group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1660842] Re: apparmor not checking error if security_pin_fs() fails

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1660842@xxxxxxxxxxxxxxxxxx>
Date: Wed, 29 Mar 2017 23:13:19 -0000
Reply-to: Bug 1660842 <1660842@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package linux - 4.8.0-45.48

---------------
linux (4.8.0-45.48) yakkety; urgency=low

  * CVE-2017-7184
    - xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
    - xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder

 -- Stefan Bader <stefan.bader@xxxxxxxxxxxxx>  Fri, 24 Mar 2017 12:03:39
+0100

** Changed in: linux (Ubuntu Yakkety)
       Status: Triaged => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-7184

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1660842

Title:
  apparmor not checking error if security_pin_fs() fails

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Triaged
Status in linux source package in Yakkety:
  Fix Released
Status in linux source package in Zesty:
  Fix Released

Bug description:
  The error condition of security_pin_fs() was not being checked which
  will result can result in an oops or use after free, due to the fs pin
  count not being incremented.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660842/+subscriptions