Comment 13 for bug 1527374

Revision history for this message
Launchpad Janitor (janitor) wrote : Re: privilege escalation on attach through ptrace

This bug was fixed in the package linux-raspi2 - 4.2.0-1017.24

---------------
linux-raspi2 (4.2.0-1017.24) wily; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1527537
  * rebased on Ubuntu-4.2.0-21.25

  [ Ubuntu: 4.2.0-22.27 ]

  * Release Tracking Bug
    - LP: #1527391
  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

  [ Ubuntu: 4.2.0-22.26 ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen-scsiback: safely copy requests
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Luis Henriques <email address hidden> Fri, 18 Dec 2015 10:37:58 +0000