CVE-2015-4001

Bug #1463442 reported by Luis Henriques
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Vivid
Fix Released
Medium
Unassigned
Wily
Fix Released
Medium
Unassigned
Xenial
Fix Released
Medium
Unassigned
Yakkety
Fix Released
Medium
Unassigned
linux-armadaxp (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-ec2 (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-flo (Ubuntu)
New
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Won't Fix
Medium
Unassigned
Wily
New
Medium
Unassigned
Xenial
New
Medium
Unassigned
Yakkety
New
Medium
Unassigned
linux-fsl-imx51 (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-goldfish (Ubuntu)
New
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Medium
Unassigned
Wily
New
Medium
Unassigned
Xenial
New
Medium
Unassigned
Yakkety
New
Medium
Unassigned
linux-lts-backport-maverick (Ubuntu)
New
Undecided
Unassigned
Precise
Won't Fix
Undecided
Unassigned
Trusty
New
Undecided
Unassigned
Utopic
Won't Fix
Undecided
Unassigned
Vivid
New
Undecided
Unassigned
Wily
New
Undecided
Unassigned
Xenial
New
Undecided
Unassigned
Yakkety
New
Undecided
Unassigned
linux-lts-backport-natty (Ubuntu)
New
Undecided
Unassigned
Precise
Won't Fix
Undecided
Unassigned
Trusty
New
Undecided
Unassigned
Utopic
Won't Fix
Undecided
Unassigned
Vivid
New
Undecided
Unassigned
Wily
New
Undecided
Unassigned
Xenial
New
Undecided
Unassigned
Yakkety
New
Undecided
Unassigned
linux-lts-quantal (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-raring (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-saucy (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-trusty (Ubuntu)
Invalid
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-utopic (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-vivid (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-wily (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-xenial (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Fix Committed
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-mako (Ubuntu)
New
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Won't Fix
Medium
Unassigned
Wily
New
Medium
Unassigned
Xenial
New
Medium
Unassigned
Yakkety
New
Medium
Unassigned
linux-manta (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Medium
Unassigned
Wily
New
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-mvl-dove (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-raspi2 (Ubuntu)
Fix Committed
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Fix Committed
Medium
Unassigned
Yakkety
Fix Committed
Medium
Unassigned
linux-snapdragon (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Invalid
Medium
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned

Bug Description

Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet.

Break-Fix: ae926051d7eb8f80dba9513db70d2e2fc8385d3a b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c

Revision history for this message
Luis Henriques (henrix) wrote :

CVE-2015-4001

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-lts-trusty (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Trusty):
status: New → Invalid
Changed in linux (Ubuntu Precise):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Vivid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Wily):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Trusty):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Vivid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Wily):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Utopic):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Trusty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Vivid):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Wily):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Utopic):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Vivid):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Wily):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Utopic):
status: New → Invalid
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Vivid):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Wily):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Vivid):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Utopic):
status: New → Invalid
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
description: updated
Changed in linux-lts-trusty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-mvl-dove (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-ec2 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-fsl-imx51 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Utopic):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Brad Figg (brad-figg)
Changed in linux (Ubuntu Utopic):
status: New → Fix Committed
Brad Figg (brad-figg)
Changed in linux (Ubuntu Vivid):
status: New → Fix Committed
Brad Figg (brad-figg)
Changed in linux (Ubuntu Trusty):
status: New → Fix Committed
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (8.5 KiB)

This bug was fixed in the package linux - 3.19.0-22.22

---------------
linux (3.19.0-22.22) vivid; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1465755

  [ Tai Nguyen ]

  * SAUCE: power: reset: Add syscon reboot device node for APM X-Gene
    platform
    - LP: #1463211

  [ Upstream Kernel Changes ]

  * Revert "dm crypt: fix deadlock when async crypto algorithm returns
    -EBUSY"
    - LP: #1465696
  * Bluetooth: ath3k: Add a new ID 0cf3:e006 to ath3k list
    - LP: #1459934
  * cdc-acm: prevent infinite loop when parsing CDC headers.
    - LP: #1460657
  * (upstream) libata: Blacklist queued TRIM on all Samsung 800-series
    - LP: #1338706, #1449005
  * powerpc/powernv: Check image loaded or not before calling flash
    - LP: #1461553
  * ahci: avoton port-disable reset-quirk
    - LP: #1458617
  * Bluetooth: btusb: support public address configuration for ath3012
    - LP: #1459937
  * Bluetooth: btusb: Add setup callback for chip init on USB
    - LP: #1459937
  * Bluetooth: btusb: Add support for QCA ROME chipset family
    - LP: #1459937
  * Bluetooth: btusb: Fix incorrect type in qca_device_info
    - LP: #1459937
  * Bluetooth: btusb: Fix minor whitespace issue in QCA ROME device entries
    - LP: #1459937
  * Bluetooth: btusb: Add support for 0cf3:e007
    - LP: #1459937
  * storvsc: Set the SRB flags correctly when no data transfer is needed
    - LP: #1439780
  * vfs: read file_handle only once in handle_to_path
    - LP: #1416503
    - CVE-2015-1420
  * ozwpan: Use unsigned ints to prevent heap overflow
    - LP: #1463442
    - CVE-2015-4001
  * ozwpan: divide-by-zero leading to panic
    - LP: #1463445
    - CVE-2015-4003
  * ozwpan: Use proper check to prevent heap overflow
    - LP: #1463444
    - CVE-2015-4002
  * ozwpan: unchecked signed subtraction leads to DoS
    - LP: #1463444
    - CVE-2015-4002
  * enclosure: fix WARN_ON removing an adapter in multi-path devices
    - LP: #1415178
  * ASoC: tfa9879: Fix return value check in tfa9879_i2c_probe()
    - LP: #1465696
  * ASoC: samsung: s3c24xx-i2s: Fix return value check in
    s3c24xx_iis_dev_probe()
    - LP: #1465696
  * ASoC: dapm: Enable autodisable on SOC_DAPM_SINGLE_TLV_AUTODISABLE
    - LP: #1465696
  * ASoC: rt5677: add register patch for PLL
    - LP: #1465696
  * btrfs: unlock i_mutex after attempting to delete subvolume during send
    - LP: #1465696
  * ALSA: hda - Fix mute-LED fixed mode
    - LP: #1465696
  * ALSA: hda - Add mute-LED mode control to Thinkpad
    - LP: #1465696
  * arm64: dma-mapping: always clear allocated buffers
    - LP: #1465696
  * ALSA: emu10k1: Fix card shortname string buffer overflow
    - LP: #1465696
  * ALSA: emux: Fix mutex deadlock at unloading
    - LP: #1465696
  * drm/radeon: Use drm_calloc_ab for CS relocs
    - LP: #1465696
  * drm/radeon: adjust pll when audio is not enabled
    - LP: #1465696
  * drm/radeon: add SI DPM quirk for Sapphire R9 270 Dual-X 2G GDDR5
    - LP: #1465696
  * drm/radeon: fix lockup when BOs aren't part of the VM on release
    - LP: #1465696
  * drm/radeon: reset BOs address after clearing it.
    - LP: #1465696
  * drm/radeon: check new address before removing old one
  ...

Read more...

Changed in linux (Ubuntu Wily):
status: New → Fix Released
Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-lts-vivid (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-lts-utopic (Ubuntu Trusty):
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (20.2 KiB)

This bug was fixed in the package linux - 3.16.0-43.58

---------------
linux (3.16.0-43.58) utopic; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1466792

  [ Brad Figg ]

  * Merged back Ubuntu-3.16.0-41.57 regression fix for security release

linux (3.16.0-42.56) utopic; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1465714

  [ Chris J Arges ]

  * [config] CONFIG_IPMI_POWERNV=m on ppc64el
    - LP: #1439562

  [ Luis Henriques ]

  * [Config] Disable CONFIG_USB_OTG
    - LP: #1411295

  [ Upstream Kernel Changes ]

  * Revert "i2c: Mark adapter devices with pm_runtime_no_callbacks"
    - LP: #1465613
  * Revert "mm/hugetlb: use pmd_page() in follow_huge_pmd()"
    - LP: #1465613
  * cdc-acm: prevent infinite loop when parsing CDC headers.
    - LP: #1460657
  * drivers/char/ipmi: Add powernv IPMI driver
    - LP: #1439562
  * powerpc/powernv: Add OPAL IPMI interface
    - LP: #1439562
  * powerpc/powernv: Support OPAL requested heartbeat
    - LP: #1439562
  * powerpc/kernel: Make syscall_exit a local label
    - LP: #1439562
  * powerpc: Remove old compile time disabled syscall tracing code
    - LP: #1439562
  * powerpc/powernv: Remove "opal" prefix from pr_xxx()s
    - LP: #1439562
  * powerpc/powernv: Separate function for OPAL IRQ setup
    - LP: #1439562
  * powerpc/powernv: Add OPAL message notifier unregister function
    - LP: #1439562
  * device: Add dev_of_node() accessor
    - LP: #1439562
  * drivers/core/of: Add symlink to device-tree from devices with an OF
    node
    - LP: #1439562
  * powerpc: Add a proper syscall for switching endianness
    - LP: #1439562
  * (upstream) libata: Blacklist queued TRIM on all Samsung 800-series
    - LP: #1338706, #1449005
  * ahci: avoton port-disable reset-quirk
    - LP: #1458617
  * udf: Remove repeated loads blocksize
    - LP: #1462173
    - CVE-2015-4167
  * udf: Check length of extended attributes and allocation descriptors
    - LP: #1462173
    - CVE-2015-4167
  * (upstream)scsi_lib: remove the description string in
    scsi_io_completion()
    - LP: #1449372
  * vfs: read file_handle only once in handle_to_path
    - LP: #1416503
    - CVE-2015-1420
  * ozwpan: Use unsigned ints to prevent heap overflow
    - LP: #1463442
    - CVE-2015-4001
  * ozwpan: divide-by-zero leading to panic
    - LP: #1463445
    - CVE-2015-4003
  * ozwpan: Use proper check to prevent heap overflow
    - LP: #1463444
    - CVE-2015-4002
  * ozwpan: unchecked signed subtraction leads to DoS
    - LP: #1463444
    - CVE-2015-4002
  * net: eth: xgene: devm_ioremap() returns NULL on error
    - LP: #1458042
  * drivers: net: xgene: fix new firmware backward compatibility with older
    driver
    - LP: #1458042
  * drivers: net: xgene: constify of_device_id array
    - LP: #1458042
  * drivers: net: xgene: Add second SGMII based 1G interface
    - LP: #1458042
  * dtb: change binding name to match with newer firmware DT
    - LP: #1458042
  * dtb: xgene: Add second SGMII based 1G interface node
    - LP: #1458042
  * mlx4: Fix tx ring affinity_mask creation
    - LP: #1465613
  * net/mlx4_en: Schedule napi when RX buffers allocation fails
    - LP: #1465613
...

Changed in linux (Ubuntu Vivid):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Utopic):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (9.2 KiB)

This bug was fixed in the package linux - 3.13.0-57.95

---------------
linux (3.13.0-57.95) trusty; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1466592

  [ Brad Figg ]

  * Merged back Ubuntu-3.13.0-55.94 regression fix for security release

linux (3.13.0-56.93) trusty; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1465798

  [ Upstream Kernel Changes ]

  * net: eth: xgene: devm_ioremap() returns NULL on error
    - LP: #1458042
  * drivers: net: xgene: fix new firmware backward compatibility with older
    driver
    - LP: #1458042
  * drivers: net: xgene: constify of_device_id array
    - LP: #1458042
  * drivers: net: xgene: Add second SGMII based 1G interface
    - LP: #1458042
  * net: phy: re-design phy_modes to be self-contained
    - LP: #1458042
  * dtb: change binding name to match with newer firmware DT
    - LP: #1458042
  * dtb: xgene: Add second SGMII based 1G interface node
    - LP: #1458042
  * Btrfs: make xattr replace operations atomic
    - LP: #1438501
    - CVE-2014-9710
  * cdc-acm: prevent infinite loop when parsing CDC headers.
    - LP: #1460657
  * (upstream) libata: Blacklist queued TRIM on all Samsung 800-series
    - LP: #1338706, #1449005
  * ahci: avoton port-disable reset-quirk
    - LP: #1458617
  * xfs: avoid false quotacheck after unclean shutdown
    - LP: #1461730
  * (upstream)[SCSI] Add timeout to avoid infinite command retry
    - LP: #1449372
  * (upstream)scsi_lib: remove the description string in
    scsi_io_completion()
    - LP: #1449372
  * udf: Remove repeated loads blocksize
    - LP: #1462173
    - CVE-2015-4167
  * udf: Check length of extended attributes and allocation descriptors
    - LP: #1462173
    - CVE-2015-4167
  * vfs: read file_handle only once in handle_to_path
    - LP: #1416503
    - CVE-2015-1420
  * ozwpan: Use unsigned ints to prevent heap overflow
    - LP: #1463442
    - CVE-2015-4001
  * ozwpan: divide-by-zero leading to panic
    - LP: #1463445
    - CVE-2015-4003
  * ozwpan: Use proper check to prevent heap overflow
    - LP: #1463444
    - CVE-2015-4002
  * ozwpan: unchecked signed subtraction leads to DoS
    - LP: #1463444
    - CVE-2015-4002
  * Input: elantech - add new icbody type
    - LP: #1464490
  * Bluetooth: ath3k: Add support Atheros AR5B195 combo Mini PCIe card
    - LP: #1465796
  * power_supply: twl4030_madc: Check return value of power_supply_register
    - LP: #1465796
  * power_supply: lp8788-charger: Fix leaked power supply on probe fail
    - LP: #1465796
  * ARM: dts: dove: Fix uart[23] reg property
    - LP: #1465796
  * xtensa: xtfpga: fix hardware lockup caused by LCD driver
    - LP: #1465796
  * Drivers: hv: vmbus: Fix a bug in the error path in vmbus_open()
    - LP: #1465796
  * xtensa: provide __NR_sync_file_range2 instead of __NR_sync_file_range
    - LP: #1465796
  * KVM: s390: Zero out current VMDB of STSI before including level3 data.
    - LP: #1465796
  * usb: musb: core: fix TX/RX endpoint order
    - LP: #1465796
  * drm/radeon: fix doublescan modes (v2)
    - LP: #1465796
  * usb: phy: Find the right match in devm_usb_phy_match
    - LP: #1465796
  * tools lib traceevent kbuffer: Rem...

Read more...

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (20.3 KiB)

This bug was fixed in the package linux-lts-utopic - 3.16.0-43.58~14.04.1

---------------
linux-lts-utopic (3.16.0-43.58~14.04.1) trusty; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1466983

  [ Brad Figg ]

  * Merged back Ubuntu-3.16.0-41.57 regression fix for security release

linux (3.16.0-42.56) utopic; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1465714

  [ Chris J Arges ]

  * [config] CONFIG_IPMI_POWERNV=m on ppc64el
    - LP: #1439562

  [ Luis Henriques ]

  * [Config] Disable CONFIG_USB_OTG
    - LP: #1411295

  [ Upstream Kernel Changes ]

  * Revert "i2c: Mark adapter devices with pm_runtime_no_callbacks"
    - LP: #1465613
  * Revert "mm/hugetlb: use pmd_page() in follow_huge_pmd()"
    - LP: #1465613
  * cdc-acm: prevent infinite loop when parsing CDC headers.
    - LP: #1460657
  * drivers/char/ipmi: Add powernv IPMI driver
    - LP: #1439562
  * powerpc/powernv: Add OPAL IPMI interface
    - LP: #1439562
  * powerpc/powernv: Support OPAL requested heartbeat
    - LP: #1439562
  * powerpc/kernel: Make syscall_exit a local label
    - LP: #1439562
  * powerpc: Remove old compile time disabled syscall tracing code
    - LP: #1439562
  * powerpc/powernv: Remove "opal" prefix from pr_xxx()s
    - LP: #1439562
  * powerpc/powernv: Separate function for OPAL IRQ setup
    - LP: #1439562
  * powerpc/powernv: Add OPAL message notifier unregister function
    - LP: #1439562
  * device: Add dev_of_node() accessor
    - LP: #1439562
  * drivers/core/of: Add symlink to device-tree from devices with an OF
    node
    - LP: #1439562
  * powerpc: Add a proper syscall for switching endianness
    - LP: #1439562
  * (upstream) libata: Blacklist queued TRIM on all Samsung 800-series
    - LP: #1338706, #1449005
  * ahci: avoton port-disable reset-quirk
    - LP: #1458617
  * udf: Remove repeated loads blocksize
    - LP: #1462173
    - CVE-2015-4167
  * udf: Check length of extended attributes and allocation descriptors
    - LP: #1462173
    - CVE-2015-4167
  * (upstream)scsi_lib: remove the description string in
    scsi_io_completion()
    - LP: #1449372
  * vfs: read file_handle only once in handle_to_path
    - LP: #1416503
    - CVE-2015-1420
  * ozwpan: Use unsigned ints to prevent heap overflow
    - LP: #1463442
    - CVE-2015-4001
  * ozwpan: divide-by-zero leading to panic
    - LP: #1463445
    - CVE-2015-4003
  * ozwpan: Use proper check to prevent heap overflow
    - LP: #1463444
    - CVE-2015-4002
  * ozwpan: unchecked signed subtraction leads to DoS
    - LP: #1463444
    - CVE-2015-4002
  * net: eth: xgene: devm_ioremap() returns NULL on error
    - LP: #1458042
  * drivers: net: xgene: fix new firmware backward compatibility with older
    driver
    - LP: #1458042
  * drivers: net: xgene: constify of_device_id array
    - LP: #1458042
  * drivers: net: xgene: Add second SGMII based 1G interface
    - LP: #1458042
  * dtb: change binding name to match with newer firmware DT
    - LP: #1458042
  * dtb: xgene: Add second SGMII based 1G interface node
    - LP: #1458042
  * mlx4: Fix tx ring affinity_mask creation
    - LP: #1465613
  * net/mlx4_en: Schedule napi when RX buffer...

Changed in linux-lts-utopic (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (8.5 KiB)

This bug was fixed in the package linux-lts-vivid - 3.19.0-22.22~14.04.1

---------------
linux-lts-vivid (3.19.0-22.22~14.04.1) trusty; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1465907

  [ Tai Nguyen ]

  * SAUCE: power: reset: Add syscon reboot device node for APM X-Gene
    platform
    - LP: #1463211

  [ Upstream Kernel Changes ]

  * Revert "dm crypt: fix deadlock when async crypto algorithm returns
    -EBUSY"
    - LP: #1465696
  * Bluetooth: ath3k: Add a new ID 0cf3:e006 to ath3k list
    - LP: #1459934
  * cdc-acm: prevent infinite loop when parsing CDC headers.
    - LP: #1460657
  * (upstream) libata: Blacklist queued TRIM on all Samsung 800-series
    - LP: #1338706, #1449005
  * powerpc/powernv: Check image loaded or not before calling flash
    - LP: #1461553
  * ahci: avoton port-disable reset-quirk
    - LP: #1458617
  * Bluetooth: btusb: support public address configuration for ath3012
    - LP: #1459937
  * Bluetooth: btusb: Add setup callback for chip init on USB
    - LP: #1459937
  * Bluetooth: btusb: Add support for QCA ROME chipset family
    - LP: #1459937
  * Bluetooth: btusb: Fix incorrect type in qca_device_info
    - LP: #1459937
  * Bluetooth: btusb: Fix minor whitespace issue in QCA ROME device entries
    - LP: #1459937
  * Bluetooth: btusb: Add support for 0cf3:e007
    - LP: #1459937
  * storvsc: Set the SRB flags correctly when no data transfer is needed
    - LP: #1439780
  * vfs: read file_handle only once in handle_to_path
    - LP: #1416503
    - CVE-2015-1420
  * ozwpan: Use unsigned ints to prevent heap overflow
    - LP: #1463442
    - CVE-2015-4001
  * ozwpan: divide-by-zero leading to panic
    - LP: #1463445
    - CVE-2015-4003
  * ozwpan: Use proper check to prevent heap overflow
    - LP: #1463444
    - CVE-2015-4002
  * ozwpan: unchecked signed subtraction leads to DoS
    - LP: #1463444
    - CVE-2015-4002
  * enclosure: fix WARN_ON removing an adapter in multi-path devices
    - LP: #1415178
  * ASoC: tfa9879: Fix return value check in tfa9879_i2c_probe()
    - LP: #1465696
  * ASoC: samsung: s3c24xx-i2s: Fix return value check in
    s3c24xx_iis_dev_probe()
    - LP: #1465696
  * ASoC: dapm: Enable autodisable on SOC_DAPM_SINGLE_TLV_AUTODISABLE
    - LP: #1465696
  * ASoC: rt5677: add register patch for PLL
    - LP: #1465696
  * btrfs: unlock i_mutex after attempting to delete subvolume during send
    - LP: #1465696
  * ALSA: hda - Fix mute-LED fixed mode
    - LP: #1465696
  * ALSA: hda - Add mute-LED mode control to Thinkpad
    - LP: #1465696
  * arm64: dma-mapping: always clear allocated buffers
    - LP: #1465696
  * ALSA: emu10k1: Fix card shortname string buffer overflow
    - LP: #1465696
  * ALSA: emux: Fix mutex deadlock at unloading
    - LP: #1465696
  * drm/radeon: Use drm_calloc_ab for CS relocs
    - LP: #1465696
  * drm/radeon: adjust pll when audio is not enabled
    - LP: #1465696
  * drm/radeon: add SI DPM quirk for Sapphire R9 270 Dual-X 2G GDDR5
    - LP: #1465696
  * drm/radeon: fix lockup when BOs aren't part of the VM on release
    - LP: #1465696
  * drm/radeon: reset BOs address after clearing it.
    - LP: #1465696
  * drm/radeon: check n...

Read more...

Changed in linux-lts-vivid (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (9.2 KiB)

This bug was fixed in the package linux-lts-trusty - 3.13.0-57.95~precise1

---------------
linux-lts-trusty (3.13.0-57.95~precise1) precise; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1466938

  [ Brad Figg ]

  * Merged back Ubuntu-3.13.0-55.94 regression fix for security release

linux (3.13.0-56.93) trusty; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1465798

  [ Upstream Kernel Changes ]

  * net: eth: xgene: devm_ioremap() returns NULL on error
    - LP: #1458042
  * drivers: net: xgene: fix new firmware backward compatibility with older
    driver
    - LP: #1458042
  * drivers: net: xgene: constify of_device_id array
    - LP: #1458042
  * drivers: net: xgene: Add second SGMII based 1G interface
    - LP: #1458042
  * net: phy: re-design phy_modes to be self-contained
    - LP: #1458042
  * dtb: change binding name to match with newer firmware DT
    - LP: #1458042
  * dtb: xgene: Add second SGMII based 1G interface node
    - LP: #1458042
  * Btrfs: make xattr replace operations atomic
    - LP: #1438501
    - CVE-2014-9710
  * cdc-acm: prevent infinite loop when parsing CDC headers.
    - LP: #1460657
  * (upstream) libata: Blacklist queued TRIM on all Samsung 800-series
    - LP: #1338706, #1449005
  * ahci: avoton port-disable reset-quirk
    - LP: #1458617
  * xfs: avoid false quotacheck after unclean shutdown
    - LP: #1461730
  * (upstream)[SCSI] Add timeout to avoid infinite command retry
    - LP: #1449372
  * (upstream)scsi_lib: remove the description string in
    scsi_io_completion()
    - LP: #1449372
  * udf: Remove repeated loads blocksize
    - LP: #1462173
    - CVE-2015-4167
  * udf: Check length of extended attributes and allocation descriptors
    - LP: #1462173
    - CVE-2015-4167
  * vfs: read file_handle only once in handle_to_path
    - LP: #1416503
    - CVE-2015-1420
  * ozwpan: Use unsigned ints to prevent heap overflow
    - LP: #1463442
    - CVE-2015-4001
  * ozwpan: divide-by-zero leading to panic
    - LP: #1463445
    - CVE-2015-4003
  * ozwpan: Use proper check to prevent heap overflow
    - LP: #1463444
    - CVE-2015-4002
  * ozwpan: unchecked signed subtraction leads to DoS
    - LP: #1463444
    - CVE-2015-4002
  * Input: elantech - add new icbody type
    - LP: #1464490
  * Bluetooth: ath3k: Add support Atheros AR5B195 combo Mini PCIe card
    - LP: #1465796
  * power_supply: twl4030_madc: Check return value of power_supply_register
    - LP: #1465796
  * power_supply: lp8788-charger: Fix leaked power supply on probe fail
    - LP: #1465796
  * ARM: dts: dove: Fix uart[23] reg property
    - LP: #1465796
  * xtensa: xtfpga: fix hardware lockup caused by LCD driver
    - LP: #1465796
  * Drivers: hv: vmbus: Fix a bug in the error path in vmbus_open()
    - LP: #1465796
  * xtensa: provide __NR_sync_file_range2 instead of __NR_sync_file_range
    - LP: #1465796
  * KVM: s390: Zero out current VMDB of STSI before including level3 data.
    - LP: #1465796
  * usb: musb: core: fix TX/RX endpoint order
    - LP: #1465796
  * drm/radeon: fix doublescan modes (v2)
    - LP: #1465796
  * usb: phy: Find the right match in devm_usb_phy_match
    - LP: #1465...

Read more...

Changed in linux-lts-trusty (Ubuntu Precise):
status: Fix Committed → Fix Released
no longer affects: linux-lts-trusty (Ubuntu Utopic)
no longer affects: linux-armadaxp (Ubuntu Utopic)
no longer affects: linux-ec2 (Ubuntu Utopic)
no longer affects: linux-goldfish (Ubuntu Utopic)
no longer affects: linux-lts-saucy (Ubuntu Utopic)
no longer affects: linux-lts-quantal (Ubuntu Utopic)
no longer affects: linux-mvl-dove (Ubuntu Utopic)
no longer affects: linux-ti-omap4 (Ubuntu Utopic)
no longer affects: linux-lts-vivid (Ubuntu Utopic)
no longer affects: linux (Ubuntu Utopic)
no longer affects: linux-mako (Ubuntu Utopic)
no longer affects: linux-fsl-imx51 (Ubuntu Utopic)
no longer affects: linux-lts-utopic (Ubuntu Utopic)
no longer affects: linux-flo (Ubuntu Utopic)
no longer affects: linux-lts-raring (Ubuntu Utopic)
no longer affects: linux-manta (Ubuntu Utopic)
Steve Beattie (sbeattie)
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Invalid
Steve Beattie (sbeattie)
Changed in linux-lts-wily (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Medium
Steve Beattie (sbeattie)
Changed in linux-raspi2 (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Medium
Steve Beattie (sbeattie)
Changed in linux-raspi2 (Ubuntu Xenial):
status: Invalid → Fix Committed
Steve Beattie (sbeattie)
Changed in linux-lts-xenial (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Trusty):
status: New → Fix Committed
importance: Undecided → Medium
Steve Beattie (sbeattie)
Changed in linux-manta (Ubuntu Xenial):
status: New → Invalid
Rolf Leggewie (r0lf)
Changed in linux-lts-backport-maverick (Ubuntu Utopic):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Utopic):
status: New → Won't Fix
Steve Beattie (sbeattie)
Changed in linux-snapdragon (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Yakkety):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Revision history for this message
Andy Whitcroft (apw) wrote : Closing unsupported series nomination.

This bug was nominated against a series that is no longer supported, ie vivid. The bug task representing the vivid nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux-flo (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-mako (Ubuntu Vivid):
status: New → Won't Fix
Revision history for this message
Steve Langasek (vorlon) wrote :

The Precise Pangolin has reached end of life, so this bug will not be fixed for that release

Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.