kernel-packages team mailing list archive

Thread
Date
[Bug 1527374] Re: CVE-2015-8709

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1527374@xxxxxxxxxxxxxxxxxx>
Date: Tue, 19 Jan 2016 15:21:14 -0000
Reply-to: Bug 1527374 <1527374@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux - 4.3.0-6.17

---------------
linux (4.3.0-6.17) xenial; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1532958

  [ Eric Dumazet ]

  * SAUCE: (noup) net: fix IP early demux races
    - LP: #1526946

  [ Guilherme G. Piccoli ]

  * SAUCE: powerpc/eeh: Validate arch in eeh_add_device_early()
    - LP: #1486180

  [ Hui Wang ]

  * [Config] CONFIG_I2C_DESIGNWARE_BAYTRAIL=y, CONFIG_IOSF_MBI=y
    - LP: #1527096

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

  [ Serge Hallyn ]

  * SAUCE: add a sysctl to disable unprivileged user namespace unsharing

  [ Tim Gardner ]

  * [Config] CONFIG_ZONE_DEVICE=y for amd64
  * [Config] CONFIG_VIRTIO_BLK=y, CONFIG_VIRTIO_NET=y for s390
    - LP: #1532886

  [ Upstream Kernel Changes ]

  * rhashtable: Fix walker list corruption
    - LP: #1526811
  * rhashtable: Kill harmless RCU warning in rhashtable_walk_init
    - LP: #1526811
  * ovl: fix permission checking for setattr
    - LP: #1528904
    - CVE-2015-8660

 -- Tim Gardner <tim.gardner@xxxxxxxxxxxxx>  Thu, 17 Dec 2015 05:34:47
-0700

** Changed in: linux (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8660

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1527374

Title:
  CVE-2015-8709

Status in linux package in Ubuntu:
  Fix Released
Status in linux-armadaxp package in Ubuntu:
  Confirmed
Status in linux-flo package in Ubuntu:
  Confirmed
Status in linux-goldfish package in Ubuntu:
  Confirmed
Status in linux-lts-quantal package in Ubuntu:
  Confirmed
Status in linux-lts-raring package in Ubuntu:
  Confirmed
Status in linux-lts-saucy package in Ubuntu:
  Confirmed
Status in linux-lts-trusty package in Ubuntu:
  Confirmed
Status in linux-lts-utopic package in Ubuntu:
  Fix Released
Status in linux-lts-vivid package in Ubuntu:
  Fix Released
Status in linux-lts-wily package in Ubuntu:
  Fix Released
Status in linux-mako package in Ubuntu:
  Confirmed
Status in linux-manta package in Ubuntu:
  Confirmed
Status in linux-raspi2 package in Ubuntu:
  Fix Released
Status in linux-ti-omap4 package in Ubuntu:
  Confirmed
Status in lxc package in Ubuntu:
  Confirmed
Status in linux source package in Precise:
  Invalid
Status in linux-lts-trusty source package in Precise:
  Fix Released
Status in linux source package in Trusty:
  Fix Released
Status in linux source package in Vivid:
  Fix Released
Status in linux source package in Wily:
  Fix Released
Status in linux source package in Xenial:
  Fix Released

Bug description:
  A kernel bug in user namespaces allows root in a container to ptrace
  host-root-owned tasks during a window of opportunity during lxc-attach
  / 'lxc exec', before they drop privilege by doing setuid to the
  container root uid.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions