Ubuntu
linux package

Fix CVE-2017-0605

  1. Yakkety (16.10)
  2. Bug #1690120
Bug #1690120 reported by Po-Hsu Lin
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Undecided
Po-Hsu Lin
Precise
Won't Fix
Undecided
Unassigned
Trusty
Fix Released
Undecided
Po-Hsu Lin
Vivid
Won't Fix
Undecided
Unassigned
Xenial
Fix Released
Undecided
Po-Hsu Lin
Yakkety
Fix Released
Undecided
Po-Hsu Lin
Zesty
Fix Released
Undecided
Po-Hsu Lin
Artful
Fix Released
Undecided
Po-Hsu Lin

Bug Description

Tracking bug for fixing CVE-2017-0605

CVE References

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Patch sent to mailing list:
[CVE-2017-0605][PATCHv2] tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
[Artful][PATCHv2] tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
[Zesty][PATCHv2] tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
[Yakkety][PATCHv2] tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
[Xenial][PATCHv2] tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()

Changed in linux (Ubuntu Artful):
assignee: nobody → Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Zesty):
assignee: nobody → Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Yakkety):
assignee: nobody → Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Xenial):
assignee: nobody → Po-Hsu Lin (cypressyew)
status: New → In Progress
Changed in linux (Ubuntu Yakkety):
status: New → In Progress
Changed in linux (Ubuntu Zesty):
status: New → In Progress
Changed in linux (Ubuntu Artful):
status: New → In Progress
Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Artful):
status: In Progress → Fix Committed
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Applied to xenial, yakkety, and zesty master-next branches.

Changed in linux (Ubuntu Zesty):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Yakkety):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Patch sent for Vivid.
Patch adapted and sent for Trusty, Precise-ESM.

Adapted because the function, get_saved_cmdlines() commit 939c7a4, involved in this change is not there for T & P.

Changed in linux (Ubuntu Vivid):
status: New → In Progress
Changed in linux (Ubuntu Trusty):
status: New → In Progress
Changed in linux (Ubuntu Precise):
status: New → In Progress
Changed in linux (Ubuntu Vivid):
assignee: nobody → Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Trusty):
assignee: nobody → Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Precise):
assignee: nobody → Po-Hsu Lin (cypressyew)
Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Precise):
assignee: Po-Hsu Lin (cypressyew) → nobody
status: In Progress → Won't Fix
Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Vivid):
status: In Progress → Won't Fix
assignee: Po-Hsu Lin (cypressyew) → nobody
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Medium CVE, won't fix for Precise-ESM / Vivid

Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Trusty):
status: In Progress → Fix Committed
Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Zesty):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Artful):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Yakkety):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.