CVE-2016-5244

Bug #1589041 reported by Steve Beattie
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
New
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Vivid
Fix Released
Undecided
Unassigned
Wily
New
Medium
Unassigned
Xenial
Fix Released
Medium
Unassigned
Yakkety
Won't Fix
Medium
Unassigned
linux-armadaxp (Ubuntu)
Invalid
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-flo (Ubuntu)
New
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
New
Medium
Unassigned
Xenial
New
Medium
Unassigned
Yakkety
New
Medium
Unassigned
linux-goldfish (Ubuntu)
New
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
New
Medium
Unassigned
Xenial
New
Medium
Unassigned
Yakkety
New
Medium
Unassigned
linux-lts-quantal (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-raring (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-saucy (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-trusty (Ubuntu)
Invalid
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-utopic (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
New
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-vivid (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-wily (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
New
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-lts-xenial (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-mako (Ubuntu)
New
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
New
Medium
Unassigned
Xenial
New
Medium
Unassigned
Yakkety
New
Medium
Unassigned
linux-manta (Ubuntu)
Invalid
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
New
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned
linux-raspi2 (Ubuntu)
Fix Released
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
New
Medium
Unassigned
Xenial
Fix Released
Medium
Unassigned
Yakkety
Fix Released
Medium
Unassigned
linux-snapdragon (Ubuntu)
Fix Released
Medium
Unassigned
Precise
Invalid
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Fix Released
Medium
Unassigned
Yakkety
Fix Released
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Invalid
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Trusty
Invalid
Medium
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned
Yakkety
Invalid
Medium
Unassigned

Bug Description

[rds: fix an infoleak in rds_inc_info_copy]

Revision history for this message
Steve Beattie (sbeattie) wrote :

CVE-2016-5244

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-lts-trusty (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Trusty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Wily):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Xenial):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Trusty):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Wily):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Xenial):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
Changed in linux-manta (Ubuntu Xenial):
status: New → Invalid
Changed in linux-manta (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Precise):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Wily):
status: New → Invalid
Changed in linux-snapdragon (Ubuntu Trusty):
status: New → Invalid
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Yakkety):
status: New → Invalid
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
description: updated
Changed in linux-lts-trusty (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-wily (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Steve Beattie (sbeattie)
Changed in linux-lts-raring (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-raring (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-armadaxp (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-manta (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-raspi2 (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-snapdragon (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-mako (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-goldfish (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Precise):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Xenial):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in linux-flo (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → Medium
Andy Whitcroft (apw)
Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Changed in linux (Ubuntu Vivid):
status: New → Fix Committed
Changed in linux (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-vivid - 3.19.0-68.76~14.04.1

---------------
linux-lts-vivid (3.19.0-68.76~14.04.1) trusty; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612564

  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux (3.19.0-67.75) vivid; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611250

  * CVE-2016-5828
    - powerpc/tm: Always reclaim in start_thread() for exec() class syscalls

  * CVE-2016-5829
    - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands

  * CVE-2016-5400
    - media: fix airspy usb probe error path

  * changelog: add CVEs as first class citizens (LP: #1604344)
    - avoid duplicate CVE numbers in changelog

  * CVE-2016-5728
    - misc: mic: Fix for double fetch security bug in VOP driver

  * CVE-2016-5244 (LP: #1589041)
    - rds: fix an infoleak in rds_inc_info_copy

 -- Stefan Bader <email address hidden> Fri, 12 Aug 2016 12:10:44 +0200

Changed in linux-lts-vivid (Ubuntu Trusty):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.4 KiB)

This bug was fixed in the package linux - 4.4.0-36.55

---------------
linux (4.4.0-36.55) xenial; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612305

  * I2C touchpad does not work on AMD platform (LP: #1612006)
    - SAUCE: pinctrl/amd: Remove the default de-bounce time

  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux (4.4.0-35.54) xenial; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611215

  * [i915_bpo] Sync with v4.7 (LP: #1609742)
    - SAUCE: i915_bpo: Sync with v4.7

  * s390/cio: fix reset of channel measurement block (LP: #1609415)
    - s390/cio: allow to reset channel measurement block

  * in Ubuntu16.10: Hit on Call traces and system goes down when transactional
    memory tests are running in 32TB Brazos system (LP: #1606786)
    - powerpc/tm: Avoid SLB faults in treclaim/trecheckpoint when RI=0
    - powerpc/tm: Fix stack pointer corruption in __tm_recheckpoint()

  * Power Menu does not display after press the Power Button (LP: #1609204)
    - intel-vbtn: new driver for Intel Virtual Button
    - [config] enable CONFIG_INTEL_VBTN=m

  * OptiPlex 7450 AIO hangs when rebooting (LP: #1608762)
    - x86/reboot: Add Dell Optiplex 7450 AIO reboot quirk

  * virtualbox+usb 3.0 breaks boot, -28 kernel works (LP: #1604058)
    - SAUCE: xhci: Fix soft lockup in xhci_pci_probe path when XHCI_STATE_HALTED

  * linux-kernel: Freeing IRQ from IRQ context (LP: #1597908)
    - block: defer timeouts to a workqueue

  * Tunnel offload indications not stripped from encapsulated packets, causing
    performance overhead (LP: #1602755)
    - tunnels: Remove encapsulation offloads on decap.

  * lm-sensors is throwing "ERROR: Can't get value of subfeature temp1_input:
    I/O error" for be2net driver (LP: #1607387)
    - be2net: perform temperature query in adapter regardless of its interface
      state

  * Dell dock MAC Address pass through doesn't work in Ubuntu (LP: #1579984)
    - r8152: Add support for setting pass through MAC address on RTL8153-AD

  * vmxnet3 LRO IPv6 performance issues (stalling TCP) (LP: #1605494)
    - Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets

  * ISST-LTE:pVM:monklp5:Ubuntu16.04.1:system crashed at
    lpfc_sli4_scmd_to_wqidx_distr (LP: #1597974)
    - SAUCE: lpfc: fix oops in lpfc_sli4_scmd_to_wqidx_distr() from
      lpfc_send_taskmgmt()

  * Backport cxlflash shutdown patch to Xenial SRU (LP: #1605405)
    - SAUCE: cxlflash: Verify problem state area is mapped before notifying
      shutdown

  * Xenial update to v4.4.16 stable release (LP: #1607404)
    - mac80211: fix fast_tx header alignment
    - mac80211: mesh: flush mesh paths unconditionally
    - mac80211_hwsim: Add missing check for HWSIM_ATTR_SIGNAL
    - mac80211: Fix mesh estab_plinks counting in STA removal case
    - EDAC, sb_edac: Fix rank lookup on Broadwell
    - IB/cm: Fix a recently introduced locking bug
    - IB/mlx4: Properly initialize GRH TClass and FlowLabel in AHs
    - powerpc/pseries: Fix IBM_ARCH_VEC_NRCORES_OFFSET since POWER8NVL was added
    - powerpc/tm: Always reclaim in start_thread() for exec() class syscalls
    - usb: dwc2: fix reg...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.13.0-95.142

---------------
linux (3.13.0-95.142) trusty; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612715

  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux (3.13.0-94.141) trusty; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611281

  * CVE-2016-5828
    - powerpc/tm: Always reclaim in start_thread() for exec() class syscalls

  * CVE-2016-5829
    - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands

  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog
    - avoid duplicate CVE numbers in changelog

  * CVE-2016-5728
    - misc: mic: Fix for double fetch security bug in VOP driver

  * CVE-2016-5244 (LP: #1589041)
    - rds: fix an infoleak in rds_inc_info_copy

 -- Stefan Bader <email address hidden> Fri, 12 Aug 2016 18:37:52 +0200

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.19.0-68.76

---------------
linux (3.19.0-68.76) vivid; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612550

  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux (3.19.0-67.75) vivid; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611250

  * CVE-2016-5828
    - powerpc/tm: Always reclaim in start_thread() for exec() class syscalls

  * CVE-2016-5829
    - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands

  * CVE-2016-5400
    - media: fix airspy usb probe error path

  * changelog: add CVEs as first class citizens (LP: #1604344)
    - avoid duplicate CVE numbers in changelog

  * CVE-2016-5728
    - misc: mic: Fix for double fetch security bug in VOP driver

  * CVE-2016-5244 (LP: #1589041)
    - rds: fix an infoleak in rds_inc_info_copy

 -- Stefan Bader <email address hidden> Fri, 12 Aug 2016 10:31:41 +0200

Changed in linux (Ubuntu Vivid):
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-trusty - 3.13.0-95.142~precise1

---------------
linux-lts-trusty (3.13.0-95.142~precise1) precise; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612718

  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux (3.13.0-94.141) trusty; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611281

  * CVE-2016-5828
    - powerpc/tm: Always reclaim in start_thread() for exec() class syscalls

  * CVE-2016-5829
    - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands

  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog
    - avoid duplicate CVE numbers in changelog

  * CVE-2016-5728
    - misc: mic: Fix for double fetch security bug in VOP driver

  * CVE-2016-5244 (LP: #1589041)
    - rds: fix an infoleak in rds_inc_info_copy

 -- Stefan Bader <email address hidden> Fri, 12 Aug 2016 19:10:12 +0200

Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.2.0-109.150

---------------
linux (3.2.0-109.150) precise; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612732

  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux (3.2.0-108.149) precise; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611303

  * CVE-2016-5829
    - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands

  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog
    - avoid duplicate CVE numbers in changelog

  * CVE-2016-5244 (LP: #1589041)
    - rds: fix an infoleak in rds_inc_info_copy

 -- Stefan Bader <email address hidden> Fri, 12 Aug 2016 18:57:31 +0200

Changed in linux (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-armadaxp - 3.2.0-1672.98

---------------
linux-armadaxp (3.2.0-1672.98) precise; urgency=low

  * Release Tracking Bug
    - LP: #1612740
  * Miscellaneous Ubuntu changes
    - Rebase to Ubuntu-3.2.0-109.150

  [ Ubuntu: 3.2.0-109.150 ]

  * Release Tracking Bug
    - LP: #1612732
  * CVE-2016-5696
    - tcp: make challenge acks less predictable

 -- Ike Panhc <email address hidden> Mon, 15 Aug 2016 11:25:32 +0800

Changed in linux-armadaxp (Ubuntu Precise):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ti-omap4 - 3.2.0-1487.114

---------------
linux-ti-omap4 (3.2.0-1487.114) precise; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612738

  [ Ubuntu: 3.2.0-109.150 ]

  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux-ti-omap4 (3.2.0-1486.113) precise; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611312

  [ Ubuntu: 3.2.0-108.149 ]

  * CVE-2016-5829
    - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands
  * changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog
    - avoid duplicate CVE numbers in changelog
  * CVE-2016-5244 (LP: #1589041)
    - rds: fix an infoleak in rds_inc_info_copy

 -- Stefan Bader <email address hidden> Fri, 12 Aug 2016 19:52:53 +0200

Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.7 KiB)

This bug was fixed in the package linux-raspi2 - 4.4.0-1021.27

---------------
linux-raspi2 (4.4.0-1021.27) xenial; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612348

  [ Ubuntu: 4.4.0-36.55 ]

  * I2C touchpad does not work on AMD platform (LP: #1612006)
    - SAUCE: pinctrl/amd: Remove the default de-bounce time
  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux-raspi2 (4.4.0-1020.26) xenial; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611238

  [ Ubuntu: 4.4.0-35.54 ]

  * [i915_bpo] Sync with v4.7 (LP: #1609742)
    - SAUCE: i915_bpo: Sync with v4.7
  * s390/cio: fix reset of channel measurement block (LP: #1609415)
    - s390/cio: allow to reset channel measurement block
  * in Ubuntu16.10: Hit on Call traces and system goes down when transactional
    memory tests are running in 32TB Brazos system (LP: #1606786)
    - powerpc/tm: Avoid SLB faults in treclaim/trecheckpoint when RI=0
    - powerpc/tm: Fix stack pointer corruption in __tm_recheckpoint()
  * Power Menu does not display after press the Power Button (LP: #1609204)
    - intel-vbtn: new driver for Intel Virtual Button
    - [config] enable CONFIG_INTEL_VBTN=m
  * OptiPlex 7450 AIO hangs when rebooting (LP: #1608762)
    - x86/reboot: Add Dell Optiplex 7450 AIO reboot quirk
  * virtualbox+usb 3.0 breaks boot, -28 kernel works (LP: #1604058)
    - SAUCE: xhci: Fix soft lockup in xhci_pci_probe path when XHCI_STATE_HALTED
  * linux-kernel: Freeing IRQ from IRQ context (LP: #1597908)
    - block: defer timeouts to a workqueue
  * Tunnel offload indications not stripped from encapsulated packets, causing
    performance overhead (LP: #1602755)
    - tunnels: Remove encapsulation offloads on decap.
  * lm-sensors is throwing "ERROR: Can't get value of subfeature temp1_input:
    I/O error" for be2net driver (LP: #1607387)
    - be2net: perform temperature query in adapter regardless of its interface
      state
  * Dell dock MAC Address pass through doesn't work in Ubuntu (LP: #1579984)
    - r8152: Add support for setting pass through MAC address on RTL8153-AD
  * vmxnet3 LRO IPv6 performance issues (stalling TCP) (LP: #1605494)
    - Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets
  * ISST-LTE:pVM:monklp5:Ubuntu16.04.1:system crashed at
    lpfc_sli4_scmd_to_wqidx_distr (LP: #1597974)
    - SAUCE: lpfc: fix oops in lpfc_sli4_scmd_to_wqidx_distr() from
      lpfc_send_taskmgmt()
  * Backport cxlflash shutdown patch to Xenial SRU (LP: #1605405)
    - SAUCE: cxlflash: Verify problem state area is mapped before notifying
      shutdown
  * Xenial update to v4.4.16 stable release (LP: #1607404)
    - mac80211: fix fast_tx header alignment
    - mac80211: mesh: flush mesh paths unconditionally
    - mac80211_hwsim: Add missing check for HWSIM_ATTR_SIGNAL
    - mac80211: Fix mesh estab_plinks counting in STA removal case
    - EDAC, sb_edac: Fix rank lookup on Broadwell
    - IB/cm: Fix a recently introduced locking bug
    - IB/mlx4: Properly initialize GRH TClass and FlowLabel in AHs
    - powerpc/pseries: Fix IBM_ARCH_VEC_NRCORES_OFFSET since POWER8NVL was added
    - powerpc/tm: Always reclaim i...

Changed in linux-raspi2 (Ubuntu Xenial):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.7 KiB)

This bug was fixed in the package linux-snapdragon - 4.4.0-1024.27

---------------
linux-snapdragon (4.4.0-1024.27) xenial; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612349

  [ Ubuntu: 4.4.0-36.55 ]

  * I2C touchpad does not work on AMD platform (LP: #1612006)
    - SAUCE: pinctrl/amd: Remove the default de-bounce time
  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux-snapdragon (4.4.0-1023.26) xenial; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611239

  [ Ubuntu: 4.4.0-35.54 ]

  * [i915_bpo] Sync with v4.7 (LP: #1609742)
    - SAUCE: i915_bpo: Sync with v4.7
  * s390/cio: fix reset of channel measurement block (LP: #1609415)
    - s390/cio: allow to reset channel measurement block
  * in Ubuntu16.10: Hit on Call traces and system goes down when transactional
    memory tests are running in 32TB Brazos system (LP: #1606786)
    - powerpc/tm: Avoid SLB faults in treclaim/trecheckpoint when RI=0
    - powerpc/tm: Fix stack pointer corruption in __tm_recheckpoint()
  * Power Menu does not display after press the Power Button (LP: #1609204)
    - intel-vbtn: new driver for Intel Virtual Button
    - [config] enable CONFIG_INTEL_VBTN=m
  * OptiPlex 7450 AIO hangs when rebooting (LP: #1608762)
    - x86/reboot: Add Dell Optiplex 7450 AIO reboot quirk
  * virtualbox+usb 3.0 breaks boot, -28 kernel works (LP: #1604058)
    - SAUCE: xhci: Fix soft lockup in xhci_pci_probe path when XHCI_STATE_HALTED
  * linux-kernel: Freeing IRQ from IRQ context (LP: #1597908)
    - block: defer timeouts to a workqueue
  * Tunnel offload indications not stripped from encapsulated packets, causing
    performance overhead (LP: #1602755)
    - tunnels: Remove encapsulation offloads on decap.
  * lm-sensors is throwing "ERROR: Can't get value of subfeature temp1_input:
    I/O error" for be2net driver (LP: #1607387)
    - be2net: perform temperature query in adapter regardless of its interface
      state
  * Dell dock MAC Address pass through doesn't work in Ubuntu (LP: #1579984)
    - r8152: Add support for setting pass through MAC address on RTL8153-AD
  * vmxnet3 LRO IPv6 performance issues (stalling TCP) (LP: #1605494)
    - Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets
  * ISST-LTE:pVM:monklp5:Ubuntu16.04.1:system crashed at
    lpfc_sli4_scmd_to_wqidx_distr (LP: #1597974)
    - SAUCE: lpfc: fix oops in lpfc_sli4_scmd_to_wqidx_distr() from
      lpfc_send_taskmgmt()
  * Backport cxlflash shutdown patch to Xenial SRU (LP: #1605405)
    - SAUCE: cxlflash: Verify problem state area is mapped before notifying
      shutdown
  * Xenial update to v4.4.16 stable release (LP: #1607404)
    - mac80211: fix fast_tx header alignment
    - mac80211: mesh: flush mesh paths unconditionally
    - mac80211_hwsim: Add missing check for HWSIM_ATTR_SIGNAL
    - mac80211: Fix mesh estab_plinks counting in STA removal case
    - EDAC, sb_edac: Fix rank lookup on Broadwell
    - IB/cm: Fix a recently introduced locking bug
    - IB/mlx4: Properly initialize GRH TClass and FlowLabel in AHs
    - powerpc/pseries: Fix IBM_ARCH_VEC_NRCORES_OFFSET since POWER8NVL was added
    - powerpc/tm: Alwa...

Changed in linux-snapdragon (Ubuntu Xenial):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.5 KiB)

This bug was fixed in the package linux-lts-xenial - 4.4.0-36.55~14.04.1

---------------
linux-lts-xenial (4.4.0-36.55~14.04.1) trusty; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1612350

  * I2C touchpad does not work on AMD platform (LP: #1612006)
    - SAUCE: pinctrl/amd: Remove the default de-bounce time

  * CVE-2016-5696
    - tcp: make challenge acks less predictable

linux (4.4.0-35.54) xenial; urgency=low

  [ Stefan Bader ]

  * Release Tracking Bug
    - LP: #1611215

  * [i915_bpo] Sync with v4.7 (LP: #1609742)
    - SAUCE: i915_bpo: Sync with v4.7

  * s390/cio: fix reset of channel measurement block (LP: #1609415)
    - s390/cio: allow to reset channel measurement block

  * in Ubuntu16.10: Hit on Call traces and system goes down when transactional
    memory tests are running in 32TB Brazos system (LP: #1606786)
    - powerpc/tm: Avoid SLB faults in treclaim/trecheckpoint when RI=0
    - powerpc/tm: Fix stack pointer corruption in __tm_recheckpoint()

  * Power Menu does not display after press the Power Button (LP: #1609204)
    - intel-vbtn: new driver for Intel Virtual Button
    - [config] enable CONFIG_INTEL_VBTN=m

  * OptiPlex 7450 AIO hangs when rebooting (LP: #1608762)
    - x86/reboot: Add Dell Optiplex 7450 AIO reboot quirk

  * virtualbox+usb 3.0 breaks boot, -28 kernel works (LP: #1604058)
    - SAUCE: xhci: Fix soft lockup in xhci_pci_probe path when XHCI_STATE_HALTED

  * linux-kernel: Freeing IRQ from IRQ context (LP: #1597908)
    - block: defer timeouts to a workqueue

  * Tunnel offload indications not stripped from encapsulated packets, causing
    performance overhead (LP: #1602755)
    - tunnels: Remove encapsulation offloads on decap.

  * lm-sensors is throwing "ERROR: Can't get value of subfeature temp1_input:
    I/O error" for be2net driver (LP: #1607387)
    - be2net: perform temperature query in adapter regardless of its interface
      state

  * Dell dock MAC Address pass through doesn't work in Ubuntu (LP: #1579984)
    - r8152: Add support for setting pass through MAC address on RTL8153-AD

  * vmxnet3 LRO IPv6 performance issues (stalling TCP) (LP: #1605494)
    - Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets

  * ISST-LTE:pVM:monklp5:Ubuntu16.04.1:system crashed at
    lpfc_sli4_scmd_to_wqidx_distr (LP: #1597974)
    - SAUCE: lpfc: fix oops in lpfc_sli4_scmd_to_wqidx_distr() from
      lpfc_send_taskmgmt()

  * Backport cxlflash shutdown patch to Xenial SRU (LP: #1605405)
    - SAUCE: cxlflash: Verify problem state area is mapped before notifying
      shutdown

  * Xenial update to v4.4.16 stable release (LP: #1607404)
    - mac80211: fix fast_tx header alignment
    - mac80211: mesh: flush mesh paths unconditionally
    - mac80211_hwsim: Add missing check for HWSIM_ATTR_SIGNAL
    - mac80211: Fix mesh estab_plinks counting in STA removal case
    - EDAC, sb_edac: Fix rank lookup on Broadwell
    - IB/cm: Fix a recently introduced locking bug
    - IB/mlx4: Properly initialize GRH TClass and FlowLabel in AHs
    - powerpc/pseries: Fix IBM_ARCH_VEC_NRCORES_OFFSET since POWER8NVL was added
    - powerpc/tm: Always reclaim in start_thread() for exec() c...

Changed in linux-lts-xenial (Ubuntu Trusty):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-raspi2 - 4.8.0-1012.14

---------------
linux-raspi2 (4.8.0-1012.14) yakkety; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1630339

  * Rebase against Ubuntu-4.8.0-21.23

 -- Tim Gardner <email address hidden> Tue, 04 Oct 2016 11:57:45 -0600

Changed in linux-raspi2 (Ubuntu Yakkety):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (33.3 KiB)

This bug was fixed in the package linux-snapdragon - 4.4.0-1029.32

---------------
linux-snapdragon (4.4.0-1029.32) xenial; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1628228

  [ Ubuntu: 4.4.0-41.61 ]

  * nvme drive probe failure (LP: #1626894)
    - (fix) NVMe: Don't unmap controller registers on reset

linux-snapdragon (4.4.0-1028.31) xenial; urgency=low

  [ Ubuntu: 4.4.0-40.60 ]

  * Release Tracking Bug
    - LP: #1627077
  * Permission denied in CIFS with kernel 4.4.0-38 (LP: #1626112)
    - Fix memory leaks in cifs_do_mount()
    - Compare prepaths when comparing superblocks
    - SAUCE: Fix regression which breaks DFS mounting
  * Backlight does not change when adjust it higher than 50% after S3
    (LP: #1625932)
    - SAUCE: i915_bpo: drm/i915/backlight: setup and cache pwm alternate
      increment value
    - SAUCE: i915_bpo: drm/i915/backlight: setup backlight pwm alternate
      increment on backlight enable

  [ Ubuntu: 4.4.0-39.59 ]

  * thunder: chip errata w/ multiple CQEs for a TSO packet (LP: #1624569)
    - net: thunderx: Fix for issues with multiple CQEs posted for a TSO packet
  * thunder: faulty TSO padding (LP: #1623627)
    - net: thunderx: Fix for HW issue while padding TSO packet
  * CVE-2016-6828
    - tcp: fix use after free in tcp_xmit_retransmit_queue()
  * Sennheiser Officerunner - cannot get freq at ep 0x83 (LP: #1622763)
    - SAUCE: (no-up) ALSA: usb-audio: Add quirk for sennheiser officerunner
  * Backport E3 Skylake Support in ie31200_edac to Xenial (LP: #1619766)
    - EDAC, ie31200_edac: Add Skylake support
  * Ubuntu 16.04 - Full EEH Recovery Support for NVMe devices (LP: #1602724)
    - SAUCE: nvme: Don't suspend admin queue that wasn't created
  * ISST-LTE:pNV: system ben is hung during ST (nvme) (LP: #1620317)
    - blk-mq: Allow timeouts to run while queue is freezing
    - blk-mq: improve warning for running a queue on the wrong CPU
    - blk-mq: don't overwrite rq->mq_ctx
  * lsattr 32bit does not work on 64bit kernel (Inappropriate ioctl error)
    (LP: #1619918)
    - btrfs: bugfix: handle FS_IOC32_{GETFLAGS, SETFLAGS, GETVERSION} in
      btrfs_ioctl
  * radeon: monitor connected to onboard VGA doesn't work with Xenial
    (LP: #1600092)
    - drm/radeon/dp: add back special handling for NUTMEG
  * initramfs includes qle driver, but not firmware (LP: #1623187)
    - qed: add MODULE_FIRMWARE()
  * [Hyper-V] Rebase Hyper-V to 4.7.2 (stable) (LP: #1616677)
    - hv_netvsc: Implement support for VF drivers on Hyper-V
    - hv_netvsc: Fix the list processing for network change event
    - Drivers: hv: vmbus: Introduce functions for estimating room in the ring
      buffer
    - Drivers: hv: vmbus: Use READ_ONCE() to read variables that are volatile
    - Drivers: hv: vmbus: Export the vmbus_set_event() API
    - lcoking/barriers, arch: Use smp barriers in smp_store_release()
    - asm-generic: guard smp_store_release/load_acquire
    - x86: reuse asm-generic/barrier.h
    - asm-generic: add __smp_xxx wrappers
    - x86: define __smp_xxx
    - asm-generic: implement virt_xxx memory barriers
    - Drivers: hv: vmbus: Move some ring buffer functions to hyperv.h
    - Driv...

Changed in linux-snapdragon (Ubuntu Yakkety):
status: New → Fix Released
Revision history for this message
Andy Whitcroft (apw) wrote : Closing unsupported series nomination.

This bug was nominated against a series that is no longer supported, ie yakkety. The bug task representing the yakkety nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu Yakkety):
status: New → Won't Fix
Revision history for this message
Andy Whitcroft (apw) wrote :

This bug was nominated against a series that is no longer supported, ie vivid. The bug task representing the vivid nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux-lts-saucy (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-mako (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-manta (Ubuntu Vivid):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.