kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #139315
[Bug 1478826] Re: CVE-2015-5157
This bug was fixed in the package linux - 4.2.0-15.18
---------------
linux (4.2.0-15.18) wily; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1503692
[ Andy Whitcroft ]
* Revert "SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()"
Was incorrectly backported.
[ Ben Hutchings ]
* SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
- CVE-2015-7312
[ Tim Gardner ]
* [Debian] config-check and prepare using ${DEBIAN}/config/annotations
Makes the LTS update script work better.
linux (4.2.0-15.17) wily; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1503016
* rebase to v4.2.3
[ Andrew Donnellan ]
* SAUCE: cxl: fix leak of IRQ names in cxl_free_afu_irqs()
* SAUCE: cxl: fix leak of ctx->irq_bitmap when releasing context via
kernel API
* SAUCE: cxl: fix leak of ctx->mapping when releasing kernel API contexts
[ Ben Hutchings ]
* SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
- CVE-2015-7312
[ Dan Carpenter ]
* SAUCE: (noup) cxlflash: a couple off by one bugs
- LP: #1499849
[ John Johansen ]
* SAUCE: (no-up) apparmor: fix mount not handling disconnected paths
- LP: #1496430
[ Manoj Kumar ]
* SAUCE: (noup) cxlflash: Fix to avoid invalid port_sel value
- LP: #1499849
* SAUCE: (noup) cxlflash: Replace magic numbers with literals
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix read capacity timeout
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to double the delay each time
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to escalate to LINK_RESET on login timeout
- LP: #1499849
[ Matthew R. Ochs ]
* SAUCE: (noup) cxlflash: Fix potential oops following LUN removal
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix data corruption when vLUN used over
multiple cards
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid sizeof(bool)
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix context encode mask width
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid CXL services during EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct naming of limbo state and waitq
- LP: #1499849
* SAUCE: (noup) cxlflash: Make functions static
- LP: #1499849
* SAUCE: (noup) cxlflash: Refine host/device attributes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid spamming the kernel log
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid stall while waiting on TMF
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix location of setting resid
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix host link up event handling
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix async interrupt bypass logic
- LP: #1499849
* SAUCE: (noup) cxlflash: Remove dual port online dependency
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix AFU version access/storage and add check
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct usage of scsi_host_put()
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent workq from accessing freed
memory
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct behavior in device reset handler
following EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Remove unnecessary scsi_block_requests
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix function prolog parameters and return codes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix MMIO and endianness errors
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent EEH recovery failure
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct spelling, grammar, and alignment
mistakes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent stale AFU RRQ
- LP: #1499849
* SAUCE: (noup) MAINTAINERS: Add cxlflash driver
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid corrupting adapter fops
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct trace string
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid potential deadlock on EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid leaving dangling interrupt
resources
- LP: #1499849
[ Philippe Bergheaud ]
* SAUCE: cxl: Workaround malformed pcie packets on some cards
[ Tim Gardner ]
* [Config] CONFIG_CC_STACKPROTECTOR_STRONG=y
- LP: #1380025
* [Config] Add MMC modules sufficient for net booting
- LP: #1502772
[ Upstream Kernel Changes ]
* Initialize msg/shm IPC objects before doing ipc_addid()
* RDS: verify the underlying transport exists before creating a
connection
* cxl: abort cxl_pci_enable_device_hook() if PCI channel is offline
* cxl: Fix build failure due to -Wunused-variable behaviour change
* cxl: Fix lockdep warning while creating afu_err_buff attribute
* USB: whiteheat: fix potential null-deref at probe
- LP: #1478826
- CVE-2015-5257
* dcache: Handle escaped paths in prepend_path
- CVE-2015-2925
* vfs: Test for and handle paths that are unreachable from their mnt_root
- CVE-2015-2925
* hv_netvsc: Add support to set MTU reservation from guest side
- LP: #1494431
* hv_netvsc: Add close of RNDIS filter into change mtu call
- LP: #1494431
-- Tim Gardner <tim.gardner@xxxxxxxxxxxxx> Wed, 07 Oct 2015 07:28:10
-0600
** Changed in: linux (Ubuntu Wily)
Status: Invalid => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2925
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5257
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-7312
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1478826
Title:
CVE-2015-5157
Status in linux package in Ubuntu:
Fix Released
Status in linux-armadaxp package in Ubuntu:
Invalid
Status in linux-ec2 package in Ubuntu:
Invalid
Status in linux-flo package in Ubuntu:
New
Status in linux-fsl-imx51 package in Ubuntu:
Invalid
Status in linux-goldfish package in Ubuntu:
New
Status in linux-lts-backport-maverick package in Ubuntu:
New
Status in linux-lts-backport-natty package in Ubuntu:
New
Status in linux-lts-quantal package in Ubuntu:
Invalid
Status in linux-lts-raring package in Ubuntu:
Invalid
Status in linux-lts-saucy package in Ubuntu:
Invalid
Status in linux-lts-trusty package in Ubuntu:
Invalid
Status in linux-lts-utopic package in Ubuntu:
Invalid
Status in linux-lts-vivid package in Ubuntu:
Invalid
Status in linux-mako package in Ubuntu:
New
Status in linux-manta package in Ubuntu:
New
Status in linux-mvl-dove package in Ubuntu:
Invalid
Status in linux-ti-omap4 package in Ubuntu:
Invalid
Status in linux source package in Precise:
Fix Committed
Status in linux-armadaxp source package in Precise:
New
Status in linux-ec2 source package in Precise:
Invalid
Status in linux-flo source package in Precise:
Invalid
Status in linux-fsl-imx51 source package in Precise:
Invalid
Status in linux-goldfish source package in Precise:
Invalid
Status in linux-lts-backport-maverick source package in Precise:
New
Status in linux-lts-backport-natty source package in Precise:
New
Status in linux-lts-quantal source package in Precise:
Invalid
Status in linux-lts-raring source package in Precise:
Invalid
Status in linux-lts-saucy source package in Precise:
Invalid
Status in linux-lts-trusty source package in Precise:
Fix Released
Status in linux-lts-utopic source package in Precise:
Invalid
Status in linux-lts-vivid source package in Precise:
Invalid
Status in linux-mako source package in Precise:
Invalid
Status in linux-manta source package in Precise:
Invalid
Status in linux-mvl-dove source package in Precise:
Invalid
Status in linux-ti-omap4 source package in Precise:
New
Status in linux source package in Trusty:
Fix Released
Status in linux-armadaxp source package in Trusty:
Invalid
Status in linux-ec2 source package in Trusty:
Invalid
Status in linux-flo source package in Trusty:
Invalid
Status in linux-fsl-imx51 source package in Trusty:
Invalid
Status in linux-goldfish source package in Trusty:
Invalid
Status in linux-lts-backport-maverick source package in Trusty:
New
Status in linux-lts-backport-natty source package in Trusty:
New
Status in linux-lts-quantal source package in Trusty:
Invalid
Status in linux-lts-raring source package in Trusty:
Invalid
Status in linux-lts-saucy source package in Trusty:
Invalid
Status in linux-lts-trusty source package in Trusty:
Invalid
Status in linux-lts-utopic source package in Trusty:
Fix Released
Status in linux-lts-vivid source package in Trusty:
Fix Released
Status in linux-mako source package in Trusty:
Invalid
Status in linux-manta source package in Trusty:
Invalid
Status in linux-mvl-dove source package in Trusty:
Invalid
Status in linux-ti-omap4 source package in Trusty:
Invalid
Status in linux source package in Vivid:
Fix Released
Status in linux-armadaxp source package in Vivid:
Invalid
Status in linux-ec2 source package in Vivid:
Invalid
Status in linux-flo source package in Vivid:
New
Status in linux-fsl-imx51 source package in Vivid:
Invalid
Status in linux-goldfish source package in Vivid:
New
Status in linux-lts-backport-maverick source package in Vivid:
New
Status in linux-lts-backport-natty source package in Vivid:
New
Status in linux-lts-quantal source package in Vivid:
Invalid
Status in linux-lts-raring source package in Vivid:
Invalid
Status in linux-lts-saucy source package in Vivid:
Invalid
Status in linux-lts-trusty source package in Vivid:
Invalid
Status in linux-lts-utopic source package in Vivid:
Invalid
Status in linux-lts-vivid source package in Vivid:
Invalid
Status in linux-mako source package in Vivid:
New
Status in linux-manta source package in Vivid:
New
Status in linux-mvl-dove source package in Vivid:
Invalid
Status in linux-ti-omap4 source package in Vivid:
Invalid
Status in linux source package in Wily:
Fix Released
Status in linux-armadaxp source package in Wily:
Invalid
Status in linux-ec2 source package in Wily:
Invalid
Status in linux-flo source package in Wily:
New
Status in linux-fsl-imx51 source package in Wily:
Invalid
Status in linux-goldfish source package in Wily:
New
Status in linux-lts-backport-maverick source package in Wily:
New
Status in linux-lts-backport-natty source package in Wily:
New
Status in linux-lts-quantal source package in Wily:
Invalid
Status in linux-lts-raring source package in Wily:
Invalid
Status in linux-lts-saucy source package in Wily:
Invalid
Status in linux-lts-trusty source package in Wily:
Invalid
Status in linux-lts-utopic source package in Wily:
Invalid
Status in linux-lts-vivid source package in Wily:
Invalid
Status in linux-mako source package in Wily:
New
Status in linux-manta source package in Wily:
New
Status in linux-mvl-dove source package in Wily:
Invalid
Status in linux-ti-omap4 source package in Wily:
Invalid
Bug description:
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the
x86_64 platform mishandles IRET faults in processing NMIs that
occurred during userspace execution, which might allow local users to
gain privileges by triggering an NMI.
Break-Fix: - 9b6e6a8334d56354853f9c255d1395c2ba570e0a
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1478826/+subscriptions
References
