CVE-2014-0196

Bug #1314762 reported by John Johansen on 2014-04-30
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-armadaxp (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-ec2 (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-flo (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-fsl-imx51 (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-goldfish (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-lts-quantal (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-lts-raring (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-lts-saucy (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-lts-trusty (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-lts-utopic (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-lts-vivid (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-lts-wily (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-lts-xenial (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Undecided
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-mako (Ubuntu)
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-manta (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-mvl-dove (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-raspi2 (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-snapdragon (Ubuntu)
Undecided
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Undecided
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned
linux-ti-omap4 (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned
Trusty
Critical
Unassigned
Vivid
Critical
Unassigned
Wily
Critical
Unassigned
Xenial
Critical
Unassigned

Bug Description

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Break-Fix: d945cb9cce20ac7143c2de8d88b187f62db99bdc 4291086b1f081b869c6d79e5b7441633dc3ace00

Marc Deslauriers (mdeslaur) wrote :

NOTE: This issue is EMBARGOED until May 5th. Do not talk about or commit fixes for this issue to any public repository before then!

description: updated
Changed in linux-armadaxp (Ubuntu):
status: New → Invalid
status: Invalid → New
information type: Private Security → Public Security
no longer affects: linux-armadaxp (Ubuntu)
no longer affects: linux-armadaxp (Ubuntu)
no longer affects: linux-ec2 (Ubuntu)
no longer affects: linux-lts-quantal (Ubuntu)
no longer affects: linux-lts-saucy (Ubuntu)
no longer affects: linux-mvl-dove (Ubuntu)
no longer affects: linux-mvl-dove (Ubuntu)
no longer affects: linux-lts-saucy (Ubuntu)
no longer affects: linux-lts-quantal (Ubuntu)
no longer affects: linux-ec2 (Ubuntu)
no longer affects: linux-armadaxp (Ubuntu)
no longer affects: linux-mvl-dove (Ubuntu)
no longer affects: linux-lts-saucy (Ubuntu)
no longer affects: linux-lts-quantal (Ubuntu)
no longer affects: linux-ec2 (Ubuntu)
no longer affects: linux-armadaxp (Ubuntu)
no longer affects: linux (Ubuntu)
description: updated

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1314762

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
tags: added: kernel-cve-tracking-bug
summary: - n_tty_write crash when echoing in raw mode
+ CVE-2014-0196
Changed in linux (Ubuntu):
status: Incomplete → New
no longer affects: linux-ti-omap4 (Ubuntu)
no longer affects: linux-lts-raring (Ubuntu)
no longer affects: linux-lts-saucy (Ubuntu)
no longer affects: linux-mvl-dove (Ubuntu)
no longer affects: linux-lts-quantal (Ubuntu)
no longer affects: linux-fsl-imx51 (Ubuntu)
no longer affects: linux-ec2 (Ubuntu)
no longer affects: linux-armadaxp (Ubuntu)
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Invalid
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → High
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
importance: Undecided → High
Changed in linux-ec2 (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → High
Changed in linux-ec2 (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → High
Changed in linux-ec2 (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → High
Changed in linux-ec2 (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Precise):
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → High
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
importance: Undecided → High
Changed in linux-mvl-dove (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → High
Changed in linux-mvl-dove (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → High
Changed in linux-mvl-dove (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → High
Changed in linux-mvl-dove (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Precise):
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → High
Changed in linux (Ubuntu Precise):
importance: Undecided → High
Changed in linux (Ubuntu Saucy):
importance: Undecided → High
Changed in linux (Ubuntu Trusty):
importance: Undecided → High
Changed in linux (Ubuntu Lucid):
importance: Undecided → High
Changed in linux (Ubuntu Utopic):
importance: Undecided → High
Changed in linux (Ubuntu Quantal):
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Saucy):
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance: Undecided → High
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
importance: Undecided → High
Changed in linux-fsl-imx51 (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → High
Changed in linux-fsl-imx51 (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → High
Changed in linux-fsl-imx51 (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → High
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Precise):
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Saucy):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Quantal):
status: New → Invalid
importance: Undecided → High
description: updated
Changed in linux-armadaxp (Ubuntu Precise):
status: Invalid → Fix Committed
importance: High → Critical
Changed in linux-armadaxp (Ubuntu Saucy):
importance: High → Critical
Changed in linux-armadaxp (Ubuntu Trusty):
importance: High → Critical
Changed in linux-armadaxp (Ubuntu Lucid):
importance: High → Critical
Changed in linux-armadaxp (Ubuntu Utopic):
importance: High → Critical
Changed in linux-armadaxp (Ubuntu Quantal):
status: Invalid → Fix Committed
importance: High → Critical
Changed in linux-ec2 (Ubuntu Precise):
importance: High → Critical
Changed in linux-ec2 (Ubuntu Saucy):
importance: High → Critical
Changed in linux-ec2 (Ubuntu Trusty):
importance: High → Critical
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Fix Released
importance: High → Critical
Changed in linux-ec2 (Ubuntu Utopic):
importance: High → Critical
Changed in linux-ec2 (Ubuntu Quantal):
importance: High → Critical
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Fix Released
importance: High → Critical
Changed in linux-lts-quantal (Ubuntu Saucy):
importance: High → Critical
Changed in linux-lts-quantal (Ubuntu Trusty):
importance: High → Critical
Changed in linux-lts-quantal (Ubuntu Lucid):
importance: High → Critical
Changed in linux-lts-quantal (Ubuntu Utopic):
importance: High → Critical
Changed in linux-lts-quantal (Ubuntu Quantal):
importance: High → Critical
Changed in linux-mvl-dove (Ubuntu Precise):
importance: High → Critical
Changed in linux-mvl-dove (Ubuntu Saucy):
importance: High → Critical
Changed in linux-mvl-dove (Ubuntu Trusty):
importance: High → Critical
Changed in linux-mvl-dove (Ubuntu Lucid):
importance: High → Critical
Changed in linux-mvl-dove (Ubuntu Utopic):
importance: High → Critical
Changed in linux-mvl-dove (Ubuntu Quantal):
importance: High → Critical
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Fix Released
importance: High → Critical
Changed in linux-lts-saucy (Ubuntu Saucy):
importance: High → Critical
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: High → Critical
Changed in linux-lts-saucy (Ubuntu Lucid):
importance: High → Critical
Changed in linux-lts-saucy (Ubuntu Utopic):
importance: High → Critical
Changed in linux-lts-saucy (Ubuntu Quantal):
importance: High → Critical
Changed in linux (Ubuntu Precise):
status: New → Fix Released
importance: High → Critical
Changed in linux (Ubuntu Saucy):
status: New → Fix Released
importance: High → Critical
Changed in linux (Ubuntu Trusty):
status: New → Fix Released
importance: High → Critical
Changed in linux (Ubuntu Lucid):
status: New → Fix Released
importance: High → Critical
Changed in linux (Ubuntu Utopic):
importance: High → Critical
Changed in linux (Ubuntu Quantal):
status: New → Fix Released
importance: High → Critical
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Committed
importance: High → Critical
Changed in linux-ti-omap4 (Ubuntu Saucy):
status: New → Fix Committed
importance: High → Critical
Changed in linux-ti-omap4 (Ubuntu Trusty):
importance: High → Critical
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: High → Critical
Changed in linux-ti-omap4 (Ubuntu Utopic):
importance: High → Critical
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: New → Fix Committed
importance: High → Critical
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: High → Critical
Changed in linux-fsl-imx51 (Ubuntu Saucy):
importance: High → Critical
Changed in linux-fsl-imx51 (Ubuntu Trusty):
importance: High → Critical
Changed in linux-fsl-imx51 (Ubuntu Lucid):
importance: High → Critical
Changed in linux-fsl-imx51 (Ubuntu Utopic):
importance: High → Critical
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance: High → Critical
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Fix Released
importance: High → Critical
Changed in linux-lts-raring (Ubuntu Saucy):
importance: High → Critical
Changed in linux-lts-raring (Ubuntu Trusty):
importance: High → Critical
Changed in linux-lts-raring (Ubuntu Lucid):
importance: High → Critical
Changed in linux-lts-raring (Ubuntu Utopic):
importance: High → Critical
Changed in linux-lts-raring (Ubuntu Quantal):
importance: High → Critical
description: updated
description: updated
Changed in linux (Ubuntu Utopic):
status: New → Invalid
no longer affects: linux-armadaxp (Ubuntu Quantal)
no longer affects: linux-ec2 (Ubuntu Quantal)
no longer affects: linux-lts-saucy (Ubuntu Quantal)
no longer affects: linux-lts-quantal (Ubuntu Quantal)
no longer affects: linux-mvl-dove (Ubuntu Quantal)
no longer affects: linux (Ubuntu Quantal)
no longer affects: linux-fsl-imx51 (Ubuntu Quantal)
no longer affects: linux-ti-omap4 (Ubuntu Quantal)
no longer affects: linux-lts-raring (Ubuntu Quantal)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-armadaxp - 3.2.0-1633.47

---------------
linux-armadaxp (3.2.0-1633.47) precise-proposed; urgency=low

  [ Ike Panhc ]

  * Release Tracking Bug
    - LP: #1320044
  * Rebase to Ubuntu-3.2.0-63.95

  [ Ubuntu: 3.2.0-63.95 ]

  * Revert "rtlwifi: Set the link state"
    - LP: #1319735
  * Release Tracking Bug
    - re-used previous tracking bug
 -- Ike Panhc <email address hidden> Fri, 16 May 2014 11:46:55 +0800

Changed in linux-armadaxp (Ubuntu Precise):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (17.6 KiB)

This bug was fixed in the package linux-ti-omap4 - 3.2.0-1446.65

---------------
linux-ti-omap4 (3.2.0-1446.65) precise; urgency=low

  * Release Tracking Bug
    - LP: #1317327

  [ Paolo Pisati ]

  * rebased on Ubuntu-3.2.0-63.94

  [ Ubuntu: 3.2.0-63.94 ]

  * Merged back Ubuntu-3.2.0-61.93 security release
  * Revert "n_tty: Fix n_tty_write crash when echoing in raw mode"
    - LP: #1314762
  * Release Tracking Bug
    - LP: #1316703
  * SAUCE: net/ipv4: Always flush route cache on unregister batch call
    - LP: #1021471
  * ipv6: don't set DST_NOCOUNT for remotely added routes
    - LP: #1293726
    - CVE-2014-2309
  * vhost: fix total length when packets are too short
    - LP: #1312984
    - CVE-2014-0077
  * n_tty: Fix n_tty_write crash when echoing in raw mode
    - LP: #1314762
    - CVE-2014-0196
  * floppy: ignore kernel-only members in FDRAWCMD ioctl input
    - LP: #1316729
    - CVE-2014-1737
  * floppy: don't write kernel-only members to FDRAWCMD ioctl output
    - LP: #1316735
    - CVE-2014-1738

  [ Ubuntu: 3.2.0-62.93 ]

  * Release Tracking Bug
    - LP: #1313807
  * [Config] updateconfigs after Linux v3.2.57 update
  * rds: prevent dereference of a NULL device in rds_iw_laddr_check
    - LP: #1302222
    - CVE-2014-2678
  * rtlwifi: Set the link state
    - LP: #1310763
  * rtlwifi: rtl8192cu: Fix some code in RF handling
    - LP: #1310763
  * NFSv4: OPEN must handle the NFS4ERR_IO return code correctly
    - LP: #1310763
  * selinux: process labeled IPsec TCP SYN-ACK packets properly in
    selinux_ip_postroute()
    - LP: #1310763
  * parport: parport_pc: remove double PCI ID for NetMos
    - LP: #1310763
  * staging: vt6656: [BUG] BBvUpdatePreEDThreshold Always set sensitivity
    on bScanning
    - LP: #1310763
  * bfa: Chinook quad port 16G FC HBA claim issue
    - LP: #1310763
  * usb: option: add new zte 3g modem pids to option driver
    - LP: #1310763
  * dib8000: make 32 bits read atomic
    - LP: #1310763
  * serial: add support for 400 and 800 v3 series Titan cards
    - LP: #1310763
  * serial: add support for 200 v3 series Titan card
    - LP: #1310763
  * x86/efi: Fix off-by-one bug in EFI Boot Services reservation
    - LP: #1310763
  * rtc-cmos: Add an alarm disable quirk
    - LP: #1310763
  * slub: Fix calculation of cpu slabs
    - LP: #1310763
  * mtd: mxc_nand: remove duplicated ecc_stats counting
    - LP: #1310763
  * USB: pl2303: fix data corruption on termios updates
    - LP: #1310763
  * USB: serial: add support for iBall 3.5G connect usb modem
    - LP: #1310763
  * USB: Nokia 502 is an unusual device
    - LP: #1310763
  * USB: cypress_m8: fix ring-indicator detection and reporting
    - LP: #1310763
  * ALSA: rme9652: fix a missing comma in channel_map_9636_ds[]
    - LP: #1310763
  * sunrpc: Fix infinite loop in RPC state machine
    - LP: #1310763
  * SELinux: Fix memory leak upon loading policy
    - LP: #1310763
  * drm/radeon: warn users when hw_i2c is enabled (v2)
    - LP: #1310763
  * USB: ftdi_sio: added CS5 quirk for broken smartcard readers
    - LP: #1310763
  * serial: 8250: enable UART_BUG_NOMSR for Tegra
    - LP: #1310763
  * dm: wait until embedded kobject is released b...

Changed in linux-ti-omap4 (Ubuntu Precise):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (6.7 KiB)

This bug was fixed in the package linux-ti-omap4 - 3.5.0-242.58

---------------
linux-ti-omap4 (3.5.0-242.58) quantal; urgency=low

  * Release Tracking Bug
    - LP: #1317330

  [ Paolo Pisati ]

  * rebased on Ubuntu-3.5.0-51.75

  [ Ubuntu: 3.5.0-51.75 ]

  * Merged back Ubuntu-3.5.0-49.74 security release
  * Revert "n_tty: Fix n_tty_write crash when echoing in raw mode"
    - LP: #1314762
  * Release Tracking Bug
    - LP: #1317227
  * ipv6: don't set DST_NOCOUNT for remotely added routes
    - LP: #1293726
    - CVE-2014-2309
  * vhost: fix total length when packets are too short
    - LP: #1312984
    - CVE-2014-0077
  * n_tty: Fix n_tty_write crash when echoing in raw mode
    - LP: #1314762
    - CVE-2014-0196
  * floppy: ignore kernel-only members in FDRAWCMD ioctl input
    - LP: #1316729
    - CVE-2014-1737
  * floppy: don't write kernel-only members to FDRAWCMD ioctl output
    - LP: #1316735
    - CVE-2014-1738

  [ Ubuntu: 3.5.0-50.74 ]

  * Release Tracking Bug
    - LP: #1313852
  * rds: prevent dereference of a NULL device in rds_iw_laddr_check
    - LP: #1302222
    - CVE-2014-2678
  * vhost: validate vhost_get_vq_desc return value
    - LP: #1298117
    - CVE-2014-0055
  * netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages
    - LP: #1295090
    - CVE-2014-2523
  * ALSA: oxygen: Xonar DG(X): capture from I2S channel 1, not 2
    - LP: #1310783
  * ALSA: oxygen: Xonar DG(X): modify DAC routing
    - LP: #1310783
  * mac80211: fix AP powersave TX vs. wakeup race
    - LP: #1310783
  * iwlwifi: dvm: clear IWL_STA_UCODE_INPROGRESS when assoc fails
    - LP: #1310783
  * ath9k: protect tid->sched check
    - LP: #1310783
  * ath9k: Fix ETSI compliance for AR9462 2.0
    - LP: #1310783
  * genirq: Remove racy waitqueue_active check
    - LP: #1310783
  * sched: Fix double normalization of vruntime
    - LP: #1310783
  * cpuset: fix a race condition in __cpuset_node_allowed_softwall()
    - LP: #1310783
  * firewire: net: fix use after free
    - LP: #1310783
  * mwifiex: do not advertise usb autosuspend support
    - LP: #1310783
  * NFS: Fix a delegation callback race
    - LP: #1310783
  * can: flexcan: fix shutdown: first disable chip, then all interrupts
    - LP: #1310783
  * can: flexcan: flexcan_open(): fix error path if flexcan_chip_start()
    fails
    - LP: #1310783
  * tracing: Do not add event files for modules that fail tracepoints
    - LP: #1310783
  * ocfs2: fix quota file corruption
    - LP: #1310783
  * rapidio/tsi721: fix tasklet termination in dma channel release
    - LP: #1310783
  * ALSA: usb-audio: Add quirk for Logitech Webcam C500
    - LP: #1310783
  * drm/radeon: TTM must be init with cpu-visible VRAM, v2
    - LP: #1310783
  * drm/radeon/atom: select the proper number of lanes in transmitter setup
    - LP: #1310783
  * powerpc: Align p_dyn, p_rela and p_st symbols
    - LP: #1310783
  * libata: add ATA_HORKAGE_BROKEN_FPDMA_AA quirk for Seagate Momentus
    SpinPoint M8 (2BA30001)
    - LP: #1310783
  * usb: Add device quirk for Logitech HD Pro Webcams C920 and C930e
    - LP: #1310783
  * usb: Make DELAY_INIT quirk wait 100ms between Get Configuration
    requests
    - LP: #1310783
...

Read more...

Changed in linux-ti-omap4 (Ubuntu Saucy):
status: Fix Committed → Fix Released
no longer affects: linux-armadaxp (Ubuntu Saucy)
no longer affects: linux-ec2 (Ubuntu Saucy)
no longer affects: linux-lts-saucy (Ubuntu Saucy)
no longer affects: linux-lts-quantal (Ubuntu Saucy)
no longer affects: linux-mvl-dove (Ubuntu Saucy)
no longer affects: linux (Ubuntu Saucy)
no longer affects: linux-fsl-imx51 (Ubuntu Saucy)
no longer affects: linux-ti-omap4 (Ubuntu Saucy)
no longer affects: linux-lts-raring (Ubuntu Saucy)
Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Fix Released
importance: Undecided → Critical
Changed in linux-lts-trusty (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-trusty (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-trusty (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-trusty (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-utopic (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-utopic (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-utopic (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-utopic (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-flo (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-flo (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-flo (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-flo (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-goldfish (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-goldfish (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-goldfish (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-goldfish (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-mako (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-mako (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-mako (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-mako (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-manta (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-manta (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-manta (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-manta (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Critical
no longer affects: linux-lts-trusty (Ubuntu Lucid)
no longer affects: linux-armadaxp (Ubuntu Lucid)
no longer affects: linux-ec2 (Ubuntu Lucid)
no longer affects: linux-goldfish (Ubuntu Lucid)
no longer affects: linux-lts-saucy (Ubuntu Lucid)
no longer affects: linux-lts-quantal (Ubuntu Lucid)
no longer affects: linux-mvl-dove (Ubuntu Lucid)
no longer affects: linux-ti-omap4 (Ubuntu Lucid)
no longer affects: linux (Ubuntu Lucid)
no longer affects: linux-mako (Ubuntu Lucid)
no longer affects: linux-fsl-imx51 (Ubuntu Lucid)
no longer affects: linux-lts-utopic (Ubuntu Lucid)
no longer affects: linux-flo (Ubuntu Lucid)
no longer affects: linux-lts-raring (Ubuntu Lucid)
no longer affects: linux-manta (Ubuntu Lucid)
Changed in linux-lts-vivid (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-vivid (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-vivid (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-vivid (Ubuntu Utopic):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-vivid (Ubuntu Trusty):
status: New → Fix Committed
importance: Undecided → Critical
no longer affects: linux-lts-trusty (Ubuntu Utopic)
no longer affects: linux-armadaxp (Ubuntu Utopic)
no longer affects: linux-ec2 (Ubuntu Utopic)
no longer affects: linux-goldfish (Ubuntu Utopic)
no longer affects: linux-lts-saucy (Ubuntu Utopic)
no longer affects: linux-lts-quantal (Ubuntu Utopic)
no longer affects: linux-mvl-dove (Ubuntu Utopic)
no longer affects: linux-ti-omap4 (Ubuntu Utopic)
no longer affects: linux-lts-vivid (Ubuntu Utopic)
no longer affects: linux (Ubuntu Utopic)
no longer affects: linux-mako (Ubuntu Utopic)
no longer affects: linux-fsl-imx51 (Ubuntu Utopic)
no longer affects: linux-lts-utopic (Ubuntu Utopic)
no longer affects: linux-flo (Ubuntu Utopic)
no longer affects: linux-lts-raring (Ubuntu Utopic)
no longer affects: linux-manta (Ubuntu Utopic)
Steve Beattie (sbeattie) on 2015-11-10
Changed in linux-lts-wily (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-wily (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-wily (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-wily (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Steve Beattie (sbeattie) on 2015-11-16
Changed in linux-raspi2 (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-raspi2 (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-raspi2 (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-raspi2 (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Critical
Steve Beattie (sbeattie) on 2015-12-03
Changed in linux-lts-wily (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-raspi2 (Ubuntu Xenial):
status: New → Fix Committed
importance: Undecided → Critical
Steve Beattie (sbeattie) on 2016-02-10
Changed in linux-lts-xenial (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-xenial (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-xenial (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-lts-xenial (Ubuntu Trusty):
status: New → Fix Committed
importance: Undecided → Critical
Steve Beattie (sbeattie) on 2016-05-05
Changed in linux-snapdragon (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-snapdragon (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-snapdragon (Ubuntu Xenial):
status: New → Invalid
importance: Undecided → Critical
Changed in linux-snapdragon (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Critical
kirill (kirill-yalta) on 2017-05-19
information type: Public Security → Public
Steve Beattie (sbeattie) on 2017-12-07
no longer affects: linux-mako (Ubuntu Precise)
no longer affects: linux-lts-quantal (Ubuntu Vivid)
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers