← Back to team overview

kernel-packages team mailing list archive

  1. kernel-packages team
  2. Mailing list archive
  3. Message #102357

[Bug 1326367] Re: CVE-2014-3153

  Thread PreviousDate PreviousThread Next 
** Summary changed:

- exploitable futex vulnerability
+ CVE-2014-3153

** Tags removed: kernel-release-tracking-bug
** Tags added: kernel-cve-tracking-bug

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1326367

Title:
  CVE-2014-3153

Status in linux package in Ubuntu:
  Fix Committed
Status in linux-armadaxp package in Ubuntu:
  Invalid
Status in linux-ec2 package in Ubuntu:
  Invalid
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-lts-quantal package in Ubuntu:
  Invalid
Status in linux-lts-raring package in Ubuntu:
  Invalid
Status in linux-lts-saucy package in Ubuntu:
  Invalid
Status in linux-mvl-dove package in Ubuntu:
  Invalid
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Lucid:
  Fix Released
Status in linux-armadaxp source package in Lucid:
  Invalid
Status in linux-ec2 source package in Lucid:
  Fix Released
Status in linux-fsl-imx51 source package in Lucid:
  Invalid
Status in linux-lts-quantal source package in Lucid:
  Invalid
Status in linux-lts-raring source package in Lucid:
  Invalid
Status in linux-lts-saucy source package in Lucid:
  Invalid
Status in linux-mvl-dove source package in Lucid:
  Invalid
Status in linux-ti-omap4 source package in Lucid:
  Invalid
Status in linux source package in Precise:
  Fix Released
Status in linux-armadaxp source package in Precise:
  Fix Released
Status in linux-ec2 source package in Precise:
  Invalid
Status in linux-fsl-imx51 source package in Precise:
  Invalid
Status in linux-lts-quantal source package in Precise:
  Fix Released
Status in linux-lts-raring source package in Precise:
  Fix Released
Status in linux-lts-saucy source package in Precise:
  Fix Released
Status in linux-mvl-dove source package in Precise:
  Invalid
Status in linux-ti-omap4 source package in Precise:
  Fix Released
Status in linux source package in Saucy:
  Fix Released
Status in linux-armadaxp source package in Saucy:
  Invalid
Status in linux-ec2 source package in Saucy:
  Invalid
Status in linux-fsl-imx51 source package in Saucy:
  Invalid
Status in linux-lts-quantal source package in Saucy:
  Invalid
Status in linux-lts-raring source package in Saucy:
  Invalid
Status in linux-lts-saucy source package in Saucy:
  Invalid
Status in linux-mvl-dove source package in Saucy:
  Invalid
Status in linux-ti-omap4 source package in Saucy:
  Won't Fix
Status in linux source package in Trusty:
  Fix Released
Status in linux-armadaxp source package in Trusty:
  Invalid
Status in linux-ec2 source package in Trusty:
  Invalid
Status in linux-fsl-imx51 source package in Trusty:
  Invalid
Status in linux-lts-quantal source package in Trusty:
  Invalid
Status in linux-lts-raring source package in Trusty:
  Invalid
Status in linux-lts-saucy source package in Trusty:
  Invalid
Status in linux-mvl-dove source package in Trusty:
  Invalid
Status in linux-ti-omap4 source package in Trusty:
  Invalid
Status in linux source package in Utopic:
  Fix Committed
Status in linux-armadaxp source package in Utopic:
  Invalid
Status in linux-ec2 source package in Utopic:
  Invalid
Status in linux-fsl-imx51 source package in Utopic:
  Invalid
Status in linux-lts-quantal source package in Utopic:
  Invalid
Status in linux-lts-raring source package in Utopic:
  Invalid
Status in linux-lts-saucy source package in Utopic:
  Invalid
Status in linux-mvl-dove source package in Utopic:
  Invalid
Status in linux-ti-omap4 source package in Utopic:
  Invalid

Bug description:
  The futex_requeue function in kernel/futex.c in the Linux kernel
  through 3.14.5 does not ensure that calls have two different futex
  addresses, which allows local users to gain privileges via a crafted
  FUTEX_REQUEUE command that facilitates unsafe waiter modification.

  Break-Fix: 52400ba946759af28442dee6265c5c0180ac7122 54a217887a7b658e2650c3feff22756ab80c7339
  Break-Fix: 52400ba946759af28442dee6265c5c0180ac7122 13fbca4c6ecd96ec1a1cfa2e4f2ce191fe928a5e
  Break-Fix: 52400ba946759af28442dee6265c5c0180ac7122 b3eaa9fc5cd0a4d74b18f6b8dc617aeaf1873270
  Break-Fix: 52400ba946759af28442dee6265c5c0180ac7122 e9c243a5a6de0be8e584c604d353412584b592f8

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1326367/+subscriptions
  Thread PreviousDate PreviousThread Next