Ubuntu
linux-lts-trusty package

CVE-2015-8709

  1. Precise (12.04)
  2. Bug #1527374
Bug #1527374 reported by Serge Hallyn
280
This bug affects 2 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Medium
Unassigned
Nominated for Yakkety by Steve Beattie
Precise
Invalid
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Vivid
Fix Released
Medium
Unassigned
Wily
Fix Released
Medium
Unassigned
Xenial
Fix Released
Medium
Unassigned
linux-armadaxp (Ubuntu)
Confirmed
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-flo (Ubuntu)
Confirmed
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-goldfish (Ubuntu)
Confirmed
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-lts-quantal (Ubuntu)
Won't Fix
Medium
Unassigned
Nominated for Yakkety by Steve Beattie
linux-lts-raring (Ubuntu)
Won't Fix
Medium
Unassigned
Nominated for Yakkety by Steve Beattie
linux-lts-saucy (Ubuntu)
Won't Fix
Medium
Unassigned
Nominated for Yakkety by Steve Beattie
linux-lts-trusty (Ubuntu)
Precise
Fix Released
Medium
Unassigned
linux-lts-utopic (Ubuntu)
Fix Released
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-lts-vivid (Ubuntu)
Fix Released
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-lts-wily (Ubuntu)
Fix Released
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-lts-xenial (Ubuntu)
New
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-mako (Ubuntu)
Confirmed
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-manta (Ubuntu)
Confirmed
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-raspi2 (Ubuntu)
Fix Released
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-snapdragon (Ubuntu)
New
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie
linux-ti-omap4 (Ubuntu)
Confirmed
Undecided
Unassigned
Nominated for Yakkety by Steve Beattie

Bug Description

** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here."

Break-Fix: - local-2015-8709

See original description
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

The kernel patch to fix this is at https://lkml.org/lkml/2015/12/12/259

Revision history for this message
Kamal Mostafa (kamalmostafa) wrote :
Brad Figg (brad-figg)
no longer affects: lxd (Ubuntu Xenial)
no longer affects: lxd (Ubuntu Wily)
no longer affects: lxd (Ubuntu Vivid)
no longer affects: lxd (Ubuntu Trusty)
no longer affects: lxc (Ubuntu Xenial)
no longer affects: lxc (Ubuntu Wily)
no longer affects: lxc (Ubuntu Vivid)
no longer affects: lxc (Ubuntu Trusty)
Brad Figg (brad-figg)
no longer affects: lxd (Ubuntu Precise)
no longer affects: lxc (Ubuntu Precise)
no longer affects: linux-lts-wily (Ubuntu Precise)
no longer affects: linux-lts-vivid (Ubuntu Precise)
no longer affects: linux-lts-utopic (Ubuntu Precise)
Steve Beattie (sbeattie)
Changed in linux-lts-trusty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux (Ubuntu Vivid):
importance: Undecided → Medium
description: updated
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.2.0-22.27

---------------
linux (4.2.0-22.27) wily; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1527391

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

linux (4.2.0-22.26) wily; urgency=low

  [ Upstream Kernel Changes ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen-scsiback: safely copy requests
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Kamal Mostafa <email address hidden> Thu, 17 Dec 2015 12:54:53 -0800

Changed in linux (Ubuntu Wily):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.19.0-42.48

---------------
linux (3.19.0-42.48) vivid; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1527393

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

linux (3.19.0-42.47) vivid; urgency=low

  [ Upstream Kernel Changes ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen-scsiback: safely copy requests
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Kamal Mostafa <email address hidden> Thu, 17 Dec 2015 13:03:51 -0800

Changed in linux (Ubuntu Vivid):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.13.0-74.118

---------------
linux (3.13.0-74.118) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1527404

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

linux (3.13.0-74.117) trusty; urgency=low

  [ Upstream Kernel Changes ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Kamal Mostafa <email address hidden> Thu, 17 Dec 2015 13:06:31 -0800

Changed in linux (Ubuntu Trusty):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-utopic - 3.16.0-57.77~14.04.1

---------------
linux-lts-utopic (3.16.0-57.77~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1527409

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

linux-lts-utopic (3.16.0-57.76~14.04.1) trusty; urgency=low

  [ Upstream Kernel Changes ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Kamal Mostafa <email address hidden> Thu, 17 Dec 2015 15:01:30 -0800

Changed in linux-lts-utopic (Ubuntu):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-trusty - 3.13.0-74.118~precise1

---------------
linux-lts-trusty (3.13.0-74.118~precise1) precise; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1527467

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

linux (3.13.0-74.117) trusty; urgency=low

  [ Upstream Kernel Changes ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Luis Henriques <email address hidden> Fri, 18 Dec 2015 10:10:21 +0000

Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-raspi2 - 4.2.0-1017.24

---------------
linux-raspi2 (4.2.0-1017.24) wily; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1527537
  * rebased on Ubuntu-4.2.0-21.25

  [ Ubuntu: 4.2.0-22.27 ]

  * Release Tracking Bug
    - LP: #1527391
  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

  [ Ubuntu: 4.2.0-22.26 ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen-scsiback: safely copy requests
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Luis Henriques <email address hidden> Fri, 18 Dec 2015 10:37:58 +0000

Changed in linux-raspi2 (Ubuntu):
status: New → Fix Released
status: New → Fix Released
John Johansen (jjohansen)
information type: Private Security → Public Security
Ubuntu Foundations Team Bug Bot (crichton)
tags: added: patch
Revision history for this message
Brad Figg (brad-figg) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1527374

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote : Re: privilege escalation on attach through ptrace

This bug was fixed in the package linux-lts-vivid - 3.19.0-42.48~14.04.1

---------------
linux-lts-vivid (3.19.0-42.48~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1527519

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

linux (3.19.0-42.47) vivid; urgency=low

  [ Upstream Kernel Changes ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen-scsiback: safely copy requests
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Luis Henriques <email address hidden> Fri, 18 Dec 2015 09:59:09 +0000

Changed in linux-lts-vivid (Ubuntu):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-wily - 4.2.0-22.27~14.04.1

---------------
linux-lts-wily (4.2.0-22.27~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1527538

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

linux (4.2.0-22.26) wily; urgency=low

  [ Upstream Kernel Changes ]

  * xen: Add RING_COPY_REQUEST()
    - CVE-2015-8550
  * xen-netback: don't use last request to determine minimum Tx credit
    - CVE-2015-8550
  * xen-netback: use RING_COPY_REQUEST() throughout
    - CVE-2015-8550
  * xen-blkback: only read request operation from shared ring once
    - CVE-2015-8550
  * xen-blkback: read from indirect descriptors only once
    - CVE-2015-8550
  * xen-scsiback: safely copy requests
    - CVE-2015-8550
  * xen/pciback: Save xen_pci_op commands before processing it
    - CVE-2015-8550
  * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
    or MSI-X enabled
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Do not install an IRQ handler for MSI interrupts.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
    MSI(X) enabled.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
  * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
    - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553

 -- Luis Henriques <email address hidden> Fri, 18 Dec 2015 10:27:07 +0000

Changed in linux-lts-wily (Ubuntu):
status: New → Fix Released
status: New → Fix Released
Stéphane Graber (stgraber)
no longer affects: lxd (Ubuntu)
Revision history for this message
Steve Beattie (sbeattie) wrote :

Mitre assigned CVE-2015-8709 for this issue.

Andy Whitcroft (apw)
Changed in linux (Ubuntu Xenial):
status: Incomplete → Fix Committed
Mathew Hodson (mhodson)
summary: - privilege escalation on attach through ptrace
+ CVE-2015-8709
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-armadaxp (Ubuntu):
status: New → Confirmed
Changed in linux-flo (Ubuntu):
status: New → Confirmed
Changed in linux-goldfish (Ubuntu):
status: New → Confirmed
Changed in linux-lts-quantal (Ubuntu):
status: New → Confirmed
Changed in linux-lts-raring (Ubuntu):
status: New → Confirmed
Changed in linux-lts-saucy (Ubuntu):
status: New → Confirmed
Changed in linux-lts-trusty (Ubuntu):
status: New → Confirmed
Changed in linux-mako (Ubuntu):
status: New → Confirmed
Changed in linux-manta (Ubuntu):
status: New → Confirmed
Changed in linux-ti-omap4 (Ubuntu):
status: New → Confirmed
Changed in lxc (Ubuntu):
status: New → Confirmed
Mathew Hodson (mhodson)
tags: added: kernel-cve-tracking-bug
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.3.0-6.17

---------------
linux (4.3.0-6.17) xenial; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1532958

  [ Eric Dumazet ]

  * SAUCE: (noup) net: fix IP early demux races
    - LP: #1526946

  [ Guilherme G. Piccoli ]

  * SAUCE: powerpc/eeh: Validate arch in eeh_add_device_early()
    - LP: #1486180

  [ Hui Wang ]

  * [Config] CONFIG_I2C_DESIGNWARE_BAYTRAIL=y, CONFIG_IOSF_MBI=y
    - LP: #1527096

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

  [ Serge Hallyn ]

  * SAUCE: add a sysctl to disable unprivileged user namespace unsharing

  [ Tim Gardner ]

  * [Config] CONFIG_ZONE_DEVICE=y for amd64
  * [Config] CONFIG_VIRTIO_BLK=y, CONFIG_VIRTIO_NET=y for s390
    - LP: #1532886

  [ Upstream Kernel Changes ]

  * rhashtable: Fix walker list corruption
    - LP: #1526811
  * rhashtable: Kill harmless RCU warning in rhashtable_walk_init
    - LP: #1526811
  * ovl: fix permission checking for setattr
    - LP: #1528904
    - CVE-2015-8660

 -- Tim Gardner <email address hidden> Thu, 17 Dec 2015 05:34:47 -0700

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Steve Beattie (sbeattie)
description: updated
Mathew Hodson (mhodson)
no longer affects: linux-lts-trusty (Ubuntu)
Changed in linux-lts-quantal (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Won't Fix
Changed in linux-lts-raring (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Won't Fix
Changed in linux-lts-saucy (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Won't Fix
Steve Beattie (sbeattie)
description: updated
Stéphane Graber (stgraber)
no longer affects: lxc (Ubuntu)
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.