CVE-2016-4440

Bug #1584192 reported by Steve Beattie on 2016-05-20
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-armadaxp (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-flo (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-goldfish (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-quantal (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-raring (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-saucy (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-trusty (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-utopic (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-vivid (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-wily (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-xenial (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-mako (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-manta (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-raspi2 (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-snapdragon (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned

Bug Description

Linux kernel built with the Kernel-based virtual machine(CONFIG_KVM) along with Hyper-v Synthetic Interrupt Controller(SynIC) support is vulnerable to an undue APIC register access issue. In that a guest with SynIC enabled, could gain access to host's Machine Specific Registers(MSR). A privileged user inside guest could use this flaw to crash the host kernel resulting in DoS OR potentially leverage it to escalate privileges on the host.

Break-Fix: 5c919412fe61c35947816fdbd5f7bd09fe0dd073 -

Steve Beattie (sbeattie) wrote :

CVE-2016-4440

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-lts-trusty (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Trusty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Wily):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Xenial):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Trusty):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Wily):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Xenial):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
Changed in linux-manta (Ubuntu Xenial):
status: New → Invalid
Changed in linux-manta (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Precise):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Wily):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Trusty):
status: New → Invalid
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
description: updated
Changed in linux-lts-trusty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Steve Beattie (sbeattie) on 2016-05-20
Changed in linux-ti-omap4 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Steve Beattie (sbeattie) on 2016-05-23
Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Trusty):
status: New → Invalid
Changed in linux (Ubuntu Precise):
status: New → Invalid
Changed in linux (Ubuntu Wily):
status: New → Invalid
Changed in linux (Ubuntu Xenial):
status: New → Invalid
Changed in linux (Ubuntu Yakkety):
status: New → Invalid
Changed in linux (Ubuntu Trusty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Trusty):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Wily):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Trusty):
status: New → Invalid
Changed in linux (Ubuntu Xenial):
status: Invalid → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (15.5 KiB)

This bug was fixed in the package linux-raspi2 - 4.4.0-1019.25

---------------
linux-raspi2 (4.4.0-1019.25) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1605715

  [ Ubuntu: 4.4.0-33.52 ]

  * Release Tracking Bug
    - LP: #1605709
  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux-raspi2 (4.4.0-1018.24) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1604457

  * Drop superseded namespace mount patches (LP: #1604830)
    - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes
    - UBUNTU: SAUCE: quota: Treat superblock owner as privilged
    - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns
    - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns

  * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483)

  [ Kamal Mostafa ]

  * [Debian] embed derivative target name in release tag (LP: #1599924)

  [ Ubuntu: 4.4.0-32.51 ]

  * Release Tracking Bug
    - LP: #1604443
  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11
  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog
  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig
  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics
  * CVE-2016-4470
    - KEYS: potential uninitialized variable
  * integer overflow in xt_alloc_table_info (LP: #1555353)
    - netfilter: x_tables: check for size overflow
  * CVE-2016-3135:
    - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"
  * CVE-2016-4440 (LP: #1584192)
    - kvm:vmx: more complete state update on APICv on/off
  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device
  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad
  * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
    - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]
  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix synchronization ...

Changed in linux-raspi2 (Ubuntu Yakkety):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (15.5 KiB)

This bug was fixed in the package linux-snapdragon - 4.4.0-1022.25

---------------
linux-snapdragon (4.4.0-1022.25) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1605716

  [ Ubuntu: 4.4.0-33.52 ]

  * Release Tracking Bug
    - LP: #1605709
  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux-snapdragon (4.4.0-1021.24) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1604458

  * Drop superseded namespace mount patches (LP: #1604830)
    - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes
    - UBUNTU: SAUCE: quota: Treat superblock owner as privilged
    - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns
    - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns

  * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483)

  [ Kamal Mostafa ]

  * [Debian] embed derivative target name in release tag (LP: #1599924)

  [ Ubuntu: 4.4.0-32.51 ]

  * Release Tracking Bug
    - LP: #1604443
  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11
  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog
  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig
  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics
  * CVE-2016-4470
    - KEYS: potential uninitialized variable
  * integer overflow in xt_alloc_table_info (LP: #1555353)
    - netfilter: x_tables: check for size overflow
  * CVE-2016-3135:
    - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"
  * CVE-2016-4440 (LP: #1584192)
    - kvm:vmx: more complete state update on APICv on/off
  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device
  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad
  * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
    - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]
  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix sync...

Changed in linux-snapdragon (Ubuntu Yakkety):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (14.6 KiB)

This bug was fixed in the package linux - 4.4.0-33.52

---------------
linux (4.4.0-33.52) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1605709

  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux (4.4.0-32.51) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1604443

  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11

  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog

  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig

  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics

  * CVE-2016-4470
    - KEYS: potential uninitialized variable

  * integer overflow in xt_alloc_table_info (LP: #1555353)
    - netfilter: x_tables: check for size overflow

  * CVE-2016-3135:
    - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"

  * CVE-2016-4440 (LP: #1584192)
    - kvm:vmx: more complete state update on APICv on/off

  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device

  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad

  * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
    - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]

  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix synchronization between chunk->map_extend_work and chunk
      destruction
    - percpu: fix synchronization between synchronous map extension and chunk
      destruction

  * Xenial update to v4.4.15 stable release (LP: #1601952)
    - net_sched: fix pfifo_head_drop behavior vs backlog
    - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG
    - sit: correct IP protocol used in ipip6_err
    - esp: Fix ESN generation under UDP encapsulation
    - netem: fix a use after free
    - ipmr/ip6mr: Initialize the last assert time of mfc entries.
    - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address
    - sock_diag: do not broadcast raw socket destruction
    - bpf, perf...

Changed in linux (Ubuntu Yakkety):
status: Invalid → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (15.0 KiB)

This bug was fixed in the package linux-lts-xenial - 4.4.0-34.53~14.04.1

---------------
linux-lts-xenial (4.4.0-34.53~14.04.1) trusty; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1606965

  * [APL][SAUCE] Slow system response time due to a monitor bug (LP: #1606147)
    - x86/cpu/intel: Introduce macros for Intel family numbers
    - SAUCE: x86/cpu: Add workaround for MONITOR instruction erratum on Goldmont
      based CPUs

linux (4.4.0-33.52) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1605709

  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux (4.4.0-32.51) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1604443

  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11

  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog

  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig

  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics

  * CVE-2016-4470
    - KEYS: potential uninitialized variable

  * integer overflow in xt_alloc_table_info (LP: #1555353)
    - netfilter: x_tables: check for size overflow

  * CVE-2016-3135:
    - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"

  * CVE-2016-4440 (LP: #1584192)
    - kvm:vmx: more complete state update on APICv on/off

  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device

  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad

  * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
    - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]

  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix synchronization between chunk->map_extend_work and chunk
      destruction
    - percpu: fix synchronization between synchronous map extension and chunk
      destruction

  * Xenial update to v4.4.15 stable release (LP: #1601952)
    - net_sched: fix pfifo_head_drop behavior vs backlog
    - net: Don't forget pr_fmt on ...

Changed in linux-lts-xenial (Ubuntu Trusty):
status: Invalid → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (15.5 KiB)

This bug was fixed in the package linux-snapdragon - 4.4.0-1022.25

---------------
linux-snapdragon (4.4.0-1022.25) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1605716

  [ Ubuntu: 4.4.0-33.52 ]

  * Release Tracking Bug
    - LP: #1605709
  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux-snapdragon (4.4.0-1021.24) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1604458

  * Drop superseded namespace mount patches (LP: #1604830)
    - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes
    - UBUNTU: SAUCE: quota: Treat superblock owner as privilged
    - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns
    - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns

  * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483)

  [ Kamal Mostafa ]

  * [Debian] embed derivative target name in release tag (LP: #1599924)

  [ Ubuntu: 4.4.0-32.51 ]

  * Release Tracking Bug
    - LP: #1604443
  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11
  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog
  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig
  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics
  * CVE-2016-4470
    - KEYS: potential uninitialized variable
  * integer overflow in xt_alloc_table_info (LP: #1555353)
    - netfilter: x_tables: check for size overflow
  * CVE-2016-3135:
    - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"
  * CVE-2016-4440 (LP: #1584192)
    - kvm:vmx: more complete state update on APICv on/off
  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device
  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad
  * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
    - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]
  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix sync...

Changed in linux-snapdragon (Ubuntu Xenial):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (15.0 KiB)

This bug was fixed in the package linux - 4.4.0-34.53

---------------
linux (4.4.0-34.53) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1606960

  * [APL][SAUCE] Slow system response time due to a monitor bug (LP: #1606147)
    - x86/cpu/intel: Introduce macros for Intel family numbers
    - SAUCE: x86/cpu: Add workaround for MONITOR instruction erratum on Goldmont
      based CPUs

linux (4.4.0-33.52) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1605709

  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux (4.4.0-32.51) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1604443

  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11

  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog

  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig

  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics

  * CVE-2016-4470
    - KEYS: potential uninitialized variable

  * integer overflow in xt_alloc_table_info (LP: #1555353)
    - netfilter: x_tables: check for size overflow

  * CVE-2016-3135:
    - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"

  * CVE-2016-4440 (LP: #1584192)
    - kvm:vmx: more complete state update on APICv on/off

  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device

  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad

  * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
    - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]

  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix synchronization between chunk->map_extend_work and chunk
      destruction
    - percpu: fix synchronization between synchronous map extension and chunk
      destruction

  * Xenial update to v4.4.15 stable release (LP: #1601952)
    - net_sched: fix pfifo_head_drop behavior vs backlog
    - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (15.5 KiB)

This bug was fixed in the package linux-raspi2 - 4.4.0-1019.25

---------------
linux-raspi2 (4.4.0-1019.25) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1605715

  [ Ubuntu: 4.4.0-33.52 ]

  * Release Tracking Bug
    - LP: #1605709
  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux-raspi2 (4.4.0-1018.24) xenial; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1604457

  * Drop superseded namespace mount patches (LP: #1604830)
    - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes
    - UBUNTU: SAUCE: quota: Treat superblock owner as privilged
    - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns
    - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns

  * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483)

  [ Kamal Mostafa ]

  * [Debian] embed derivative target name in release tag (LP: #1599924)

  [ Ubuntu: 4.4.0-32.51 ]

  * Release Tracking Bug
    - LP: #1604443
  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11
  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog
  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig
  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics
  * CVE-2016-4470
    - KEYS: potential uninitialized variable
  * integer overflow in xt_alloc_table_info (LP: #1555353)
    - netfilter: x_tables: check for size overflow
  * CVE-2016-3135:
    - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"
  * CVE-2016-4440 (LP: #1584192)
    - kvm:vmx: more complete state update on APICv on/off
  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device
  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad
  * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
    - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]
  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix synchronization ...

Changed in linux-raspi2 (Ubuntu Xenial):
status: Invalid → Fix Released

This bug was nominated against a series that is no longer supported, ie vivid. The bug task representing the vivid nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-lts-saucy (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-lts-trusty (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-lts-utopic (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-lts-vivid (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-mako (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-manta (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-raspi2 (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-ti-omap4 (Ubuntu Vivid):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers