← Back to team overview

kernel-packages team mailing list archive

[Bug 1530956] Re: CVE-2015-7513

 

This bug was fixed in the package linux - 3.2.0-98.138

---------------
linux (3.2.0-98.138) precise; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1532774

  [ Upstream Kernel Changes ]

  * Revert "xhci: don't finish a TD if we get a short transfer event mid
    TD"
    - LP: #1529077
  * PCI: Fix devfn for VPD access through function 0
    - LP: #1524292
  * PCI: Use function 0 VPD for identical functions, regular VPD for others
    - LP: #1524292
  * mac80211: fix driver RSSI event calculations
    - LP: #1524292
  * HID: core: Avoid uninitialized buffer access
    - LP: #1524292
  * wm831x_power: Use IRQF_ONESHOT to request threaded IRQs
    - LP: #1524292
  * mwifiex: fix mwifiex_rdeeprom_read()
    - LP: #1524292
  * mtd: mtdpart: fix add_mtd_partitions error path
    - LP: #1524292
  * devres: fix a for loop bounds check
    - LP: #1524292
  * packet: fix match_fanout_group()
    - LP: #1524292
  * Btrfs: added helper btrfs_next_item()
    - LP: #1524292
  * Btrfs: fix file corruption and data loss after cloning inline extents
    - LP: #1524292
  * iommu/vt-d: Fix ATSR handling for Root-Complex integrated endpoints
    - LP: #1524292
  * ARM: pxa: remove incorrect __init annotation on pxa27x_set_pwrmode
    - LP: #1524292
  * Btrfs: don't use ram_bytes for uncompressed inline items
    - LP: #1524292
  * Btrfs: fix truncation of compressed and inlined extents
    - LP: #1524292
  * ext4, jbd2: ensure entering into panic after recording an error in
    superblock
    - LP: #1524292
  * Bluetooth: ath3k: Add new AR3012 0930:021c id
    - LP: #1502781, #1524292
  * Bluetooth: ath3k: Add support of AR3012 0cf3:817b device
    - LP: #1506615, #1524292
  * staging: rtl8712: Add device ID for Sitecom WLA2100
    - LP: #1524292
  * ACPI: Use correct IRQ when uninstalling ACPI interrupt handler
    - LP: #1524292
  * MIPS: atomic: Fix comment describing atomic64_add_unless's return
    value.
    - LP: #1524292
  * ALSA: hda - Disable 64bit address for Creative HDA controllers
    - LP: #1524292
  * megaraid_sas: Do not use PAGE_SIZE for max_sectors
    - LP: #1524292
  * can: Use correct type in sizeof() in nla_put()
    - LP: #1524292
  * mtd: blkdevs: fix potential deadlock + lockdep warnings
    - LP: #1524292
  * crypto: algif_hash - Only export and import on sockets with data
    - LP: #1524292
  * megaraid_sas : SMAP restriction--do not access user memory from IOCTL
    code
    - LP: #1524292
  * recordmcount: Fix endianness handling bug for nop_mcount
    - LP: #1524292
  * ipv6: fix tunnel error handling
    - LP: #1524292
  * ALSA: hda - Apply pin fixup for HP ProBook 6550b
    - LP: #1524292
  * firewire: ohci: fix JMicron JMB38x IT context discovery
    - LP: #1524292
  * scsi: restart list search after unlock in scsi_remove_target
    - LP: #1524292
  * x86/cpu: Call verify_cpu() after having entered long mode too
    - LP: #1524292
  * Btrfs: fix race leading to incorrect item deletion when dropping
    extents
    - LP: #1524292
  * Btrfs: fix race leading to BUG_ON when running delalloc for nodatacow
    - LP: #1524292
  * perf: Fix inherited events vs. tracepoint filters
    - LP: #1524292
  * scsi_sysfs: Fix queue_ramp_up_period return code
    - LP: #1524292
  * Btrfs: fix race when listing an inode's xattrs
    - LP: #1524292
  * net: fix a race in dst_release()
    - LP: #1524292
  * FS-Cache: Increase reference of parent after registering, netfs success
    - LP: #1524292
  * FS-Cache: Don't override netfs's primary_index if registering failed
    - LP: #1524292
  * FS-Cache: Handle a write to the page immediately beyond the EOF marker
    - LP: #1524292
  * binfmt_elf: Don't clobber passed executable's file header
    - LP: #1524292
  * fs: make dumpable=2 require fully qualified path
    - LP: #1524292
    - CVE-2006-2451, allowing local users to gain root privileges.
  * fs: if a coredump already exists, unlink and recreate with O_EXCL
    - LP: #1524292
  * irda: precedence bug in irlmp_seq_hb_idx()
    - LP: #1524292
  * RDS-TCP: Recover correctly from pskb_pull()/pksb_trim() failure in
    rds_tcp_data_recv
    - LP: #1524292
  * ipmr: fix possible race resulting from improper usage of
    IP_INC_STATS_BH() in preemptible context.
    - LP: #1524292
  * net: avoid NULL deref in inet_ctl_sock_destroy()
    - LP: #1524292
  * splice: sendfile() at once fails for big files
    - LP: #1524292
  * Linux 3.2.74
    - LP: #1524292
  * fuse: break infinite loop in fuse_fill_write_pages()
    - LP: #1530842
  * sctp: translate host order to network order when setting a hmacid
    - LP: #1530842
  * ALSA: usb-audio: add packet size quirk for the Medeli DD305
    - LP: #1530842
  * ALSA: usb-audio: prevent CH345 multiport output SysEx corruption
    - LP: #1530842
  * ALSA: usb-audio: work around CH345 input SysEx corruption
    - LP: #1530842
  * USB: serial: option: add support for Novatel MiFi USB620L
    - LP: #1530842
  * USB: serial: ti_usb_3410_5052: add Abbott strip port ID to combined
    table as well.
    - LP: #1530842
  * USB: ti_usb_3410_502: Fix ID table size
    - LP: #1530842
  * USB: ti_usb_3410_5052: Add Honeywell HGI80 ID
    - LP: #1530842
  * usb: musb: core: fix order of arguments to ulpi write callback
    - LP: #1530842
  * ASoC: wm8962: correct addresses for HPF_C_0/1
    - LP: #1530842
  * net: fix __netdev_update_features return on ndo_set_features failure
    - LP: #1530842
  * FS-Cache: Add missing initialization of ret in cachefiles_write_page()
    - LP: #1530842
  * mac80211: mesh: fix call_rcu() usage
    - LP: #1530842
  * macvlan: fix leak in macvlan_handle_frame
    - LP: #1530842
  * xhci: Add XHCI_INTEL_HOST quirk
    - LP: #1530842
  * xhci: Workaround to get Intel xHCI reset working more reliably
    - LP: #1530842
  * USB: option: add XS Stick W100-2 from 4G Systems
    - LP: #1530842
  * usblp: do not set TASK_INTERRUPTIBLE before lock
    - LP: #1530842
  * mac: validate mac_partition is within sector
    - LP: #1530842
  * ip6mr: call del_timer_sync() in ip6mr_free_table()
    - LP: #1530842
  * net: ip6mr: fix static mfc/dev leaks on table destruction
    - LP: #1530842
  * can: sja1000: clear interrupts on start
    - LP: #1530842
  * USB: cp210x: Remove CP2110 ID from compatibility list
    - LP: #1530842
  * USB: cdc-acm - Add IGNORE_DEVICE quirk
    - LP: #1530842
  * USB: cdc_acm: Ignore Infineon Flash Loader utility
    - LP: #1530842
  * unix: avoid use-after-free in ep_remove_wait_queue
    - LP: #1530842
  * fix sysvfs symlinks
    - LP: #1530842
  * vfs: Make sendfile(2) killable even better
    - LP: #1530842
  * vfs: Avoid softlockups with sendfile(2)
    - LP: #1530842
  * broadcom: fix PHY_ID_BCM5481 entry in the id table
    - LP: #1530842
  * ring-buffer: Update read stamp with first real commit on page
    - LP: #1530842
  * ext4: Fix handling of extended tv_sec
    - LP: #1530842
  * jbd2: Fix unreclaimed pages after truncate in data=journal mode
    - LP: #1530842
  * RDS: fix race condition when sending a message on unbound socket
    - LP: #1530842
  * nfs: if we have no valid attrs, then don't declare the attribute cache
    valid
    - LP: #1530842
  * drm/ttm: Fixed a read/write lock imbalance
    - LP: #1530842
  * AHCI: Fix softreset failed issue of Port Multiplier
    - LP: #1530842
  * sata_sil: disable trim
    - LP: #1530842
  * wan/x25: Fix use-after-free in x25_asy_open_tty()
    - LP: #1530842
  * USB: whci-hcd: add check for dma mapping error
    - LP: #1530842
  * usb: Use the USB_SS_MULT() macro to decode burst multiplier for log
    message
    - LP: #1530842
  * dm btree: fix leak of bufio-backed block in btree_split_sibling error
    path
    - LP: #1530842
  * ipv4: igmp: Allow removing groups from a removed interface
    - LP: #1530842
  * locking: Add WARN_ON_ONCE lock assertion
    - LP: #1530842
  * drm: Fix an unwanted master inheritance v2
    - LP: #1530842
  * sched/core: Remove false-positive warning from wake_up_process()
    - LP: #1530842
  * sched/core: Clear the root_domain cpumasks in init_rootdomain()
    - LP: #1530842
  * usb: xhci: fix config fail of FS hub behind a HS hub with MTT
    - LP: #1530842
  * ALSA: rme96: Fix unexpected volume reset after rate changes
    - LP: #1530842
  * 9p: ->evict_inode() should kick out ->i_data, not ->i_mapping
    - LP: #1530842
  * ipmi: move timer init to before irq is setup
    - LP: #1530842
  * dm btree: fix bufio buffer leaks in dm_btree_del() error path
    - LP: #1530842
  * vgaarb: fix signal handling in vga_get()
    - LP: #1530842
  * parisc iommu: fix panic due to trying to allocate too large region
    - LP: #1530842
  * mm, vmstat: allow WQ concurrency to discover memory reclaim doesn't
    make any progress
    - LP: #1530842
  * mm: hugetlb: call huge_pte_alloc() only if ptep is null
    - LP: #1530842
  * sh64: fix __NR_fgetxattr
    - LP: #1530842
  * snmp: Remove duplicate OUTMCAST stat increment
    - LP: #1530842
  * tcp: initialize tp->copied_seq in case of cross SYN connection
    - LP: #1530842
  * net, scm: fix PaX detected msg_controllen overflow in scm_detach_fds
    - LP: #1530842
  * net: ipmr: fix static mfc/dev leaks on table destruction
    - LP: #1530842
  * ipv6: distinguish frag queues by device for multicast and link-local
    packets
    - LP: #1530842
  * dccp: remove unnecessary codes in ipv6.c
    - LP: #1530842
  * ipv6: add complete rcu protection around np->opt
    - LP: #1530842
  * ipv6: sctp: implement sctp_v6_destroy_sock()
    - LP: #1530842
  * atl1c: Improve driver not to do order 4 GFP_ATOMIC allocation
    - LP: #1530842
  * sctp: update the netstamp_needed counter when copying sockets
    - LP: #1530842
  * ipv6: sctp: clone options to avoid use after free
    - LP: #1530842
  * net: add validation for the socket syscall protocol argument
    - LP: #1530842
  * sh_eth: fix kernel oops in skb_put()
    - LP: #1530842
  * pptp: verify sockaddr_len in pptp_bind() and pptp_connect()
    - LP: #1530842
  * bluetooth: Validate socket address length in sco_sock_bind().
    - LP: #1530842
  * af_unix: Revert 'lock_interruptible' in stream receive code
    - LP: #1530842
  * af_unix: fix a fatal race with bit fields
    - LP: #1530842
  * isdn_ppp: Add checks for allocation failure in isdn_ppp_open()
    - LP: #1530842
  * ppp, slip: Validate VJ compression slot parameters completely
    - LP: #1530842
  * Linux 3.2.75
    - LP: #1530842
  * KVM: x86: Reload pit counters for all channels when restoring state
    - LP: #1530956
    - CVE-2015-7513

 -- Luis Henriques <luis.henriques@xxxxxxxxxxxxx>  Mon, 11 Jan 2016
11:54:41 +0000

** Changed in: linux (Ubuntu Precise)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2006-2451

** Changed in: linux-armadaxp (Ubuntu Precise)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8550

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8551

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8552

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8553

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1530956

Title:
  CVE-2015-7513

Status in linux package in Ubuntu:
  Fix Committed
Status in linux-armadaxp package in Ubuntu:
  Invalid
Status in linux-ec2 package in Ubuntu:
  New
Status in linux-flo package in Ubuntu:
  New
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-goldfish package in Ubuntu:
  New
Status in linux-lts-backport-maverick package in Ubuntu:
  New
Status in linux-lts-backport-natty package in Ubuntu:
  New
Status in linux-lts-quantal package in Ubuntu:
  Invalid
Status in linux-lts-raring package in Ubuntu:
  Invalid
Status in linux-lts-saucy package in Ubuntu:
  Invalid
Status in linux-lts-trusty package in Ubuntu:
  Invalid
Status in linux-lts-utopic package in Ubuntu:
  Invalid
Status in linux-lts-vivid package in Ubuntu:
  Invalid
Status in linux-lts-wily package in Ubuntu:
  Invalid
Status in linux-mako package in Ubuntu:
  New
Status in linux-manta package in Ubuntu:
  New
Status in linux-mvl-dove package in Ubuntu:
  New
Status in linux-raspi2 package in Ubuntu:
  New
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Precise:
  Fix Released
Status in linux-armadaxp source package in Precise:
  Fix Released
Status in linux-ec2 source package in Precise:
  New
Status in linux-flo source package in Precise:
  Invalid
Status in linux-fsl-imx51 source package in Precise:
  Invalid
Status in linux-goldfish source package in Precise:
  Invalid
Status in linux-lts-backport-maverick source package in Precise:
  New
Status in linux-lts-backport-natty source package in Precise:
  New
Status in linux-lts-quantal source package in Precise:
  Invalid
Status in linux-lts-raring source package in Precise:
  Invalid
Status in linux-lts-saucy source package in Precise:
  Invalid
Status in linux-lts-trusty source package in Precise:
  Fix Released
Status in linux-lts-utopic source package in Precise:
  Invalid
Status in linux-lts-vivid source package in Precise:
  Invalid
Status in linux-lts-wily source package in Precise:
  Invalid
Status in linux-mako source package in Precise:
  Invalid
Status in linux-manta source package in Precise:
  Invalid
Status in linux-mvl-dove source package in Precise:
  New
Status in linux-raspi2 source package in Precise:
  Invalid
Status in linux-ti-omap4 source package in Precise:
  Fix Committed
Status in linux source package in Trusty:
  Fix Committed
Status in linux-armadaxp source package in Trusty:
  Invalid
Status in linux-ec2 source package in Trusty:
  New
Status in linux-flo source package in Trusty:
  Invalid
Status in linux-fsl-imx51 source package in Trusty:
  Invalid
Status in linux-goldfish source package in Trusty:
  Invalid
Status in linux-lts-backport-maverick source package in Trusty:
  New
Status in linux-lts-backport-natty source package in Trusty:
  New
Status in linux-lts-quantal source package in Trusty:
  Invalid
Status in linux-lts-raring source package in Trusty:
  Invalid
Status in linux-lts-saucy source package in Trusty:
  Invalid
Status in linux-lts-trusty source package in Trusty:
  Invalid
Status in linux-lts-utopic source package in Trusty:
  Fix Committed
Status in linux-lts-vivid source package in Trusty:
  Fix Committed
Status in linux-lts-wily source package in Trusty:
  Fix Committed
Status in linux-mako source package in Trusty:
  Invalid
Status in linux-manta source package in Trusty:
  Invalid
Status in linux-mvl-dove source package in Trusty:
  New
Status in linux-raspi2 source package in Trusty:
  Invalid
Status in linux-ti-omap4 source package in Trusty:
  Invalid
Status in linux source package in Vivid:
  Fix Committed
Status in linux-armadaxp source package in Vivid:
  Invalid
Status in linux-ec2 source package in Vivid:
  New
Status in linux-flo source package in Vivid:
  New
Status in linux-fsl-imx51 source package in Vivid:
  Invalid
Status in linux-goldfish source package in Vivid:
  New
Status in linux-lts-backport-maverick source package in Vivid:
  New
Status in linux-lts-backport-natty source package in Vivid:
  New
Status in linux-lts-quantal source package in Vivid:
  Invalid
Status in linux-lts-raring source package in Vivid:
  Invalid
Status in linux-lts-saucy source package in Vivid:
  Invalid
Status in linux-lts-trusty source package in Vivid:
  Invalid
Status in linux-lts-utopic source package in Vivid:
  Invalid
Status in linux-lts-vivid source package in Vivid:
  Invalid
Status in linux-lts-wily source package in Vivid:
  Invalid
Status in linux-mako source package in Vivid:
  New
Status in linux-manta source package in Vivid:
  New
Status in linux-mvl-dove source package in Vivid:
  New
Status in linux-raspi2 source package in Vivid:
  Invalid
Status in linux-ti-omap4 source package in Vivid:
  Invalid
Status in linux source package in Wily:
  Fix Committed
Status in linux-armadaxp source package in Wily:
  Invalid
Status in linux-ec2 source package in Wily:
  New
Status in linux-flo source package in Wily:
  New
Status in linux-fsl-imx51 source package in Wily:
  Invalid
Status in linux-goldfish source package in Wily:
  New
Status in linux-lts-backport-maverick source package in Wily:
  New
Status in linux-lts-backport-natty source package in Wily:
  New
Status in linux-lts-quantal source package in Wily:
  Invalid
Status in linux-lts-raring source package in Wily:
  Invalid
Status in linux-lts-saucy source package in Wily:
  Invalid
Status in linux-lts-trusty source package in Wily:
  Invalid
Status in linux-lts-utopic source package in Wily:
  Invalid
Status in linux-lts-vivid source package in Wily:
  Invalid
Status in linux-lts-wily source package in Wily:
  Invalid
Status in linux-mako source package in Wily:
  New
Status in linux-manta source package in Wily:
  New
Status in linux-mvl-dove source package in Wily:
  New
Status in linux-raspi2 source package in Wily:
  Fix Committed
Status in linux-ti-omap4 source package in Wily:
  Invalid
Status in linux source package in Xenial:
  Fix Committed
Status in linux-armadaxp source package in Xenial:
  Invalid
Status in linux-ec2 source package in Xenial:
  New
Status in linux-flo source package in Xenial:
  New
Status in linux-fsl-imx51 source package in Xenial:
  Invalid
Status in linux-goldfish source package in Xenial:
  New
Status in linux-lts-backport-maverick source package in Xenial:
  New
Status in linux-lts-backport-natty source package in Xenial:
  New
Status in linux-lts-quantal source package in Xenial:
  Invalid
Status in linux-lts-raring source package in Xenial:
  Invalid
Status in linux-lts-saucy source package in Xenial:
  Invalid
Status in linux-lts-trusty source package in Xenial:
  Invalid
Status in linux-lts-utopic source package in Xenial:
  Invalid
Status in linux-lts-vivid source package in Xenial:
  Invalid
Status in linux-lts-wily source package in Xenial:
  Invalid
Status in linux-mako source package in Xenial:
  New
Status in linux-manta source package in Xenial:
  New
Status in linux-mvl-dove source package in Xenial:
  New
Status in linux-raspi2 source package in Xenial:
  New
Status in linux-ti-omap4 source package in Xenial:
  Invalid

Bug description:
  Reload pit counters for all channels when restoring state

  Break-Fix: - 0185604c2d82c560dab2f2933a18f797e74ab5a8

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1530956/+subscriptions


References