CVE-2016-4565

Bug #1580372 reported by Steve Beattie on 2016-05-10
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-armadaxp (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-flo (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-goldfish (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-quantal (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-raring (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-saucy (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-trusty (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-utopic (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-vivid (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-wily (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-lts-xenial (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-mako (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-manta (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-raspi2 (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-snapdragon (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Undecided
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned

Bug Description

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

Break-Fix: - e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3

Steve Beattie (sbeattie) wrote :

CVE-2016-4565

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-lts-trusty (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Trusty):
status: New → Invalid
Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Wily):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Xenial):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Trusty):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Wily):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Xenial):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
Changed in linux-manta (Ubuntu Xenial):
status: New → Invalid
Changed in linux-manta (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Precise):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Wily):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Trusty):
status: New → Invalid
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
description: updated
Changed in linux-lts-trusty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Trusty):
importance: Undecided → Medium
Steve Beattie (sbeattie) on 2016-05-10
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Steve Beattie (sbeattie) on 2016-05-19
Changed in linux-lts-wily (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux (Ubuntu Wily):
status: New → Fix Committed
Changed in linux-lts-xenial (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-lts-vivid (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-raspi2 (Ubuntu Wily):
status: New → Fix Committed
Changed in linux-raspi2 (Ubuntu Xenial):
status: New → Fix Committed
Steve Beattie (sbeattie) on 2016-05-23
Changed in linux (Ubuntu Yakkety):
status: New → Fix Committed
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux (Ubuntu Precise):
status: Fix Committed → New
Changed in linux (Ubuntu Trusty):
status: Fix Committed → New
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-lts-utopic (Ubuntu Trusty):
status: New → Fix Committed
Steve Beattie (sbeattie) on 2016-05-31
description: updated
Launchpad Janitor (janitor) wrote :
Download full text (4.0 KiB)

This bug was fixed in the package linux - 3.13.0-91.138

---------------
linux (3.13.0-91.138) trusty; urgency=medium

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1595991

  [ Upstream Kernel Changes ]

  * netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (3.13.0-90.137) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1595693

  [ Serge Hallyn ]

  * SAUCE: add a sysctl to disable unprivileged user namespace unsharing
    - LP: #1555338, #1595350

linux (3.13.0-89.136) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1591315

  [ Kamal Mostafa ]

  * [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

  [ Stefan Bader ]

  * SAUCE: powerpc/powernv: Fix incomplete backport of 8117ac6
    - LP: #1589910

  [ Tim Gardner ]

  * [Config] Remove arc4 from nic-modules
    - LP: #1582991

  [ Upstream Kernel Changes ]

  * KVM: x86: move steal time initialization to vcpu entry time
    - LP: #1494350
  * lpfc: Fix premature release of rpi bit in bitmask
    - LP: #1580560
  * lpfc: Correct loss of target discovery after cable swap.
    - LP: #1580560
  * mm/balloon_compaction: redesign ballooned pages management
    - LP: #1572562
  * mm/balloon_compaction: fix deflation when compaction is disabled
    - LP: #1572562
  * bridge: Fix the way to find old local fdb entries in br_fdb_changeaddr
    - LP: #1581585
  * bridge: notify user space after fdb update
    - LP: #1581585
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
   ...

Read more...

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (3.5 KiB)

This bug was fixed in the package linux-lts-utopic - 3.16.0-76.98~14.04.1

---------------
linux-lts-utopic (3.16.0-76.98~14.04.1) trusty; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1596019

  [ Upstream Kernel Changes ]

  * netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux-lts-utopic (3.16.0-75.97~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1595703

  [ Serge Hallyn ]

  * SAUCE: add a sysctl to disable unprivileged user namespace unsharing
    - LP: #1555338, #1595350

linux-lts-utopic (3.16.0-74.96~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1591324

  [ Kamal Mostafa ]

  * [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

  [ Tim Gardner ]

  * [Config] Remove arc4 from nic-modules
    - LP: #1582991

  [ Upstream Kernel Changes ]

  * Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864
  * mm/balloon_compaction: redesign ballooned pages management
    - LP: #1572562
  * mm/balloon_compaction: fix deflation when compaction is disabled
    - LP: #1572562
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_rid...

Read more...

Changed in linux-lts-utopic (Ubuntu Trusty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.2.0-105.146

---------------
linux (3.2.0-105.146) precise; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1591329

  [ Kamal Mostafa ]

  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

  [ Upstream Kernel Changes ]

  * ppp: take reference on channels netns
    - LP: #1583963
    - CVE-2016-4805
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * USB: usbfs: fix potential infoleak in devio
    - LP: #1578493
    - CVE-2016-4482
  * IB/security: Restrict use of the write() interface
    - LP: #1580372
    - CVE-2016-4565
  * usbnet: cleanup after bind() in probe()
    - LP: #1567191
    - CVE-2016-3951

 -- Kamal Mostafa <email address hidden> Fri, 10 Jun 2016 12:12:23 -0700

Changed in linux (Ubuntu Precise):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ti-omap4 - 3.2.0-1483.110

---------------
linux-ti-omap4 (3.2.0-1483.110) precise; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1591435

  [ Ubuntu: 3.2.0-105.146 ]

  * Release Tracking Bug
    - LP: #1591329
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890
  * ppp: take reference on channels netns
    - LP: #1583963
    - CVE-2016-4805
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * USB: usbfs: fix potential infoleak in devio
    - LP: #1578493
    - CVE-2016-4482
  * IB/security: Restrict use of the write() interface
    - LP: #1580372
    - CVE-2016-4565
  * usbnet: cleanup after bind() in probe()
    - LP: #1567191
    - CVE-2016-3951

 -- Kamal Mostafa <email address hidden> Mon, 13 Jun 2016 10:42:12 -0700

Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-armadaxp - 3.2.0-1668.93

---------------
linux-armadaxp (3.2.0-1668.93) precise; urgency=low

  [ Ike Panhc ]

  * Release Tracking Bug
    - LP: #1591436
  * Rebase to Ubuntu-3.2.0-105.146

  [ Ubuntu: 3.2.0-105.146 ]

  * Release Tracking Bug
    - LP: #1591329
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890
  * ppp: take reference on channels netns
    - LP: #1583963
    - CVE-2016-4805
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * USB: usbfs: fix potential infoleak in devio
    - LP: #1578493
    - CVE-2016-4482
  * IB/security: Restrict use of the write() interface
    - LP: #1580372
    - CVE-2016-4565
  * usbnet: cleanup after bind() in probe()
    - LP: #1567191
    - CVE-2016-3951

 -- Ike Panhc <email address hidden> Mon, 13 Jun 2016 15:18:37 +0800

Changed in linux-armadaxp (Ubuntu Precise):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (4.0 KiB)

This bug was fixed in the package linux-lts-trusty - 3.13.0-91.138~precise1

---------------
linux-lts-trusty (3.13.0-91.138~precise1) precise; urgency=medium

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1596012

  [ Upstream Kernel Changes ]

  * netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (3.13.0-90.137) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1595693

  [ Serge Hallyn ]

  * SAUCE: add a sysctl to disable unprivileged user namespace unsharing
    - LP: #1555338, #1595350

linux (3.13.0-89.136) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1591315

  [ Kamal Mostafa ]

  * [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

  [ Stefan Bader ]

  * SAUCE: powerpc/powernv: Fix incomplete backport of 8117ac6
    - LP: #1589910

  [ Tim Gardner ]

  * [Config] Remove arc4 from nic-modules
    - LP: #1582991

  [ Upstream Kernel Changes ]

  * KVM: x86: move steal time initialization to vcpu entry time
    - LP: #1494350
  * lpfc: Fix premature release of rpi bit in bitmask
    - LP: #1580560
  * lpfc: Correct loss of target discovery after cable swap.
    - LP: #1580560
  * mm/balloon_compaction: redesign ballooned pages management
    - LP: #1572562
  * mm/balloon_compaction: fix deflation when compaction is disabled
    - LP: #1572562
  * bridge: Fix the way to find old local fdb entries in br_fdb_changeaddr
    - LP: #1581585
  * bridge: notify user space after fdb update
    - LP: #1581585
  * ALSA: timer:...

Read more...

Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Fix Released

This bug was nominated against a series that is no longer supported, ie yakkety. The bug task representing the yakkety nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu Yakkety):
status: Fix Committed → Won't Fix
Andy Whitcroft (apw) wrote :

This bug was nominated against a series that is no longer supported, ie vivid. The bug task representing the vivid nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-armadaxp (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-flo (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-lts-saucy (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-lts-trusty (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-lts-utopic (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-lts-vivid (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-mako (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-raspi2 (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw) on 2017-10-17
Changed in linux-ti-omap4 (Ubuntu Vivid):
status: New → Won't Fix
Po-Hsu Lin (cypressyew) on 2019-10-03
Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers