2016-12-09 00:45:21 |
Steve Beattie |
bug |
|
|
added bug |
2016-12-09 00:45:56 |
Steve Beattie |
nominated for series |
|
Ubuntu Yakkety |
|
2016-12-09 00:45:56 |
Steve Beattie |
bug task added |
|
linux (Ubuntu Yakkety) |
|
2016-12-09 02:36:17 |
Steve Beattie |
description |
The yakkety master-next tree tagged Ubuntu-4.8.0-31.33 contains git commit 13119e8d911cd268a57012717874f8ab0f42c252 (upstream commit http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d41ce29e3b91ef305f88d23f72b3359de329cec ). This is considered to have introduced CVE-2016-9919 (see http://www.openwall.com/lists/oss-security/2016/12/08/16 ), a remote denial of service for hosts that use ipv6.
Upstream commit http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 addresses the issue.
Since the issue only affects the yakkety-proposed kernel, we should not release this kernel with this vulnerability intact. |
The yakkety master-next tree tagged Ubuntu-4.8.0-31.33 contains git commit 13119e8d911cd268a57012717874f8ab0f42c252 (upstream commit http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d41ce29e3b91ef305f88d23f72b3359de329cec, linux-stable commit http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?h=linux-4.8.y&id=92fd1c1f2fd27a352b91ad1f874775618aa1865a ). This is considered to have introduced CVE-2016-9919 (see http://www.openwall.com/lists/oss-security/2016/12/08/16 ), a remote denial of service for hosts that use ipv6.
Upstream commit http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 addresses the issue.
Since the issue only affects the yakkety-proposed kernel, we should not release this kernel with this vulnerability intact. |
|
2016-12-09 02:36:24 |
Steve Beattie |
summary |
Vulnerability picked up from 4.8.11 stable kernel |
Vulnerability picked up from 4.8.10 stable kernel |
|
2016-12-09 02:41:46 |
Steve Beattie |
information type |
Private Security |
Public Security |
|
2016-12-09 02:41:51 |
Steve Beattie |
linux (Ubuntu Yakkety): status |
New |
Confirmed |
|
2016-12-09 03:00:15 |
Brad Figg |
linux (Ubuntu): status |
New |
Incomplete |
|
2016-12-09 03:06:37 |
Seth Arnold |
linux (Ubuntu): status |
Incomplete |
Confirmed |
|
2016-12-12 14:51:10 |
Luis Henriques |
linux (Ubuntu Yakkety): assignee |
|
Luis Henriques (henrix) |
|
2016-12-12 14:51:20 |
Luis Henriques |
linux (Ubuntu Yakkety): assignee |
Luis Henriques (henrix) |
Thadeu Lima de Souza Cascardo (cascardo) |
|
2016-12-12 14:55:26 |
Luis Henriques |
bug |
|
|
added subscriber Luis Henriques |
2016-12-13 11:50:34 |
Luis Henriques |
linux (Ubuntu Yakkety): status |
Confirmed |
Fix Committed |
|
2016-12-20 18:54:31 |
Launchpad Janitor |
linux (Ubuntu Yakkety): status |
Fix Committed |
Fix Released |
|
2016-12-20 18:54:31 |
Launchpad Janitor |
cve linked |
|
2016-6213 |
|
2016-12-20 18:54:31 |
Launchpad Janitor |
cve linked |
|
2016-7039 |
|
2016-12-20 18:54:31 |
Launchpad Janitor |
cve linked |
|
2016-8630 |
|
2016-12-20 18:54:31 |
Launchpad Janitor |
cve linked |
|
2016-8666 |
|
2019-10-03 08:35:49 |
Po-Hsu Lin |
linux (Ubuntu): status |
Confirmed |
Invalid |
|