← Back to team overview

kernel-packages team mailing list archive

[Bug 1414651] Re: CVE-2015-0239

 

This bug was fixed in the package linux - 3.16.0-31.41

---------------
linux (3.16.0-31.41) utopic; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1419961

  [ Andy Whitcroft ]

  * [Debian] arm64 -- build ubuntu drivers
    - LP: #1411284
  * hyper-v -- fix comment handing in /etc/network/interfaces
    - LP: #1413020

  [ Ben Hutchings ]

  * SAUCE: rtsx_usb_ms: Use msleep_interruptible() in polling loop
    - LP: #1413149

  [ Brad Figg ]

  * SAUCE: Config IWLWIFI_UAPSD=N

  [ Kamal Mostafa ]

  * [Packaging] force "dpkg-source -I -i" behavior

  [ Kukjin Kim ]

  * SAUCE: (no-up) ARM: SAMSUNG: fix the CPU_ID for EXYNOS5440
    - LP: #1411062

  [ Leann Ogasawara ]

  * ubuntu: AUFS -- Resolve build failure union has no member named
    'd_child'

  [ Ming Lei ]

  * SAUCE: (no-up) ARM: EXYNOS: fix booting oops on exynos5440
    - LP: #1411062
  * SAUCE: (no-up) ARM: exynos5440-sd5v1: switch to fixed-link DT binding
    - LP: #1417339
  * SAUCE: (no-up) net: stmmac: add fixed_phy support via fixed-link DT
    binding
    - LP: #1417339

  [ Upstream Kernel Changes ]

  * Revert "[SCSI] mpt2sas: Remove phys on topology change."
    - LP: #1419125
  * Revert "[SCSI] mpt3sas: Remove phys on topology change"
    - LP: #1419125
  * Revert "ARM: 7830/1: delay: don't bother reporting bogomips in
    /proc/cpuinfo"
    - LP: #1419125
  * powerpc/powernv: Don't call generic code on offline cpus
    - LP: #1400411
  * powerpc/powernv: Return to cpu offline loop when finished in KVM guest
    - LP: #1400411
  * powerpc/powernv: Switch off MMU before entering nap/sleep/rvwinkle mode
    - LP: #1400411
  * powerpc/powernv: Enable Offline CPUs to enter deep idle states
    - LP: #1400411
  * powernv/cpuidle: Redesign idle states management
    - LP: #1400411
  * powernv/powerpc: Add winkle support for offline cpus
    - LP: #1400411
  * powerpc/kdump: Ignore failure in enabling big endian exception during
    crash
    - LP: #1410817
  * powerpc/perf/hv-24x7: Use kmem_cache_free
    - LP: #1410519
  * powerpc/perf/hv-24x7: use kmem_cache instead of aligned stack
    allocations
    - LP: #1410519
  * powerpc/perf/hv-24x7: Use per-cpu page buffer
    - LP: #1410519
  * power/perf/hv-24x7: Use kmem_cache_free() instead of kfree
    - LP: #1410519
  * KVM: x86: SYSENTER emulation is broken
    - LP: #1414651
    - CVE-2015-0239
  * powerpc/xmon: Fix another endiannes issue in RTAS call from xmon
    - LP: #1415919
  * HID: i2c-hid: call the hid driver's suspend and resume callbacks
    - LP: #1417363
  * HID: i2c-hid: Do not free buffers in i2c_hid_stop()
    - LP: #1417363
  * ALSA: hda - add mic mute led hook for dell machines
    - LP: #1418832
  * ALSA: hda - move DELL_WMI_MIC_MUTE_LED to the tail in the quirk chain
    - LP: #1381856, #1418832
  * ALSA: hda - fix the mic mute led problem for Latitude E5550
    - LP: #1381856, #1418832
  * drm/i915: don't warn if backlight unexpectedly enabled
    - LP: #1419125
  * drm/i915/dp: only use training pattern 3 on platforms that support it
    - LP: #1419125
  * udptunnel: Add SKB_GSO_UDP_TUNNEL during gro_complete.
    - LP: #1419125
  * s390/3215: fix hanging console issue
    - LP: #1419125
  * s390/3215: fix tty output containing tabs
    - LP: #1419125
  * btrfs: don't go readonly on existing qgroup items
    - LP: #1419125
  * regulator: anatop: Set default voltage selector for vddpu
    - LP: #1419125
  * KVM: s390: Fix size of monitor-class number field
    - LP: #1419125
  * [media] smiapp: Take mutex during PLL update in sensor initialisation
    - LP: #1419125
  * [media] smiapp-pll: Correct clock debug prints
    - LP: #1419125
  * Bluetooth: Fix LE connection timeout deadlock
    - LP: #1419125
  * [media] sound: simplify au0828 quirk table
    - LP: #1419125
  * [media] sound: Update au0828 quirks table
    - LP: #1419125
  * [media] af9005: fix kernel panic on init if compiled without IR
    - LP: #1419125
  * writeback: fix a subtle race condition in I_DIRTY clearing
    - LP: #1419125
  * usb: renesas_usbhs: gadget: fix NULL pointer dereference in
    ep_disable()
    - LP: #1419125
  * KVM: s390: Fix ipte locking
    - LP: #1419125
  * KVM: s390: flush CPU on load control
    - LP: #1419125
  * UBI: Fix double free after do_sync_erase()
    - LP: #1419125
  * UBI: Fix invalid vfree()
    - LP: #1419125
  * Drivers: hv: vmbus: Fix a race condition when unregistering a device
    - LP: #1419125
  * misc: genwqe: check for error from get_user_pages_fast()
    - LP: #1419125
  * driver core: Fix unbalanced device reference in drivers_probe
    - LP: #1419125
  * drbd: merge_bvec_fn: properly remap bvm->bi_bdev
    - LP: #1419125
  * PCI: Restore detection of read-only BARs
    - LP: #1419125
  * scsi: correct return values for .eh_abort_handler implementations
    - LP: #1419125
  * drm/radeon: fix typo in CI dpm disable
    - LP: #1419125
  * ARM: tegra: Re-add removed SoC id macro to tegra_resume()
    - LP: #1419125
  * arm64: Add COMPAT_HWCAP_LPAE
    - LP: #1419125
  * USB: qcserial: Add support for HP lt4112 LTE/HSPA+ Gobi 4G Modem
    - LP: #1419125
  * HID: usbhid: enable always-poll quirk for Elan Touchscreen 0103
    - LP: #1419125
  * HID: yet another buggy ELAN touchscreen
    - LP: #1419125
  * dcache: fix kmemcheck warning in switch_names
    - LP: #1419125
  * genhd: check for int overflow in disk_expand_part_tbl()
    - LP: #1419125
  * ftrace/x86: Add frames pointers to trampoline as necessary
    - LP: #1419125
  * drm/ttm: Avoid memory allocation from shrinker functions.
    - LP: #1419125
  * ASoC: sigmadsp: Refuse to load firmware files with a non-supported
    version
    - LP: #1419125
  * drm/radeon: work around a hw bug in MGCG on CIK
    - LP: #1419125
  * usb: gadget: at91_udc: move prepare clk into process context
    - LP: #1419125
  * Btrfs: make sure we wait on logged extents when fsycning two subvols
    - LP: #1419125
  * Btrfs: make sure logged extents complete in the current transaction V3
    - LP: #1419125
  * Btrfs: do not move em to modified list when unpinning
    - LP: #1419125
  * ARM: mvebu: disable I/O coherency on non-SMP situations on Armada
    370/375/38x/XP
    - LP: #1419125
  * megaraid_sas: corrected return of wait_event from abort frame path
    - LP: #1419125
  * ASoC: max98090: Fix ill-defined sidetone route
    - LP: #1419125
  * blk-mq: use 'nr_cpu_ids' as highest CPU ID count for hwq <-> cpu map
    - LP: #1419125
  * nfs41: fix nfs4_proc_layoutget error handling
    - LP: #1419125
  * cdc-acm: memory leak in error case
    - LP: #1419125
  * USB: cdc-acm: check for valid interfaces
    - LP: #1419125
  * [media] uvcvideo: Fix destruction order in uvc_delete()
    - LP: #1419125
  * HID: i2c-hid: fix race condition reading reports
    - LP: #1419125
  * mfd: twl4030-power: Fix regression with missing compatible flag
    - LP: #1419125
  * mfd: tc6393xb: Fail ohci suspend if full state restore is required
    - LP: #1419125
  * tty: serial: men_z135_uart: Add terminating entry for men_z135_ids
    - LP: #1419125
  * serial: samsung: wait for transfer completion before clock disable
    - LP: #1419125
  * mmc: dw_mmc: avoid write to CDTHRCTL on older versions
    - LP: #1419125
  * n_tty: Fix read_buf race condition, increment read_head after pushing
    data
    - LP: #1419125
  * dm cache: only use overwrite optimisation for promotion when in
    writeback mode
    - LP: #1419125
  * dm cache: dirty flag was mistakenly being cleared when promoting via
    overwrite
    - LP: #1419125
  * dm bufio: fix memleak when using a dm_buffer's inline bio
    - LP: #1419125
  * ath9k_hw: fix hardware queue allocation
    - LP: #1419125
  * ath9k: fix BE/BK queue order
    - LP: #1419125
  * ath5k: fix hardware queue index assignment
    - LP: #1419125
  * iwlwifi: dvm: fix flush support for old firmware
    - LP: #1419125
  * iwlwifi: mvm: update values for Smart Fifo
    - LP: #1419125
  * iommu/vt-d: Fix an off-by-one bug in __domain_mapping()
    - LP: #1419125
  * dm crypt: use memzero_explicit for on-stack buffer
    - LP: #1419125
  * mnt: Implicitly add MNT_NODEV on remount when it was implicitly added
    by mount
    - LP: #1419125
  * mnt: Update unprivileged remount test
    - LP: #1419125
  * umount: Disallow unprivileged mount force
    - LP: #1419125
  * md/raid5: fetch_block must fetch all the blocks handle_stripe_dirtying
    wants.
    - LP: #1419125
  * drm/i915: Only warn the first time we attempt to mmio whilst suspended
    - LP: #1419125
  * drm/vmwgfx: Fix error printout on signals pending
    - LP: #1419125
  * drm/vmwgfx: Fix fence event code
    - LP: #1419125
  * hp_accel: Add support for HP ZBook 15
    - LP: #1419125
  * drm/radeon: check the right ring in radeon_evict_flags()
    - LP: #1419125
  * swiotlb-xen: pass dev_addr to xen_dma_unmap_page and
    xen_dma_sync_single_for_cpu
    - LP: #1419125
  * swiotlb-xen: remove BUG_ON in xen_bus_to_phys
    - LP: #1419125
  * swiotlb-xen: call xen_dma_sync_single_for_device when appropriate
    - LP: #1419125
  * [media] img-ir/hw: Always read data to clear buffer
    - LP: #1419125
  * [media] img-ir/hw: Fix potential deadlock stopping timer
    - LP: #1419125
  * powerpc/book3s: Fix partial invalidation of TLBs in MCE code.
    - LP: #1419125
  * clocksource: arm_arch_timer: Change clocksource name if CP15
    unavailable
    - LP: #1419125
  * clocksource: arch_timer: Fix code to use physical timers when requested
    - LP: #1419125
  * ALSA: hda - Fix built-in mic at resume on Lenovo Ideapad S210
    - LP: #1419125
  * groups: Consolidate the setgroups permission checks
    - LP: #1419125
  * userns: Document what the invariant required for safe unprivileged
    mappings.
    - LP: #1419125
  * can: peak_usb: fix memset() usage
    - LP: #1419125
  * can: peak_usb: fix cleanup sequence order in case of error during init
    - LP: #1419125
  * ALSA: usb-audio: Don't resubmit pending URBs at MIDI error recovery
    - LP: #1419125
  * KEYS: Fix stale key registration at error path
    - LP: #1419125
  * thermal: Fix error path in thermal_init()
    - LP: #1419125
  * i2c: designware: Fix falling time bindings doc
    - LP: #1419125
  * drm/dp: retry AUX transactions 32 times (v1.1)
    - LP: #1419125
  * drm/fb_helper: move deferred fb checking into restore mode (v2)
    - LP: #1419125
  * xtensa: fix kmap_prot definition
    - LP: #1419125
  * blk-mq: Fix a use-after-free
    - LP: #1419125
  * blk-mq: Avoid that __bt_get_word() wraps multiple times
    - LP: #1419125
  * blk-mq: Fix a race between bt_clear_tag() and bt_get()
    - LP: #1419125
  * fs: nfsd: Fix signedness bug in compare_blob
    - LP: #1419125
  * nfsd4: fix xdr4 inclusion of escaped char
    - LP: #1419125
  * nfsd4: fix xdr4 count of server in fs_location4
    - LP: #1419125
  * userns: Don't allow setgroups until a gid mapping has been setablished
    - LP: #1419125
  * userns: Don't allow unprivileged creation of gid mappings
    - LP: #1419125
  * userns: Check euid no fsuid when establishing an unprivileged uid
    mapping
    - LP: #1419125
  * userns: Only allow the creator of the userns unprivileged mappings
    - LP: #1419125
  * userns: Rename id_map_mutex to userns_state_mutex
    - LP: #1419125
  * drm/i915: Don't complain about stolen conflicts on gen3
    - LP: #1419125
  * ALSA: hda - Add EAPD fixup for ASUS Z99He laptop
    - LP: #1419125
  * blk-mq: Fix uninitialized kobject at CPU hotplugging
    - LP: #1419125
  * ncpfs: return proper error from NCP_IOC_SETROOT ioctl
    - LP: #1419125
  * drivers/rtc/rtc-sirfsoc.c: move hardware initilization earlier in probe
    - LP: #1419125
  * rtc: omap: fix clock-source configuration
    - LP: #1419125
  * rtc: omap: fix missing wakealarm attribute
    - LP: #1419125
  * exit: pidns: alloc_pid() leaks pid_namespace if child_reaper is exiting
    - LP: #1419125
  * x86_64, switch_to(): Load TLS descriptors before switching DS and ES
    - LP: #1419125
  * KVM: nVMX: Disable unrestricted mode if ept=0
    - LP: #1419125
  * KVM: x86: em_ret_far overrides cpl
    - LP: #1419125
  * drm/i915: save/restore GMBUS freq across suspend/resume on gen4
    - LP: #1419125
  * pstore-ram: Fix hangs by using write-combine mappings
    - LP: #1419125
  * pstore-ram: Allow optional mapping with pgprot_noncached
    - LP: #1419125
  * userns: Add a knob to disable setgroups on a per user namespace basis
    - LP: #1419125
  * userns: Allow setting gid_maps without privilege when setgroups is
    disabled
    - LP: #1419125
  * userns: Unbreak the unprivileged remount tests
    - LP: #1419125
  * HID: i2c-hid: prevent buffer overflow in early IRQ
    - LP: #1419125
  * mac80211: fix multicast LED blinking and counter
    - LP: #1419125
  * cfg80211: Fix 160 MHz channels with 80+80 and 160 MHz drivers
    - LP: #1419125
  * cfg80211: avoid mem leak on driver hint set
    - LP: #1419125
  * nl80211: check matches array length before acessing it
    - LP: #1419125
  * cfg80211: don't WARN about two consecutive Country IE hint
    - LP: #1419125
  * reiserfs: destroy allocated commit workqueue
    - LP: #1419125
  * mtd: tests: abort torturetest on erase errors
    - LP: #1419125
  * tracing/sched: Check preempt_count() for current when reading
    task->state
    - LP: #1419125
  * x86/tls: Validate TLS entries to protect espfix
    - LP: #1419125
  * x86/tls: Disallow unusual TLS segments
    - LP: #1419125
  * ARC: [nsimosci] move peripherals to match model to FPGA
    - LP: #1419125
  * isofs: Fix infinite looping over CE entries
    - LP: #1419125
  * mac80211: free management frame keys when removing station
    - LP: #1419125
  * ceph: do_sync is never initialized
    - LP: #1419125
  * mnt: Fix a memory stomp in umount
    - LP: #1419125
  * ocfs2: fix journal commit deadlock
    - LP: #1419125
  * md/bitmap: always wait for writes on unplug.
    - LP: #1419125
  * mmc: block: add newline to sysfs display of force_ro
    - LP: #1419125
  * mmc: omap_hsmmc: Fix UHS card with DDR50 support
    - LP: #1419125
  * dm space map metadata: fix sm_bootstrap_get_nr_blocks()
    - LP: #1419125
  * dm thin: fix a race in thin_dtr
    - LP: #1419125
  * ARM: mvebu: fix ordering in Armada 370 .dtsi
    - LP: #1419125
  * eCryptfs: Force RO mount when encrypted view is enabled
    - LP: #1419125
  * eCryptfs: Remove buggy and unnecessary write in file name decode
    routine
    - LP: #1419125
  * tcm_loop: Fix wrong I_T nexus association
    - LP: #1419125
  * clk: samsung: Fix double add of syscore ops after driver rebind
    - LP: #1419125
  * ASoC: pcm512x: Trigger auto-increment of register addresses on i2c
    - LP: #1419125
  * Btrfs: fix fs corruption on transaction abort if device supports
    discard
    - LP: #1419125
  * perf/x86/intel/uncore: Make sure only uncore events are collected
    - LP: #1419125
  * perf: Fix events installation during moving group
    - LP: #1419125
  * drm/i915: vlv: fix IRQ masking when uninstalling interrupts
    - LP: #1419125
  * iscsi,iser-target: Initiate termination only once
    - LP: #1419125
  * iser-target: Fix flush + disconnect completion handling
    - LP: #1419125
  * iser-target: Parallelize CM connection establishment
    - LP: #1419125
  * iser-target: Fix connected_handler + teardown flow race
    - LP: #1419125
  * iser-target: Handle ADDR_CHANGE event for listener cm_id
    - LP: #1419125
  * iser-target: Fix implicit termination of connections
    - LP: #1419125
  * iser-target: Allocate PI contexts dynamically
    - LP: #1419125
  * iser-target: Fix NULL dereference in SW mode DIF
    - LP: #1419125
  * iscsi,iser-target: Expose supported protection ops according to t10_pi
    - LP: #1419125
  * genirq: Prevent proc race against freeing of irq descriptors
    - LP: #1419125
  * scsi: blacklist RSOC for Microsoft iSCSI target devices
    - LP: #1419125
  * iscsi-target: Fail connection on short sendmsg writes
    - LP: #1419125
  * drm/i915: Invalidate media caches on gen7
    - LP: #1419125
  * drm/i915: Force the CS stall for invalidate flushes
    - LP: #1419125
  * ALSA: hda/realtek - Add new Dell desktop for ALC3234 headset mode
    - LP: #1419125
  * dm thin: fix inability to discard blocks when in out-of-data-space mode
    - LP: #1419125
  * dm thin: fix missing out-of-data-space to write mode transition if
    blocks are released
    - LP: #1419125
  * dm: fix missed error code if .end_io isn't implemented by target_type
    - LP: #1419125
  * i2c: mv64xxx: use BIT() macro for register value definitions
    - LP: #1419125
  * i2c: mv64xxx: rework offload support to fix several problems
    - LP: #1419125
  * x86/tls: Don't validate lm in set_thread_area() after all
    - LP: #1419125
  * ALSA: usb-audio: extend KEF X300A FU 10 tweak to Arcam rPAC
    - LP: #1419125
  * tick/powerclamp: Remove tick_nohz_idle abuse
    - LP: #1419125
  * audit: don't attempt to lookup PIDs when changing PID filtering audit
    rules
    - LP: #1419125
  * audit: use supplied gfp_mask from audit_buffer in
    kauditd_send_multicast_skb
    - LP: #1419125
  * arm64: kernel: add missing __init section marker to cpu_suspend_init
    - LP: #1419125
  * arm64: kernel: refactor the CPU suspend API for retention states
    - LP: #1419125
  * arm64: Move cpu_resume into the text section
    - LP: #1419125
  * arm64: kernel: fix __cpu_suspend mm switch on warm-boot
    - LP: #1419125
  * audit: restore AUDIT_LOGINUID unset ABI
    - LP: #1419125
  * parisc: fix out-of-register compiler error in ldcw inline assembler
    function
    - LP: #1419125
  * kvm: x86: drop severity of "generation wraparound" message
    - LP: #1419125
  * Btrfs: fix loop writing of async reclaim
    - LP: #1419125
  * powercap / RAPL: add support for CPU model 0x3f
    - LP: #1419125
  * iwlwifi: make U-APSD default configurable at compile time
    - LP: #1419125
  * isofs: Fix unchecked printing of ER records
    - LP: #1419125
  * crypto: af_alg - fix backlog handling
    - LP: #1419125
  * udf: Check path length when reading symlink
    - LP: #1419125
  * udf: Verify i_size when loading inode
    - LP: #1419125
  * udf: Verify symlink size before loading it
    - LP: #1419125
  * udf: Check component length before reading it
    - LP: #1419125
  * platform/chrome: chromeos_laptop - Add support for Acer C720
    - LP: #1419125
  * platform/chrome: chromeos_laptop - Add HP Chromebook 14
    - LP: #1419125
  * platform/chrome: chromeos_laptop - Add Dell Chromebook 11 touch
    - LP: #1419125
  * platform/chrome: chromeos_laptop - Add Toshiba CB35 Touch
    - LP: #1419125
  * platform/chrome: Add support for the acer c720p touchscreen.
    - LP: #1419125
  * batman-adv: Calculate extra tail size based on queued fragments
    - LP: #1419125
  * move d_rcu from overlapping d_child to overlapping d_alias
    - LP: #1419125
  * deal with deadlock in d_walk()
    - LP: #1419125
  * KEYS: close race between key lookup and freeing
    - LP: #1419125
  * Linux 3.16.7-ckt4
    - LP: #1419125
  * spi: sh-msiof: Add runtime PM lock in initializing
    - LP: #1419125
  * drm/i915: Don't call intel_prepare_page_flip() multiple times on gen2-4
    - LP: #1419125
  * x86_64, vdso: Fix the vdso address randomization algorithm
    - LP: #1419125
  * drm/nv4c/mc: disable msi
    - LP: #1419125
  * ASoC: dwc: Ensure FIFOs are flushed to prevent channel swap
    - LP: #1419125
  * x86, vdso: Use asm volatile in __getcpu
    - LP: #1419125
  * video/logo: prevent use of logos after they have been freed
    - LP: #1419125
  * video/fbdev: fix defio's fsync
    - LP: #1419125
  * Add USB_EHCI_EXYNOS to multi_v7_defconfig
    - LP: #1419125
  * SCSI: fix regression in scsi_send_eh_cmnd()
    - LP: #1419125
  * Btrfs: don't delay inode ref updates during log replay
    - LP: #1419125
  * net: ethernet: cpsw: fix hangs with interrupts
    - LP: #1419125
  * ALSA: hda - Fix wrong gpio_dir & gpio_mask hint setups for IDT/STAC
    codecs
    - LP: #1419125
  * drm/radeon: KV has three PPLLs (v2)
    - LP: #1419125
  * drm/radeon: fix sad_count check for dce3
    - LP: #1419125
  * drm/radeon: properly filter DP1.2 4k modes on non-DP1.2 hw
    - LP: #1419125
  * drm/radeon: adjust default bapm settings for KV
    - LP: #1419125
  * ACPI / PM: Fix PM initialization for devices that are not present
    - LP: #1419125
  * mm: propagate error from stack expansion even for guard page
    - LP: #1419125
  * ALSA: hda - Add new GPU codec ID 0x10de0072 to snd-hda
    - LP: #1419125
  * vfio-pci: Fix the check on pci device type in vfio_pci_probe()
    - LP: #1419125
  * rpc: fix xdr_truncate_encode to handle buffer ending on page boundary
    - LP: #1419125
  * arm64/efi: add missing call to early_ioremap_reset()
    - LP: #1419125
  * exit: fix race between wait_consider_task() and wait_task_zombie()
    - LP: #1419125
  * mm: prevent endless growth of anon_vma hierarchy
    - LP: #1419125
  * mm: protect set_page_dirty() from ongoing truncation
    - LP: #1419125
  * mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled process
    being killed
    - LP: #1419125
  * sched/deadline: Fix migration of SCHED_DEADLINE tasks
    - LP: #1419125
  * sched/deadline: Avoid double-accounting in case of missed deadlines
    - LP: #1419125
  * HID: roccat: potential out of bounds in pyra_sysfs_write_settings()
    - LP: #1419125
  * mm: Don't count the stack guard page towards RLIMIT_STACK
    - LP: #1419125
  * mm: fix corner case in anon_vma endless growing prevention
    - LP: #1419125
  * xen/arm/arm64: introduce xen_arch_need_swiotlb
    - LP: #1419125
  * perf session: Do not fail on processing out of order event
    - LP: #1419125
  * fsnotify: next_i is freed during fsnotify_unmount_inodes.
    - LP: #1419125
  * drivers/rtc/rtc-isl12057.c: fix masking of register values
    - LP: #1419125
  * ASoC: eukrea-tlv320: Fix of_node_put() call with uninitialized object
    - LP: #1419125
  * ALSA: fireworks: fix an endianness bug for transaction length
    - LP: #1419125
  * mtd: nand: omap: Fix NAND enumeration on 3430 LDP
    - LP: #1419125
  * ocfs2: fix the wrong directory passed to ocfs2_lookup_ino_from_name()
    when link file
    - LP: #1419125
  * powerpc: Fix bad NULL pointer check in udbg_uart_getc_poll()
    - LP: #1419125
  * HID: add battery quirk for USB_DEVICE_ID_APPLE_ALU_WIRELESS_2011_ISO
    keyboard
    - LP: #1419125
  * ALSA: hda - using uninitialized data
    - LP: #1419125
  * nilfs2: fix the nilfs_iget() vs. nilfs_new_inode() races
    - LP: #1419125
  * scripts/kernel-doc: don't eat struct members with __aligned
    - LP: #1419125
  * ARM: dts: DRA7: wdt: Fix compatible property for watchdog node
    - LP: #1419125
  * ARM: dts: Enable PWM node by default for s3c64xx
    - LP: #1419125
  * ARM: OMAP4: PM: Only do static dependency configuration in
    omap4_init_static_deps
    - LP: #1419125
  * HID: Add a new id 0x501a for Genius MousePen i608X
    - LP: #1419125
  * netfilter: ipset: small potential read beyond the end of buffer
    - LP: #1419125
  * bridge: fix netfilter/NF_BR_LOCAL_OUT for own, locally generated
    queries
    - LP: #1419125
  * bcache: Make sure to pass GFP_WAIT to mempool_alloc()
    - LP: #1419125
  * ACPICA: Add new GPE public interface - acpi_mark_gpe_for_wake.
    - LP: #1419125
  * ACPI / scan: No implicit wake notification for buttons
    - LP: #1419125
  * gre: fix the inner mac header in nbma tunnel xmit path
    - LP: #1419125
  * netlink: Always copy on mmap TX.
    - LP: #1419125
  * netlink: Don't reorder loads/stores before marking mmap netlink frame
    as available
    - LP: #1419125
  * in6: fix conflict with glibc
    - LP: #1419125
  * tg3: tg3_disable_ints using uninitialized mailbox value to disable
    interrupts
    - LP: #1419125
  * batman-adv: Unify fragment size calculation
    - LP: #1419125
  * batman-adv: avoid NULL dereferences and fix if check
    - LP: #1419125
  * net: Fix stacked vlan offload features computation
    - LP: #1419125
  * net: Reset secmark when scrubbing packet
    - LP: #1419125
  * net/core: Handle csum for CHECKSUM_COMPLETE VXLAN forwarding
    - LP: #1419125
  * tcp: Do not apply TSO segment limit to non-TSO packets
    - LP: #1419125
  * xen-netback: fixing the propagation of the transmit shaper timeout
    - LP: #1419125
  * alx: fix alx_poll()
    - LP: #1419125
  * team: avoid possible underflow of count_pending value for notify_peers
    and mcast_rejoin
    - LP: #1419125
  * enic: fix rx skb checksum
    - LP: #1419125
  * netfilter: conntrack: disable generic tracking for known protocols
    - LP: #1419125
  * xen-netfront: Fix handling packets on compound pages with skb_linearize
    - LP: #1419125
  * xen-netfront: use correct linear area after linearizing an skb
    - LP: #1419125
  * usb: musb: stuff leak of struct usb_hcd
    - LP: #1419125
  * usb: gadget: gadgetfs: Free memory allocated by memdup_user()
    - LP: #1419125
  * usb: gadget: udc: atmel: change setting for DMA
    - LP: #1419125
  * usb: gadget: udc: atmel: fix possible IN hang issue
    - LP: #1419125
  * ARM: imx6q: drop unnecessary semicolon
    - LP: #1419125
  * ARM: clk-imx6q: fix video divider for rev T0 1.0
    - LP: #1419125
  * ARM: dts: imx25: Fix the SPI1 clocks
    - LP: #1419125
  * USB: cp210x: fix ID for production CEL MeshConnect USB Stick
    - LP: #1419125
  * USB: keyspan: fix null-deref at probe
    - LP: #1419125
  * iwlwifi: mvm: fix Rx with both chains
    - LP: #1419125
  * ARM: imx6sx: Set PLL2 as parent of QSPI clocks
    - LP: #1419125
  * ARM: omap5/dra7xx: Fix frequency typos
    - LP: #1419125
  * ARM: omap5/dra7xx: Enable booting secondary CPU in HYP mode
    - LP: #1419125
  * LOCKD: Fix a race when initialising nlmsvc_timeout
    - LP: #1419125
  * NFSv4.1: Fix client id trunking on Linux
    - LP: #1419125
  * ARM: dts: imx51-babbage: Fix ULPI PHY reset modelling
    - LP: #1419125
  * USB: cp210x: add IDs for CEL USB sticks and MeshWorks devices
    - LP: #1419125
  * vhost-scsi: Add missing virtio-scsi -> TCM attribute conversion
    - LP: #1419125
  * USB: qcserial/option: make AT URCs work for Sierra Wireless MC73xx
    - LP: #1419125
  * ARM: dts: berlin: fix io clk and add missing core clk for BG2Q sdhci2
    host
    - LP: #1419125
  * ARM: dts: berlin: add broken-cd and set bus width for eMMC in Marvell
    DMP DT
    - LP: #1419125
  * ARM: dts: berlin: correct BG2Q's SM GPIO location.
    - LP: #1419125
  * xhci: Check if slot is already in default state before moving it there
    - LP: #1419125
  * USB: EHCI: fix initialization bug in iso_stream_schedule()
    - LP: #1419125
  * xhci: Add broken-streams quirk for Fresco Logic FL1000G xhci
    controllers
    - LP: #1419125
  * uas: Add US_FL_NO_ATA_1X for Seagate devices with usb-id 0bc2:a013
    - LP: #1419125
  * uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS566 with usb-id
    0bc2:a013
    - LP: #1419125
  * uas: Add US_FL_NO_ATA_1X for 2 more Seagate disk enclosures
    - LP: #1419125
  * OHCI: add a quirk for ULi M5237 blocking on reset
    - LP: #1419125
  * mei: clean reset bit before reset
    - LP: #1419125
  * target: Drop arbitrary maximum I/O size limit
    - LP: #1419125
  * usb: gadget: udc: atmel: fix possible oops when unloading module
    - LP: #1419125
  * USB: console: fix uninitialised ldisc semaphore
    - LP: #1419125
  * USB: console: fix potential use after free
    - LP: #1419125
  * mmc: sdhci-pxav3: fix error handling of sdhci_add_host
    - LP: #1419125
  * mmc: sdhci-pxav3: do the mbus window configuration after enabling
    clocks
    - LP: #1419125
  * mmc: sdhci: Fix sleep in atomic after inserting SD card
    - LP: #1419125
  * clk: at91: keep slow clk enabled to prevent system hang
    - LP: #1419125
  * clk: berlin: bg2q: remove non-exist "smemc" gate clock
    - LP: #1419125
  * drivers: net: cpsw: fix multicast flush in dual emac mode
    - LP: #1419125
  * usb: dwc3: gadget: Fix TRB preparation during SG
    - LP: #1419125
  * usb: dwc3: gadget: Stop TRB preparation after limit is reached
    - LP: #1419125
  * ftrace/jprobes/x86: Fix conflict between jprobes and function graph
    tracing
    - LP: #1419125
  * reset: sunxi: fix spinlock initialization
    - LP: #1419125
  * clk: Don't try to use a struct clk* after it could have been freed
    - LP: #1419125
  * tcm_loop: Fixup tag handling
    - LP: #1419125
  * net: prevent of emerging cross-namespace symlinks
    - LP: #1419125
  * net: fix creation adjacent device symlinks
    - LP: #1419125
  * drm/i915: Evict CS TLBs between batches
    - LP: #1419125
  * ARM: dts: dra7-evm: fix qspi device tree partition size
    - LP: #1419125
  * ARM: shmobile: sh73a0 legacy: Set .control_parent for all irqpin
    instances
    - LP: #1419125
  * Linux 3.16.7-ckt5
    - LP: #1419125
 -- Seth Forshee <seth.forshee@xxxxxxxxxxxxx>   Mon, 09 Feb 2015 14:00:45 -0600

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1414651

Title:
  CVE-2015-0239

Status in linux package in Ubuntu:
  Invalid
Status in linux-armadaxp package in Ubuntu:
  Invalid
Status in linux-ec2 package in Ubuntu:
  Invalid
Status in linux-flo package in Ubuntu:
  New
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-goldfish package in Ubuntu:
  New
Status in linux-lts-backport-maverick package in Ubuntu:
  New
Status in linux-lts-backport-natty package in Ubuntu:
  New
Status in linux-lts-quantal package in Ubuntu:
  Invalid
Status in linux-lts-raring package in Ubuntu:
  Invalid
Status in linux-lts-saucy package in Ubuntu:
  Invalid
Status in linux-lts-trusty package in Ubuntu:
  Invalid
Status in linux-lts-utopic package in Ubuntu:
  Invalid
Status in linux-mako package in Ubuntu:
  New
Status in linux-manta package in Ubuntu:
  New
Status in linux-mvl-dove package in Ubuntu:
  Invalid
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Lucid:
  New
Status in linux-armadaxp source package in Lucid:
  Invalid
Status in linux-ec2 source package in Lucid:
  New
Status in linux-flo source package in Lucid:
  Invalid
Status in linux-fsl-imx51 source package in Lucid:
  Invalid
Status in linux-goldfish source package in Lucid:
  Invalid
Status in linux-lts-backport-maverick source package in Lucid:
  New
Status in linux-lts-backport-natty source package in Lucid:
  New
Status in linux-lts-quantal source package in Lucid:
  Invalid
Status in linux-lts-raring source package in Lucid:
  Invalid
Status in linux-lts-saucy source package in Lucid:
  Invalid
Status in linux-lts-trusty source package in Lucid:
  Invalid
Status in linux-lts-utopic source package in Lucid:
  Invalid
Status in linux-mako source package in Lucid:
  Invalid
Status in linux-manta source package in Lucid:
  Invalid
Status in linux-mvl-dove source package in Lucid:
  Invalid
Status in linux-ti-omap4 source package in Lucid:
  Invalid
Status in linux source package in Precise:
  Fix Released
Status in linux-armadaxp source package in Precise:
  Fix Released
Status in linux-ec2 source package in Precise:
  Invalid
Status in linux-flo source package in Precise:
  Invalid
Status in linux-fsl-imx51 source package in Precise:
  Invalid
Status in linux-goldfish source package in Precise:
  Invalid
Status in linux-lts-backport-maverick source package in Precise:
  New
Status in linux-lts-backport-natty source package in Precise:
  New
Status in linux-lts-quantal source package in Precise:
  Fix Committed
Status in linux-lts-raring source package in Precise:
  Invalid
Status in linux-lts-saucy source package in Precise:
  Invalid
Status in linux-lts-trusty source package in Precise:
  Fix Released
Status in linux-lts-utopic source package in Precise:
  Invalid
Status in linux-mako source package in Precise:
  Invalid
Status in linux-manta source package in Precise:
  Invalid
Status in linux-mvl-dove source package in Precise:
  Invalid
Status in linux-ti-omap4 source package in Precise:
  Fix Committed
Status in linux source package in Trusty:
  Fix Released
Status in linux-armadaxp source package in Trusty:
  Invalid
Status in linux-ec2 source package in Trusty:
  Invalid
Status in linux-flo source package in Trusty:
  Invalid
Status in linux-fsl-imx51 source package in Trusty:
  Invalid
Status in linux-goldfish source package in Trusty:
  Invalid
Status in linux-lts-backport-maverick source package in Trusty:
  New
Status in linux-lts-backport-natty source package in Trusty:
  New
Status in linux-lts-quantal source package in Trusty:
  Invalid
Status in linux-lts-raring source package in Trusty:
  Invalid
Status in linux-lts-saucy source package in Trusty:
  Invalid
Status in linux-lts-trusty source package in Trusty:
  Invalid
Status in linux-lts-utopic source package in Trusty:
  Fix Released
Status in linux-mako source package in Trusty:
  Invalid
Status in linux-manta source package in Trusty:
  Invalid
Status in linux-mvl-dove source package in Trusty:
  Invalid
Status in linux-ti-omap4 source package in Trusty:
  Invalid
Status in linux source package in Utopic:
  Fix Released
Status in linux-armadaxp source package in Utopic:
  Invalid
Status in linux-ec2 source package in Utopic:
  Invalid
Status in linux-flo source package in Utopic:
  New
Status in linux-fsl-imx51 source package in Utopic:
  Invalid
Status in linux-goldfish source package in Utopic:
  New
Status in linux-lts-backport-maverick source package in Utopic:
  New
Status in linux-lts-backport-natty source package in Utopic:
  New
Status in linux-lts-quantal source package in Utopic:
  Invalid
Status in linux-lts-raring source package in Utopic:
  Invalid
Status in linux-lts-saucy source package in Utopic:
  Invalid
Status in linux-lts-trusty source package in Utopic:
  Invalid
Status in linux-lts-utopic source package in Utopic:
  Invalid
Status in linux-mako source package in Utopic:
  New
Status in linux-manta source package in Utopic:
  New
Status in linux-mvl-dove source package in Utopic:
  Invalid
Status in linux-ti-omap4 source package in Utopic:
  Invalid
Status in linux source package in Vivid:
  Invalid
Status in linux-armadaxp source package in Vivid:
  Invalid
Status in linux-ec2 source package in Vivid:
  Invalid
Status in linux-flo source package in Vivid:
  New
Status in linux-fsl-imx51 source package in Vivid:
  Invalid
Status in linux-goldfish source package in Vivid:
  New
Status in linux-lts-backport-maverick source package in Vivid:
  New
Status in linux-lts-backport-natty source package in Vivid:
  New
Status in linux-lts-quantal source package in Vivid:
  Invalid
Status in linux-lts-raring source package in Vivid:
  Invalid
Status in linux-lts-saucy source package in Vivid:
  Invalid
Status in linux-lts-trusty source package in Vivid:
  Invalid
Status in linux-lts-utopic source package in Vivid:
  Invalid
Status in linux-mako source package in Vivid:
  New
Status in linux-manta source package in Vivid:
  New
Status in linux-mvl-dove source package in Vivid:
  Invalid
Status in linux-ti-omap4 source package in Vivid:
  Invalid

Bug description:
  Linux 2.6.32 - 3.18 that runs KVM may enable a malicious guest process
  to crash the guest OS or launch a privilege escalation attack on the
  guest. The attack can be launched by tricking the hypervisor to
  emulate a SYSENTER instruction in 16-bit mode, if the guest OS does
  not initialize the SYSENTER MSRs. KVM does not check under these
  conditions that the selector IA32_SYSENTER_CS is not zero, and does
  not generate a #GP exception as real hardware does. Instead, it sets
  the guest instruction pointer to zero and changes the code privilege
  level (CPL) to zero (privileged). Note that the attack can only be
  issued under very certain conditions (see the details below). Windows
  and distro Linux guest OSes should be safe. The bug existed since the
  introduction of SYSENTER emulation (em_sysenter function on recent
  Linux releases), in commit 8c60435261deaefeb53ce3222d04d7d5bea81296 ,
  which is present in Linux 2.6.32 - 3.18.

  Break-Fix: - f3747379accba8e95d70cec0eae0582c8c182050

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1414651/+subscriptions


References