Candidate: CVE-2007-1353
References: 
 http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34.3
 http://www.securityfocus.com/bid/23594
 http://www.frsirt.com/english/advisories/2007/1495
 http://secunia.com/advisories/24976 
Description: 
 The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux
 kernel before 2.4.34.3 allows context-dependent attackers to read kernel
 memory and obtain sensitive information via unspecified vectors involving the
 copy_from_user function accessing an uninitialized stack buffer.
Ubuntu-Description: 
Notes: 
Bugs: 
upstream: 
linux-2.6: 
2.6.18-etch-security: pending (2.6.18.dfsg.1-12etch3) [bugfix/bluetooth-l2cap-hci-info-leaks.patch]
2.6.8-sarge-security: 
2.4.27-sarge-security: pending (2.4.27-10sarge6) [244_bluetooth-l2cap-hci-info-leaks.diff]
2.6.15-dapper-security: needed
2.6.17-edgy-security: needed
2.6.20-feisty-security: needed