP Pavillion zv6000 series Notebook Volume Up/Down Buttons Misbehaving		linux (Ubuntu)	Low	Fix Released
	291878	HP Pavillion zv6000 series Notebook Volume Up/Down Buttons Misbehaving		linux (Ubuntu Intrepid)	Low	Fix Released

Bug #292086: Fix zstar vimicro webcam (0ac8:303b)

		In	Importance	Status
292086	Fix zstar vimicro webcam (0ac8:303b)	linux (Ubuntu)	Medium	Fix Released
292086	Fix zstar vimicro webcam (0ac8:303b)	Linux	Medium	Fix Released
292086	Fix zstar vimicro webcam (0ac8:303b)	linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #295251: Samsung NC10 brightness keys block keyboard and produce all-or-nothing effect

		In	Importance	Status
295251	Samsung NC10 brightness keys block keyboard and produce all-or-nothing effect	hal-info (Ubuntu)	Medium	Fix Released
295251	Samsung NC10 brightness keys block keyboard and produce all-or-nothing effect	linux (Ubuntu)	Medium	Fix Released
295251	Samsung NC10 brightness keys block keyboard and produce all-or-nothing effect	Linux	Medium	Fix Released
295251	Samsung NC10 brightness keys block keyboard and produce all-or-nothing effect	hal-info (Ubuntu Hardy)	Undecided	Fix Released
295251	Samsung NC10 brightness keys block keyboard and produce all-or-nothing effect	linux (Ubuntu Hardy)	Medium	Invalid
295251	Samsung NC10 brightness keys block keyboard and produce all-or-nothing effect	hal-info (Ubuntu Intrepid)	Undecided	Fix Released
295251	Samsung NC10 brightness keys block keyboard and produce all-or-nothing effect	linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #299708: Update linux kernel to 2.6.24.24-53 in dell-mini

Summary				In	Importance	Status
	299708	Update linux kernel to 2.6.24.24-53 in dell-mini		linux (Ubuntu)	High	Invalid
	299708	Update linux kernel to 2.6.24.24-53 in dell-mini		The Dell Mini Project	Undecided	Fix Released

Bug #302421: i915: screen goes white, red, green or blue during suspend/resume or hibernation

Summary				In	Importance	Status
	302421	i915: screen goes white, red, green or blue during suspend/resume or hibernation		linux (Ubuntu)	Low	Fix Released
	302421	i915: screen goes white, red, green or blue during suspend/resume or hibernation		linux (Ubuntu Hardy)	Low	Fix Released

Bug #305188: [Hardy] Enable USB serial support on sparc

Summary				In	Importance	Status
	305188	[Hardy] Enable USB serial support on sparc		linux (Ubuntu)	Wishlist	Fix Released
	305188	[Hardy] Enable USB serial support on sparc		linux (Ubuntu Hardy)	Wishlist	Fix Released

Bug #309512: Dell Studio 17 (1737), 2 headphones jack do not work in Intrepid 8.10

Summary				In	Importance	Status
	309512	Dell Studio 17 (1737), 2 headphones jack do not work in Intrepid 8.10		linux (Ubuntu)	Wishlist	Fix Released
	309512	Dell Studio 17 (1737), 2 headphones jack do not work in Intrepid 8.10		linux (Ubuntu Intrepid)	Wishlist	Fix Released

Bug #311932: SD card insertion is not detected on HP EliteBook 6930p

		In	Importance	Status
311932	SD card insertion is not detected on HP EliteBook 6930p	linux (Ubuntu)	Low	Fix Released
311932	SD card insertion is not detected on HP EliteBook 6930p	linux (Ubuntu Intrepid)	Low	Fix Released
311932	SD card insertion is not detected on HP EliteBook 6930p	linux (Ubuntu Jaunty)	Low	Fix Released

Bug #319945: Include backport of vmware stable TSC patchset

		In	Importance	Status
319945	Include backport of vmware stable TSC patchset	linux (Ubuntu)	Wishlist	Fix Released
319945	Include backport of vmware stable TSC patchset	linux (Ubuntu Hardy)	Wishlist	Fix Released
319945	Include backport of vmware stable TSC patchset	linux (Ubuntu Intrepid)	Wishlist	Fix Released

Bug #320814: Kernelbug renders Sigmatel IrDA devices unusable

Summary				In	Importance	Status
	320814	Kernelbug renders Sigmatel IrDA devices unusable		linux (Ubuntu)	Medium	Fix Released
	320814	Kernelbug renders Sigmatel IrDA devices unusable		linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #321468: [Intrepid] Update kernel to Linux 2.6.27.11

Summary				In	Importance	Status
	321468	[Intrepid] Update kernel to Linux 2.6.27.11		linux (Ubuntu)	Medium	Fix Released
	321468	[Intrepid] Update kernel to Linux 2.6.27.11		linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #321472: [Intrepid] Update kernel to Linux 2.6.27.12

Summary				In	Importance	Status
	321472	[Intrepid] Update kernel to Linux 2.6.27.12		linux (Ubuntu)	Medium	Fix Released
	321472	[Intrepid] Update kernel to Linux 2.6.27.12		linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #321474: [Intrepid] Update kernel to Linux 2.6.27.13

		In	Importance	Status
321474	[Intrepid] Update kernel to Linux 2.6.27.13	linux (Ubuntu)	Medium	Fix Released
321474	[Intrepid] Update kernel to Linux 2.6.27.13	linux (Ubuntu Jaunty)	Medium	Fix Released
321474	[Intrepid] Update kernel to Linux 2.6.27.13	linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #324760: [Hardy] r8169: intermediate connection problems on server

Summary				In	Importance	Status
	324760	[Hardy] r8169: intermediate connection problems on server		linux (Ubuntu)	Medium	Fix Released
	324760	[Hardy] r8169: intermediate connection problems on server		linux (Ubuntu Hardy)	Undecided	Fix Released

Bug #324921: [Intrepid] Update kernel to Linux 2.6.27.14

Summary				In	Importance	Status
	324921	[Intrepid] Update kernel to Linux 2.6.27.14		linux (Ubuntu)	Medium	Invalid
	324921	[Intrepid] Update kernel to Linux 2.6.27.14		linux (Ubuntu Intrepid)	Undecided	Fix Released

Bug #325469: ath9k module spams logs with "ForceXPAon: 0"

Summary				In	Importance	Status
	325469	ath9k module spams logs with "ForceXPAon: 0"		linux (Ubuntu)	Medium	Fix Released
	325469	ath9k module spams logs with "ForceXPAon: 0"		linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #326891: 2.6.27.11 kernel breaks r8169 support for rtl8102e

		In	Importance	Status
326891	2.6.27.11 kernel breaks r8169 support for rtl8102e	linux (Ubuntu)	High	Invalid
326891	2.6.27.11 kernel breaks r8169 support for rtl8102e	linux (Ubuntu Hardy)	Medium	Fix Released
326891	2.6.27.11 kernel breaks r8169 support for rtl8102e	linux (Ubuntu Intrepid)	High	Fix Released

Bug #328652: [Intrepid] Update kernel to Linux 2.6.27.15

Summary				In	Importance	Status
	328652	[Intrepid] Update kernel to Linux 2.6.27.15		linux (Ubuntu)	Medium	Invalid
	328652	[Intrepid] Update kernel to Linux 2.6.27.15		linux (Ubuntu Intrepid)	Undecided	Fix Released

Bug #329007: [Hardy] Fix memory corruption in console selection

Summary				In	Importance	Status
	329007	[Hardy] Fix memory corruption in console selection		linux (Ubuntu)	Medium	Fix Released
	329007	[Hardy] Fix memory corruption in console selection		linux (Ubuntu Hardy)	Undecided	Fix Released

Bug #329489: locks on unlinked files leak memory in apparmor

		In	Importance	Status
329489	locks on unlinked files leak memory in apparmor	apparmor (Ubuntu)	Medium	Invalid
329489	locks on unlinked files leak memory in apparmor	apparmor (Ubuntu Hardy)	Medium	Invalid
329489	locks on unlinked files leak memory in apparmor	apparmor (Ubuntu Intrepid)	Medium	Invalid
329489	locks on unlinked files leak memory in apparmor	apparmor (Ubuntu Jaunty)	Medium	Invalid
329489	locks on unlinked files leak memory in apparmor	linux (Ubuntu)	Medium	Fix Released
329489	locks on unlinked files leak memory in apparmor	linux (Ubuntu Hardy)	Medium	Fix Released
329489	locks on unlinked files leak memory in apparmor	linux (Ubuntu Intrepid)	Undecided	Fix Released
329489	locks on unlinked files leak memory in apparmor	linux (Ubuntu Jaunty)	Medium	Fix Released

Bug #330200: [Intrepid] Update kernel to Linux 2.6.27.16/17

Summary				In	Importance	Status
	330200	[Intrepid] Update kernel to Linux 2.6.27.16/17		linux (Ubuntu)	Medium	Invalid
	330200	[Intrepid] Update kernel to Linux 2.6.27.16/17		linux (Ubuntu Intrepid)	Undecided	Fix Released

Bug #330902: [Intrepid] Update kernel to Linux 2.6.27.18

		In	Importance	Status
330902	[Intrepid] Update kernel to Linux 2.6.27.18	linux (Ubuntu)	Medium	Fix Released
330902	[Intrepid] Update kernel to Linux 2.6.27.18	linux (Ubuntu Intrepid)	Undecided	Fix Released
330902	[Intrepid] Update kernel to Linux 2.6.27.18	linux-backports-modules-2.6.24 (Ubuntu)	Low	Invalid
330902	[Intrepid] Update kernel to Linux 2.6.27.18	linux-backports-modules-2.6.24 (Ubuntu Intrepid)	Undecided	Invalid
330902	[Intrepid] Update kernel to Linux 2.6.27.18	linux (Ubuntu Hardy)	Undecided	Invalid
330902	[Intrepid] Update kernel to Linux 2.6.27.18	linux-backports-modules-2.6.24 (Ubuntu Hardy)	Low	Fix Released

Bug #331106: Suspending while playing music via BlueTooth headset causes kernel panic

		In	Importance	Status
331106	Suspending while playing music via BlueTooth headset causes kernel panic	linux (Ubuntu)	Medium	Fix Released
331106	Suspending while playing music via BlueTooth headset causes kernel panic	linux (Ubuntu Hardy)	Medium	Fix Released
331106	Suspending while playing music via BlueTooth headset causes kernel panic	linux (Ubuntu Intrepid)	Medium	Fix Released

Bug #335097: [hardy] Under long-running load test, KVM guest freeze and host oops

		In	Importance	Status
335097	[hardy] Under long-running load test, KVM guest freeze and host oops	linux (Ubuntu)	High	Invalid
335097	[hardy] Under long-running load test, KVM guest freeze and host oops	linux (Ubuntu Hardy)	High	Fix Released
335097	[hardy] Under long-running load test, KVM guest freeze and host oops	linux (Ubuntu Intrepid)	High	Fix Released

Bug #349655: [hardy][sparc]: new kernel in security doesn't boot

Summary				In	Importance	Status
	349655	[hardy][sparc]: new kernel in security doesn't boot		linux (Ubuntu)	High	Fix Released

Bug #376039: Please update USN-752-1's description

Summary				In	Importance	Status
	376039	Please update USN-752-1's description		Ubuntu	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2009010...
CONFIRM: http://git.kernel.org/...
CONFIRM: http://patchwork.ozlab...
CONFIRM: https://bugzilla.redha...
BID: 33113
FEDORA: FEDORA-2009-0816
SECUNIA: 33674
REDHAT: RHSA-2009:0053
SECUNIA: 33854
REDHAT: RHSA-2009:0264
SECUNIA: 33858
SUSE: SUSE-SA:2009:010
REDHAT: RHSA-2009:0331
SECUNIA: 34252
DEBIAN: DSA-1749
SECUNIA: 34394
UBUNTU: USN-751-1
SECUNIA: 34680
CONFIRM: http://support.avaya.c...
SECUNIA: 34762
DEBIAN: DSA-1787
SECUNIA: 34981
DEBIAN: DSA-1794
SECUNIA: 35011
REDHAT: RHSA-2009:1055
SECUNIA: 35174
SUSE: SUSE-SA:2009:030
SUSE: SUSE-SA:2009:031
SECUNIA: 35390
SECUNIA: 35394
HP: HPSBNS02449
HP: SSSRT090149
SECTRACK: 1022698
SECUNIA: 36191
VUPEN: ADV-2009-2193
VUPEN: ADV-2009-0029
OVAL: oval:org.mitre.oval:de...