CVE-2015-4004

Bug #1463740 reported by John Johansen on 2015-06-10
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-armadaxp (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-ec2 (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-flo (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-fsl-imx51 (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-goldfish (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-backport-maverick (Ubuntu)
Undecided
Unassigned
Precise
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
Vivid
Undecided
Unassigned
Wily
Undecided
Unassigned
Xenial
Undecided
Unassigned
Yakkety
Undecided
Unassigned
linux-lts-backport-natty (Ubuntu)
Undecided
Unassigned
Precise
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
Vivid
Undecided
Unassigned
Wily
Undecided
Unassigned
Xenial
Undecided
Unassigned
Yakkety
Undecided
Unassigned
linux-lts-quantal (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-raring (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-saucy (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-trusty (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-utopic (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-vivid (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-wily (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-xenial (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-mako (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-manta (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-mvl-dove (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-raspi2 (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-snapdragon (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned

Bug Description

The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet.

Break-Fix: ae926051d7eb8f80dba9513db70d2e2fc8385d3a a73e99cb67e7438e5ab0c524ae63a8a27616c839

John Johansen (jjohansen) wrote :

CVE-2015-4004

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-lts-trusty (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Trusty):
status: New → Invalid
Changed in linux (Ubuntu Precise):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Vivid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Wily):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Trusty):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Vivid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Wily):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Utopic):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Trusty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Vivid):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Wily):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Utopic):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Vivid):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Wily):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Utopic):
status: New → Invalid
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Vivid):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Wily):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Utopic):
status: New → Invalid
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
description: updated
Changed in linux-lts-trusty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
description: updated
no longer affects: linux-lts-trusty (Ubuntu Utopic)
no longer affects: linux-armadaxp (Ubuntu Utopic)
no longer affects: linux-ec2 (Ubuntu Utopic)
no longer affects: linux-goldfish (Ubuntu Utopic)
no longer affects: linux-lts-saucy (Ubuntu Utopic)
no longer affects: linux-lts-quantal (Ubuntu Utopic)
no longer affects: linux-mvl-dove (Ubuntu Utopic)
no longer affects: linux-ti-omap4 (Ubuntu Utopic)
no longer affects: linux-lts-vivid (Ubuntu Utopic)
no longer affects: linux (Ubuntu Utopic)
no longer affects: linux-mako (Ubuntu Utopic)
no longer affects: linux-fsl-imx51 (Ubuntu Utopic)
no longer affects: linux-lts-utopic (Ubuntu Utopic)
no longer affects: linux-flo (Ubuntu Utopic)
no longer affects: linux-lts-raring (Ubuntu Utopic)
no longer affects: linux-manta (Ubuntu Utopic)
Steve Beattie (sbeattie) on 2015-09-16
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Invalid
Steve Beattie (sbeattie) on 2015-11-10
Changed in linux-lts-wily (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Medium
Steve Beattie (sbeattie) on 2015-11-16
Changed in linux-raspi2 (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Medium
Steve Beattie (sbeattie) on 2015-12-10
description: updated
Steve Beattie (sbeattie) on 2015-12-12
Changed in linux (Ubuntu Xenial):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Xenial):
status: New → Fix Committed
Steve Beattie (sbeattie) on 2016-02-10
Changed in linux-lts-xenial (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Trusty):
status: New → Fix Committed
importance: Undecided → Medium
Steve Beattie (sbeattie) on 2016-04-19
Changed in linux-manta (Ubuntu Xenial):
status: New → Invalid
Rolf Leggewie (r0lf) on 2016-04-24
Changed in linux-lts-backport-maverick (Ubuntu Utopic):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Utopic):
status: New → Won't Fix
Changed in linux (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux (Ubuntu Vivid):
status: New → Fix Committed
Changed in linux (Ubuntu Wily):
status: New → Fix Committed
Steve Beattie (sbeattie) on 2016-05-02
Changed in linux-lts-utopic (Ubuntu Trusty):
status: New → Fix Committed
Steve Beattie (sbeattie) on 2016-05-05
Changed in linux-snapdragon (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Yakkety):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Steve Beattie (sbeattie) on 2016-05-19
Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-lts-wily (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-lts-vivid (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-raspi2 (Ubuntu Wily):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.13.0-87.133

---------------
linux (3.13.0-87.133) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1585315

  [ Upstream Kernel Changes ]

  * Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864

linux (3.13.0-87.132) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1582398

  [ Kamal Mostafa ]

  * [Config] Drop ozwpan from the ABI

  [ Luis Henriques ]

  * [Config] CONFIG_USB_WPAN_HCD=n
    - LP: #1463740
    - CVE-2015-4004

  [ Prarit Bhargava ]

  * SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for recursive
    method calls
    - LP: #1577898

  [ Upstream Kernel Changes ]

  * usbnet: cleanup after bind() in probe()
    - LP: #1567191
    - CVE-2016-3951
  * KVM: x86: bit-ops emulation ignores offset on 64-bit
    - LP: #1423672
  * USB: usbip: fix potential out-of-bounds write
    - LP: #1572666
    - CVE-2016-3955
  * x86/mm/32: Enable full randomization on i386 and X86_32
    - LP: #1568523
    - CVE-2016-3672
  * Input: gtco - fix crash on detecting device without endpoints
    - LP: #1575706
    - CVE-2016-2187
  * atl2: Disable unimplemented scatter/gather feature
    - LP: #1561403
    - CVE-2016-2117
  * ALSA: usb-audio: Skip volume controls triggers hangup on Dell USB Dock
    - LP: #1577905
  * fs/pnode.c: treat zero mnt_group_id-s as unequal
    - LP: #1572316
  * propogate_mnt: Handle the first propogated copy being a slave
    - LP: #1572316
  * drm: Balance error path for GEM handle allocation
    - LP: #1579610
  * x86/mm: Add barriers and document switch_mm()-vs-flush synchronization
    - LP: #1538429
    - CVE-2016-2069
  * x86/mm: Improve switch_mm() barrier comments
    - LP: #1538429
    - CVE-2016-2069
  * net: fix infoleak in llc
    - LP: #1578496
    - CVE-2016-4485
  * net: fix infoleak in rtnetlink
    - LP: #1578497
    - CVE-2016-4486

 -- Kamal Mostafa <email address hidden> Tue, 24 May 2016 11:04:30 -0700

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-trusty - 3.13.0-88.135~precise1

---------------
linux-lts-trusty (3.13.0-88.135~precise1) precise; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler

 -- Andy Whitcroft <email address hidden> Thu, 09 Jun 2016 09:05:50 +0100

Changed in linux-lts-trusty (Ubuntu Precise):
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-utopic - 3.16.0-73.95~14.04.1

---------------
linux-lts-utopic (3.16.0-73.95~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler

 -- Andy Whitcroft <email address hidden> Thu, 09 Jun 2016 08:46:24 +0100

Changed in linux-lts-utopic (Ubuntu Trusty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-vivid - 3.19.0-61.69~14.04.1

---------------
linux-lts-vivid (3.19.0-61.69~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

 -- Andy Whitcroft <email address hidden> Thu, 09 Jun 2016 09:55:44 +0100

Changed in linux-lts-vivid (Ubuntu Trusty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-wily - 4.2.0-38.45~14.04.1

---------------
linux-lts-wily (4.2.0-38.45~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

 -- Andy Whitcroft <email address hidden> Thu, 09 Jun 2016 10:11:57 +0100

Changed in linux-lts-wily (Ubuntu Trusty):
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.19.0-61.69

---------------
linux (3.19.0-61.69) vivid; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

 -- Andy Whitcroft <email address hidden> Wed, 08 Jun 2016 22:25:58 +0100

Changed in linux (Ubuntu Vivid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.2.0-38.45

---------------
linux (4.2.0-38.45) wily; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

 -- Andy Whitcroft <email address hidden> Wed, 08 Jun 2016 22:10:39 +0100

Changed in linux (Ubuntu Wily):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-raspi2 - 4.2.0-1031.41

---------------
linux-raspi2 (4.2.0-1031.41) wily; urgency=low

  [ Kamal Mostafa ]

  [ Ubuntu: 4.2.0-38.45 ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

 -- Andy Whitcroft <email address hidden> Thu, 09 Jun 2016 11:00:02 +0100

Changed in linux-raspi2 (Ubuntu Wily):
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released

This bug was nominated against a series that is no longer supported, ie vivid. The bug task representing the vivid nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux-flo (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-mako (Ubuntu Vivid):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers