group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #09222
[Bug 1634753] Re: srcname from mount rule corrupted under load
This bug was fixed in the package linux - 3.13.0-103.150
---------------
linux (3.13.0-103.150) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1644489
* Possible regression on 3.13.0-102.149~precise1 x86_64 (gce) (LP: #1644302)
- SAUCE: apparmor: delete extra variable dev_path
linux (3.13.0-102.149) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1640581
* lxc-attach to malicious container allows access to host (LP: #1639345)
- Revert "UBUNTU: ptrace: being capable wrt a process requires mapped
uids/gids"
- (upstream) mm: Add a user_ns owner to mm_struct and fix ptrace permission
checks
* Syntax error extra parenthesis linux-headers-3.13.0-100/Makefile
(LP: #1636625)
- Makefile: fix extra parenthesis typo when CC_STACKPROTECTOR_REGULAR is
enabled
* Add a driver for Amazon Elastic Network Adapters (ENA) (LP: #1635721)
- lib/bitmap.c: conversion routines to/from u32 array
- kernel.h: define u8, s8, u32, etc. limits
- net: ethtool: add new ETHTOOL_xLINKSETTINGS API
- PCI/MSI: Add pci_msix_vec_count()
- etherdevice: Use ether_addr_copy to copy an Ethernet address
- net: ena: Add a driver for Amazon Elastic Network Adapters (ENA)
- [config] enable CONFIG_ENA_ETHERNET=m (Amazon ENA driver)
* CVE-2016-8658
- brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()
* CVE-2016-7425
- scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer()
* srcname from mount rule corrupted under load (LP: #1634753)
- SAUCE: apparmor: fix sleep in critical section
* ghash-clmulni-intel module fails to load (LP: #1633058)
- crypto: ghash-clmulni - Fix load failure
- crypto: cryptd - Assign statesize properly
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Thu, 24 Nov 2016
09:56:54 +0000
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-7425
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-8658
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1634753
Title:
srcname from mount rule corrupted under load
Status in AppArmor:
In Progress
Status in linux package in Ubuntu:
Triaged
Status in linux source package in Precise:
Invalid
Status in linux source package in Trusty:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Yakkety:
Invalid
Bug description:
This came up in snapd spread tests but can be reproduced with:
In an i386 up to date 16.04 VM:
1. in one terminal, run this:
$ cat reproducer.sh
#!/bin/sh
set -e
sudo sysctl -w kernel.printk_ratelimit=0
sudo snap install hello-world || true
count=0
while /bin/true ; do
count=$((count+1))
if [ `echo "$count % 100" | bc` -eq 0 ]; then
echo "$count runs"
fi
hello-world > /dev/null || {
tail -100 /var/log/syslog | grep DEN && exit
}
sudo cat /run/snapd/ns/hello-world.mnt 2>/dev/null || sudo /usr/lib/snapd/snap-discard-ns hello-world
done
2. in another terminal run:
$ while /bin/true ;do sudo apparmor_parser -r /etc/apparmor.d/* >/dev/null 2>&1 ; done
3. In another terminal:
$ tail -f /var/log/syslog|grep DEN
This is not limited to i386.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1634753/+subscriptions
