kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #152018
[Bug 1508856] Re: CVE-2015-7872
This bug was fixed in the package linux-lts-wily - 4.2.0-21.25~14.04.1
---------------
linux-lts-wily (4.2.0-21.25~14.04.1) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1522374
[ Upstream Kernel Changes ]
* staging/dgnc: fix info leak in ioctl
- LP: #1509565
- CVE-2015-7885
* [media] media/vivid-osd: fix info leak in ioctl
- LP: #1509564
- CVE-2015-7884
* KEYS: Fix race between key destruction and finding a keyring by name
- LP: #1508856
- CVE-2015-7872
* KEYS: Fix crash when attempt to garbage collect an uninstantiated
keyring
- LP: #1508856
- CVE-2015-7872
* KEYS: Don't permit request_key() to construct a new keyring
- LP: #1508856
- CVE-2015-7872
* isdn_ppp: Add checks for allocation failure in isdn_ppp_open()
- LP: #1508329
- CVE-2015-7799
* ppp, slip: Validate VJ compression slot parameters completely
- LP: #1508329
- CVE-2015-7799
linux (4.2.0-20.24) wily; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #1521753
[ Andy Whitcroft ]
* [Tests] gcc-multilib does not exist on ppc64el
- LP: #1515541
[ Joseph Salisbury ]
* SAUCE: scsi_sysfs: protect against double execution of
__scsi_remove_device()
- LP: #1509029
[ Manoj Kumar ]
* SAUCE: (noup) cxlflash: Fix to escalate LINK_RESET also on port 1
- LP: #1513583
[ Matthew R. Ochs ]
* SAUCE: (noup) cxlflash: Fix to avoid virtual LUN failover failure
- LP: #1513583
[ Oren Givon ]
* SAUCE: (noup) iwlwifi: Add new PCI IDs for the 8260 series
- LP: #1517375
[ Seth Forshee ]
* [Config] CONFIG_DRM_AMDGPU_CIK=n
- LP: #1510405
[ Upstream Kernel Changes ]
* net/mlx5e: Disable VLAN filter in promiscuous mode
- LP: #1514861
* drivers: net: xgene: fix RGMII 10/100Mb mode
- LP: #1433290
* HID: rmi: Disable scanning if the device is not a wake source
- LP: #1515503
* HID: rmi: Set F01 interrupt enable register when not set
- LP: #1515503
* net/mlx5e: Ethtool link speed setting fixes
- LP: #1517919
* scsi_scan: don't dump trace when scsi_prep_async_scan() is called twice
- LP: #1517942
* x86/ioapic: Disable interrupts when re-routing legacy IRQs
- LP: #1508593
* xhci: Workaround to get Intel xHCI reset working more reliably
* megaraid_sas: Do not use PAGE_SIZE for max_sectors
- LP: #1475166
* net: usb: cdc_ether: add Dell DW5580 as a mobile broadband adapter
- LP: #1513847
* KVM: svm: unconditionally intercept #DB
- LP: #1520184
- CVE-2015-8104
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Thu, 03 Dec 2015
11:41:35 +0000
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1508856
Title:
CVE-2015-7872
Status in linux package in Ubuntu:
Fix Committed
Status in linux-armadaxp package in Ubuntu:
Invalid
Status in linux-ec2 package in Ubuntu:
Invalid
Status in linux-flo package in Ubuntu:
New
Status in linux-fsl-imx51 package in Ubuntu:
Invalid
Status in linux-goldfish package in Ubuntu:
New
Status in linux-lts-backport-maverick package in Ubuntu:
New
Status in linux-lts-backport-natty package in Ubuntu:
New
Status in linux-lts-quantal package in Ubuntu:
Invalid
Status in linux-lts-raring package in Ubuntu:
Invalid
Status in linux-lts-saucy package in Ubuntu:
Invalid
Status in linux-lts-trusty package in Ubuntu:
Invalid
Status in linux-lts-utopic package in Ubuntu:
Invalid
Status in linux-lts-vivid package in Ubuntu:
Invalid
Status in linux-lts-wily package in Ubuntu:
Invalid
Status in linux-mako package in Ubuntu:
New
Status in linux-manta package in Ubuntu:
New
Status in linux-mvl-dove package in Ubuntu:
Invalid
Status in linux-raspi2 package in Ubuntu:
Fix Committed
Status in linux-ti-omap4 package in Ubuntu:
Invalid
Status in linux source package in Precise:
Fix Released
Status in linux-armadaxp source package in Precise:
New
Status in linux-ec2 source package in Precise:
Invalid
Status in linux-flo source package in Precise:
Invalid
Status in linux-fsl-imx51 source package in Precise:
Invalid
Status in linux-goldfish source package in Precise:
Invalid
Status in linux-lts-backport-maverick source package in Precise:
New
Status in linux-lts-backport-natty source package in Precise:
New
Status in linux-lts-quantal source package in Precise:
Invalid
Status in linux-lts-raring source package in Precise:
Invalid
Status in linux-lts-saucy source package in Precise:
Invalid
Status in linux-lts-trusty source package in Precise:
Fix Released
Status in linux-lts-utopic source package in Precise:
Invalid
Status in linux-lts-vivid source package in Precise:
Invalid
Status in linux-lts-wily source package in Precise:
Invalid
Status in linux-mako source package in Precise:
Invalid
Status in linux-manta source package in Precise:
Invalid
Status in linux-mvl-dove source package in Precise:
Invalid
Status in linux-raspi2 source package in Precise:
Invalid
Status in linux-ti-omap4 source package in Precise:
Fix Committed
Status in linux source package in Trusty:
Fix Released
Status in linux-armadaxp source package in Trusty:
Invalid
Status in linux-ec2 source package in Trusty:
Invalid
Status in linux-flo source package in Trusty:
Invalid
Status in linux-fsl-imx51 source package in Trusty:
Invalid
Status in linux-goldfish source package in Trusty:
Invalid
Status in linux-lts-backport-maverick source package in Trusty:
New
Status in linux-lts-backport-natty source package in Trusty:
New
Status in linux-lts-quantal source package in Trusty:
Invalid
Status in linux-lts-raring source package in Trusty:
Invalid
Status in linux-lts-saucy source package in Trusty:
Invalid
Status in linux-lts-trusty source package in Trusty:
Invalid
Status in linux-lts-utopic source package in Trusty:
Fix Released
Status in linux-lts-vivid source package in Trusty:
Fix Released
Status in linux-lts-wily source package in Trusty:
Fix Released
Status in linux-mako source package in Trusty:
Invalid
Status in linux-manta source package in Trusty:
Invalid
Status in linux-mvl-dove source package in Trusty:
Invalid
Status in linux-raspi2 source package in Trusty:
Invalid
Status in linux-ti-omap4 source package in Trusty:
Invalid
Status in linux source package in Vivid:
Fix Released
Status in linux-armadaxp source package in Vivid:
Invalid
Status in linux-ec2 source package in Vivid:
Invalid
Status in linux-flo source package in Vivid:
New
Status in linux-fsl-imx51 source package in Vivid:
Invalid
Status in linux-goldfish source package in Vivid:
New
Status in linux-lts-backport-maverick source package in Vivid:
New
Status in linux-lts-backport-natty source package in Vivid:
New
Status in linux-lts-quantal source package in Vivid:
Invalid
Status in linux-lts-raring source package in Vivid:
Invalid
Status in linux-lts-saucy source package in Vivid:
Invalid
Status in linux-lts-trusty source package in Vivid:
Invalid
Status in linux-lts-utopic source package in Vivid:
Invalid
Status in linux-lts-vivid source package in Vivid:
Invalid
Status in linux-lts-wily source package in Vivid:
Invalid
Status in linux-mako source package in Vivid:
New
Status in linux-manta source package in Vivid:
New
Status in linux-mvl-dove source package in Vivid:
Invalid
Status in linux-raspi2 source package in Vivid:
Invalid
Status in linux-ti-omap4 source package in Vivid:
Invalid
Status in linux source package in Wily:
Fix Released
Status in linux-armadaxp source package in Wily:
Invalid
Status in linux-ec2 source package in Wily:
Invalid
Status in linux-flo source package in Wily:
New
Status in linux-fsl-imx51 source package in Wily:
Invalid
Status in linux-goldfish source package in Wily:
New
Status in linux-lts-backport-maverick source package in Wily:
New
Status in linux-lts-backport-natty source package in Wily:
New
Status in linux-lts-quantal source package in Wily:
Invalid
Status in linux-lts-raring source package in Wily:
Invalid
Status in linux-lts-saucy source package in Wily:
Invalid
Status in linux-lts-trusty source package in Wily:
Invalid
Status in linux-lts-utopic source package in Wily:
Invalid
Status in linux-lts-vivid source package in Wily:
Invalid
Status in linux-lts-wily source package in Wily:
Invalid
Status in linux-mako source package in Wily:
New
Status in linux-manta source package in Wily:
New
Status in linux-mvl-dove source package in Wily:
Invalid
Status in linux-raspi2 source package in Wily:
Fix Released
Status in linux-ti-omap4 source package in Wily:
Invalid
Status in linux source package in Xenial:
Fix Committed
Status in linux-armadaxp source package in Xenial:
Invalid
Status in linux-ec2 source package in Xenial:
Invalid
Status in linux-flo source package in Xenial:
New
Status in linux-fsl-imx51 source package in Xenial:
Invalid
Status in linux-goldfish source package in Xenial:
New
Status in linux-lts-backport-maverick source package in Xenial:
New
Status in linux-lts-backport-natty source package in Xenial:
New
Status in linux-lts-quantal source package in Xenial:
Invalid
Status in linux-lts-raring source package in Xenial:
Invalid
Status in linux-lts-saucy source package in Xenial:
Invalid
Status in linux-lts-trusty source package in Xenial:
Invalid
Status in linux-lts-utopic source package in Xenial:
Invalid
Status in linux-lts-vivid source package in Xenial:
Invalid
Status in linux-lts-wily source package in Xenial:
Invalid
Status in linux-mako source package in Xenial:
New
Status in linux-manta source package in Xenial:
New
Status in linux-mvl-dove source package in Xenial:
Invalid
Status in linux-raspi2 source package in Xenial:
Fix Committed
Status in linux-ti-omap4 source package in Xenial:
Invalid
Bug description:
The key_gc_unused_keys function in security/keys/gc.c in the Linux
kernel through 4.2.6 allows local users to cause a denial of service
(OOPS) via crafted keyctl commands.
Break-Fix: - f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1508856/+subscriptions
References