← Back to team overview

kernel-packages team mailing list archive

[Bug 1561403] Re: CVE-2016-2117

 

This bug was fixed in the package linux-raspi2 - 4.4.0-1011.14

---------------
linux-raspi2 (4.4.0-1011.14) xenial; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1582847
  * Rebase against Ubuntu-4.4.0-23.41

  * zfs: disable module checks for zfs when cross-compiling (LP: #1581127)
    - [Packaging] disable zfs module checks when cross-compiling

  * Xenial update to v4.4.10 stable release (LP: #1580754)
    - Revert "UBUNTU: SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for
      recursive method calls"
    - Revert "UBUNTU: SAUCE: nbd: ratelimit error msgs after socket close"
    - Revert: "powerpc/tm: Check for already reclaimed tasks"
    - RDMA/iw_cxgb4: Fix bar2 virt addr calculation for T4 chips
    - ipvs: handle ip_vs_fill_iph_skb_off failure
    - ipvs: correct initial offset of Call-ID header search in SIP persistence
      engine
    - ipvs: drop first packet to redirect conntrack
    - mfd: intel-lpss: Remove clock tree on error path
    - nbd: ratelimit error msgs after socket close
    - ata: ahci_xgene: dereferencing uninitialized pointer in probe
    - mwifiex: fix corner case association failure
    - CNS3xxx: Fix PCI cns3xxx_write_config()
    - clk-divider: make sure read-only dividers do not write to their register
    - soc: rockchip: power-domain: fix err handle while probing
    - clk: rockchip: free memory in error cases when registering clock branches
    - clk: meson: Fix meson_clk_register_clks() signature type mismatch
    - clk: qcom: msm8960: fix ce3_core clk enable register
    - clk: versatile: sp810: support reentrance
    - clk: qcom: msm8960: Fix ce3_src register offset
    - lpfc: fix misleading indentation
    - ath9k: ar5008_hw_cmn_spur_mitigate: add missing mask_m & mask_p
      initialisation
    - mac80211: fix statistics leak if dev_alloc_name() fails
    - tracing: Don't display trigger file for events that can't be enabled
    - MD: make bio mergeable
    - Minimal fix-up of bad hashing behavior of hash_64()
    - mm, cma: prevent nr_isolated_* counters from going negative
    - mm/zswap: provide unique zpool name
    - ARM: EXYNOS: Properly skip unitialized parent clock in power domain on
    - ARM: SoCFPGA: Fix secondary CPU startup in thumb2 kernel
    - xen: Fix page <-> pfn conversion on 32 bit systems
    - xen/balloon: Fix crash when ballooning on x86 32 bit PAE
    - xen/evtchn: fix ring resize when binding new events
    - HID: wacom: Add support for DTK-1651
    - HID: Fix boot delay for Creative SB Omni Surround 5.1 with quirk
    - Input: zforce_ts - fix dual touch recognition
    - proc: prevent accessing /proc/<PID>/environ until it's ready
    - mm: update min_free_kbytes from khugepaged after core initialization
    - batman-adv: fix DAT candidate selection (must use vid)
    - batman-adv: Check skb size before using encapsulated ETH+VLAN header
    - batman-adv: Fix broadcast/ogm queue limit on a removed interface
    - batman-adv: Reduce refcnt of removed router when updating route
    - writeback: Fix performance regression in wb_over_bg_thresh()
    - MAINTAINERS: Remove asterisk from EFI directory names
    - x86/tsc: Read all ratio bits from MSR_PLATFORM_INFO
    - ARM: cpuidle: Pass on arm_cpuidle_suspend()'s return value
    - ARC: Add missing io barriers to io{read,write}{16,32}be()
    - x86/sysfb_efi: Fix valid BAR address range check
    - ACPICA: Dispatcher: Update thread ID for recursive method calls
    - powerpc: Fix bad inline asm constraint in create_zero_mask()
    - libahci: save port map for forced port map
    - ata: ahci-platform: Add ports-implemented DT bindings.
    - USB: serial: cp210x: add ID for Link ECU
    - USB: serial: cp210x: add Straizona Focusers device ids
    - nvmem: mxs-ocotp: fix buffer overflow in read
    - gpu: ipu-v3: Fix imx-ipuv3-crtc module autoloading
    - drm/amdgpu: make sure vertical front porch is at least 1
    - drm/amdgpu: set metadata pointer to NULL after freeing.
    - iio: ak8975: Fix NULL pointer exception on early interrupt
    - iio: ak8975: fix maybe-uninitialized warning
    - drm/radeon: make sure vertical front porch is at least 1
    - drm/i915/ddi: Fix eDP VDD handling during booting and suspend/resume
    - drm/i915: Fix eDP low vswing for Broadwell
    - drm/i915: Make RPS EI/thresholds multiple of 25 on SNB-BDW
    - drm/i915: Fake HDMI live status
    - lib/test-string_helpers.c: fix and improve string_get_size() tests
    - drm/i915/skl: Fix DMC load on Skylake J0 and K0
    - Linux 4.4.10

  * HDMI audio playback noise  observed on AMD Polaris 10/11 GPU (LP: #1577288)
    - ALSA: hda: add AMD Polaris-10/11 AZ PCI IDs with proper driver caps

  * [i915_bpo] Update i915 backport driver (LP: #1580114)
    - SAUCE: i915_bpo: Drop is_preliminary from BXT/KBL.
    - SAUCE: i915_bpo: Sync with v4.6-rc7

  * CVE-2016-4486 (LP: #1578497)
    - net: fix infoleak in rtnetlink

  * CVE-2016-4485 (LP: #1578496)
    - net: fix infoleak in llc

  * drm.ko < kernel version 4.5 has a dead lock bug (LP: #1579610)
    - drm: Balance error path for GEM handle allocation

  * Cannot use CONFIG_CC_STACKPROTECTOR_STRONG: -fstack-protector-strong not
    supported by compiler (LP: #1574982)
    - SAUCE: (no-up) disable -pie when gcc has it enabled by default

  * system freeze after vt switching (LP: #1542939)
    - drm/atomic: Add __drm_atomic_helper_connector_reset, v2.
    - drm/atomic: Remove drm_atomic_connectors_for_crtc.

  * CVE-2016-4558 (LP: #1579140)
    - bpf: fix refcnt overflow

  * Kernel Panic on EC2 After Upgrading from 14.04 to 16.04 via do-release-
    upgrade -d (LP: #1573231)
    - SAUCE: (no-up) x86/topology: Handle CPUID bogosity gracefully

  * PCI Call Traces  hw csum failure in dmesg with  4.4.0-2-generic
    (LP: #1544978)
    - net/mlx4_en: Fix endianness bug in IPV6 csum calculation

  * Missing libunwind support in perf (LP: #1248289)
    - [Config] Add liblzma-dev to enable libunwind support in perf

  * thunderbolt hotplug is broken (LP: #1577898)
    - SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for recursive method
      calls

  * Kernel can be oopsed using remap_file_pages (LP: #1558120)
    - SAUCE: mm/mmap: fix oopsing on remap_file_pages

  * ZFS is confused by user namespaces (uid/gid mapping) when used with
    acltype=posixac (LP: #1567558)
    - zfs: Fix user namespaces uid/gid mapping

  * oops when propagating mounts into containers - RIP:
    0010:[<ffffffff8123cb3e>] [<ffffffff8123cb3e>] propagate_one+0xbe/0x1c0
    (LP: #1572316)
    - fs/pnode.c: treat zero mnt_group_id-s as unequal
    - propogate_mnt: Handle the first propogated copy being a slave

  * OOPS on wily+ for Haswell-ULT and Broadwell (LP: #1577748)
    - PNP: Add Broadwell to Intel MCH size workaround
    - PNP: Add Haswell-ULT to Intel MCH size workaround

  * Xenial update to v4.4.9 stable release (LP: #1578798)
    - block: loop: fix filesystem corruption in case of aio/dio
    - x86/mce: Avoid using object after free in genpool
    - kvm: x86: do not leak guest xcr0 into host interrupt handlers
    - ARM: dts: AM43x-epos: Fix clk parent for synctimer
    - ARM: mvebu: Correct unit address for linksys
    - ARM: OMAP2: Fix up interconnect barrier initialization for DRA7
    - ARM: OMAP2+: hwmod: Fix updating of sysconfig register
    - assoc_array: don't call compare_object() on a node
    - usb: xhci: applying XHCI_PME_STUCK_QUIRK to Intel BXT B0 host
    - xhci: resume USB 3 roothub first
    - usb: xhci: fix wild pointers in xhci_mem_cleanup
    - xhci: fix 10 second timeout on removal of PCI hotpluggable xhci controllers
    - usb: hcd: out of bounds access in for_each_companion
    - usb: gadget: f_fs: Fix use-after-free
    - dm cache metadata: fix READ_LOCK macros and cleanup WRITE_LOCK macros
    - dm cache metadata: fix cmd_read_lock() acquiring write lock
    - lib: lz4: fixed zram with lz4 on big endian machines
    - debugfs: Make automount point inodes permanently empty
    - dmaengine: dw: fix master selection
    - dmaengine: hsu: correct use of channel status register
    - dmaengine: pxa_dma: fix the maximum requestor line
    - sched/cgroup: Fix/cleanup cgroup teardown/init
    - x86/mm/xen: Suppress hugetlbfs in PV guests
    - x86 EDAC, sb_edac.c: Repair damage introduced when "fixing" channel address
    - ALSA: hda - Don't trust the reported actual power state
    - ALSA: hda/realtek - Add ALC3234 headset mode for Optiplex 9020m
    - ALSA: hda - Keep powering up ADCs on Cirrus codecs
    - ALSA: hda - add PCI ID for Intel Broxton-T
    - ALSA: pcxhr: Fix missing mutex unlock
    - ALSA: hda - Add dock support for ThinkPad X260
    - asm-generic/futex: Re-enable preemption in futex_atomic_cmpxchg_inatomic()
    - futex: Handle unlock_pi race gracefully
    - futex: Acknowledge a new waiter in counter before plist
    - drm/nouveau/core: use vzalloc for allocating ramht
    - drm/qxl: fix cursor position with non-zero hotspot
    - drm/i915: Fix race condition in intel_dp_destroy_mst_connector()
    - Revert "drm/radeon: disable runtime pm on PX laptops without dGPU power
      control"
    - Revert "drm/amdgpu: disable runtime pm on PX laptops without dGPU power
      control"
    - cpufreq: intel_pstate: Fix processing for turbo activation ratio
    - iwlwifi: pcie: lower the debug level for RSA semaphore access
    - iwlwifi: mvm: fix memory leak in paging
    - crypto: ccp - Prevent information leakage on export
    - crypto: sha1-mb - use corrcet pointer while completing jobs
    - crypto: talitos - fix crash in talitos_cra_init()
    - crypto: talitos - fix AEAD tcrypt tests
    - powerpc: scan_features() updates incorrect bits for REAL_LE
    - powerpc: Update cpu_user_features2 in scan_features()
    - powerpc: Update TM user feature bits in scan_features()
    - nl80211: check netlink protocol in socket release notification
    - netlink: don't send NETLINK_URELEASE for unbound sockets
    - Input: pmic8xxx-pwrkey - fix algorithm for converting trigger delay
    - xen kconfig: don't "select INPUT_XEN_KBDDEV_FRONTEND"
    - pinctrl: mediatek: correct debounce time unit in mtk_gpio_set_debounce
    - pinctrl: single: Fix pcs_parse_bits_in_pinctrl_entry to use __ffs than ffs
    - iommu/amd: Fix checking of pci dma aliases
    - iommu/dma: Restore scatterlist offsets correctly
    - drm/amdgpu: when suspending, if uvd/vce was running. need to cancel delay
      work.
    - drm/amdgpu: use defines for CRTCs and AMFT blocks
    - drm/amdgpu: bump the afmt limit for CZ, ST, Polaris
    - amdgpu/uvd: add uvd fw version for amdgpu
    - drm/amdgpu: fix regression on CIK (v2)
    - drm/radeon: add a quirk for a XFX R9 270X
    - drm/radeon: fix initial connector audio value
    - drm/radeon: forbid mapping of userptr bo through radeon device file
    - drm/radeon: fix vertical bars appear on monitor (v2)
    - drm: Loongson-3 doesn't fully support wc memory
    - drm/nouveau/gr/gf100: select a stream master to fixup tfb offset queries
    - drm/dp/mst: Validate port in drm_dp_payload_send_msg()
    - drm/dp/mst: Restore primary hub guid on resume
    - drm/dp/mst: Get validated port ref in drm_dp_update_payload_part1()
    - pwm: brcmstb: Fix check of devm_ioremap_resource() return code
    - drm/i915: Cleanup phys status page too
    - drm/i915: skl_update_scaler() wants a rotation bitmask instead of bit number
    - drm/amdkfd: uninitialized variable in dbgdev_wave_control_set_registers()
    - drm/i915: Fixup the free space logic in ring_prepare
    - drm/i915: Use fw_domains_put_with_fifo() on HSW
    - perf intel-pt: Fix segfault tracing transactions
    - i2c: cpm: Fix build break due to incompatible pointer types
    - i2c: exynos5: Fix possible ABBA deadlock by keeping I2C clock prepared
    - toshiba_acpi: Fix regression caused by hotkey enabling value
    - EDAC: i7core, sb_edac: Don't return NOTIFY_BAD from mce_decoder callback
    - ASoC: s3c24xx: use const snd_soc_component_driver pointer
    - ASoC: ssm4567: Reset device before regcache_sync()
    - ASoC: dapm: Make sure we have a card when displaying component widgets
    - ASoC: rt5640: Correct the digital interface data select
    - vb2-memops: Fix over allocation of frame vectors
    - v4l2-dv-timings.h: fix polarity for 4k formats
    - cxl: Keep IRQ mappings on context teardown
    - IB/mlx5: Expose correct max_sge_rd limit
    - IB/security: Restrict use of the write() interface
    - efi: Fix out-of-bounds read in variable_matches()
    - efi: Expose non-blocking set_variable() wrapper to efivars
    - x86/apic: Handle zero vector gracefully in clear_vector_irq()
    - workqueue: fix ghost PENDING flag while doing MQ IO
    - slub: clean up code for kmem cgroup support to kmem_cache_free_bulk
    - cgroup, cpuset: replace cpuset_post_attach_flush() with
      cgroup_subsys->post_attach callback
    - memcg: relocate charge moving from ->attach to ->post_attach
    - mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check
    - numa: fix /proc/<pid>/numa_maps for THP
    - mm: vmscan: reclaim highmem zone if buffer_heads is over limit
    - mm/hwpoison: fix wrong num_poisoned_pages accounting
    - cgroup: make sure a parent css isn't freed before its children
    - videobuf2-core: Check user space planes array in dqbuf
    - videobuf2-v4l2: Verify planes array in buffer dequeueing
    - Revert "regulator: core: Fix nested locking of supplies"
    - regulator: core: fix regulator_lock_supply regression
    - regulator: core: Ensure we lock all regulators
    - regulator: core: Fix nested locking of supplies
    - locking/mcs: Fix mcs_spin_lock() ordering
    - spi/rockchip: Make sure spi clk is on in rockchip_spi_set_cs
    - irqchip/sunxi-nmi: Fix error check of of_io_request_and_map()
    - irqchip/mxs: Fix error check of of_io_request_and_map()
    - regulator: s5m8767: fix get_register() error handling
    - paride: make 'verbose' parameter an 'int' again
    - scsi_dh: force modular build if SCSI is a module
    - fbdev: da8xx-fb: fix videomodes of lcd panels
    - misc/bmp085: Enable building as a module
    - misc: mic/scif: fix wrap around tests
    - PM / OPP: Initialize u_volt_min/max to a valid value
    - PM / Domains: Fix removal of a subdomain
    - rtc: hym8563: fix invalid year calculation
    - rtc: vr41xx: Wire up alarm_irq_enable
    - rtc: ds1685: passing bogus values to irq_restore
    - rtc: rx8025: remove rv8803 id
    - rtc: max77686: Properly handle regmap_irq_get_virq() error code
    - drivers/misc/ad525x_dpot: AD5274 fix RDAC read back errors
    - perf evlist: Reference count the cpu and thread maps at set_maps()
    - x86/mm/kmmio: Fix mmiotrace for hugepages
    - ext4: fix NULL pointer dereference in ext4_mark_inode_dirty()
    - serial: sh-sci: Remove cpufreq notifier to fix crash/deadlock
    - mtd: spi-nor: remove micron_quad_enable()
    - mtd: brcmnand: Fix v7.1 register offsets
    - mtd: nand: Drop mtd.owner requirement in nand_scan
    - perf hists browser: Only offer symbol scripting when a symbol is under the
      cursor
    - perf tools: handle spaces in file names obtained from /proc/pid/maps
    - perf stat: Document --detailed option
    - ext4: fix races between page faults and hole punching
    - ext4: move unlocked dio protection from ext4_alloc_file_blocks()
    - ext4: fix races between buffered IO and collapse / insert range
    - ext4: fix races of writeback with punch hole and zero range
    - ARM: OMAP3: Add cpuidle parameters table for omap3430
    - ARM: prima2: always enable reset controller
    - ARM: EXYNOS: select THERMAL_OF
    - ARM: dts: armada-375: use armada-370-sata for SATA
    - ARM: dts: pxa: fix dma engine node to pxa3xx-nand
    - bus: imx-weim: Take the 'status' property value into account
    - jme: Do not enable NIC WoL functions on S0
    - jme: Fix device PM wakeup API usage
    - unbreak allmodconfig KCONFIG_ALLCONFIG=...
    - thermal: rockchip: fix a impossible condition caused by the warning
    - sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race
    - megaraid_sas: add missing curly braces in ioctl handler
    - stm class: Select CONFIG_SRCU
    - extcon: max77843: Use correct size for reading the interrupt register
    - Linux 4.4.9

  * Stoney powerplay support (LP: #1578305)
    - amdgpu/powerplay: Add Stoney to list of early init cases

  * CVE-2016-2117 (LP: #1561403)
    - atl2: Disable unimplemented scatter/gather feature

  * CVE-2016-2187 (LP: #1575706)
    - Input: gtco - fix crash on detecting device without endpoints

  * zfs posix default permissions lost on reboot or unmount (LP: #1574801)
    - Fix ZPL miswrite of default POSIX ACL

  * WARNING: at /build/linux-aWXT0l/linux-4.4.0/drivers/pci/pci.c:1595
    [travis3EN] (LP: #1574697)
    - net/mlx4_core: Implement pci_resume callback
    - net/mlx4_core: Avoid repeated calls to pci enable/disable

  * Add support to thinkpad keyboard backlight (LP: #1574498)
    - thinkpad_acpi: Add support for keyboard backlight

  * Please enable kconfig X86_LEGACY_VM86 for i386 (LP: #1499089)
    - [Config] CONFIG_VM86=y, CONFIG_X86_LEGACY_VM86=y

  * Miscellaneous Ubuntu changes
    - updateconfigs for Linux v4.4.9


  * Linux-raspi2 is missing several driver modules when compared against generic
    (LP: #1577393)
    - [Config] CONFIG_AD=m
    - [Config] CONFIG_BACKLIGHT=m
    - [Config] CONFIG_BATTERY=m
    - [Config] CONFIG_CHARGER=m
    - [Config] CONFIG_COMEDI=m
    - [Config] CONFIG_CRYPTO=m
    - [Config] CONFIG_DRM=m
    - [Config] CONFIG_GPIO=m
    - [Config] CONFIG_HID=m
    - [Config] CONFIG_I2C=m
    - [Config] CONFIG_IIO=m
    - [Config] CONFIG_INPUT=m
    - [Config] CONFIG_JOYSTICK=m
    - [Config] CONFIG_KEYBOARD=m
    - [Config] CONFIG_LCD=m
    - [Config] CONFIG_REGULATOR=m
    - [Config] CONFIG_SPI=m
    - [Config] CONFIG_MFD=m
    - [Config] CONFIG_MOUSE=m
    - [Config] CONFIG_MTD=m
    - [Config] CONFIG_NET=m
    - [Config] CONFIG_NFC=m
    - [Config] CONFIG_NFTL=m
    - [Config] CONFIG_NLS_MAC=m
    - [Config] CONFIG_PATA_PLATFORM=m
    - [Config] CONFIG_PHY=m
    - [Config] CONFIG_PWM=m
    - [Config] CONFIG_RTC=m
    - [Config] CONFIG_SCSI=m
    - [Config] CONFIG_SENSORS=m
    - [Config] CONFIG_SERIAL=m
    - [Config] CONFIG_SND=m
    - [Config] CONFIG_SOC_CAMERA=m
    - [Config] CONFIG_SPEAKUP=m
    - [Config] CONFIG_TCP_CONG=m
    - [Config] CONFIG_TOUCHSCREEN=m
    - [Config] CONFIG_USB=m
    - [Config] CONFIG_VIDEO=m
    - [Config] CONFIG_WIMISC=m
    - [Config] final modules sync up wrt generic
    - [Config] LEDS_GPIO=y
    - missing modules: ac97_bus is builtin now

 -- Kamal Mostafa <kamal@xxxxxxxxxxxxx>  Tue, 17 May 2016 11:52:11 -0700

** Changed in: linux-raspi2 (Ubuntu Yakkety)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1561403

Title:
  CVE-2016-2117

Status in linux package in Ubuntu:
  New
Status in linux-armadaxp package in Ubuntu:
  Invalid
Status in linux-flo package in Ubuntu:
  New
Status in linux-goldfish package in Ubuntu:
  New
Status in linux-lts-quantal package in Ubuntu:
  Invalid
Status in linux-lts-raring package in Ubuntu:
  Invalid
Status in linux-lts-saucy package in Ubuntu:
  Invalid
Status in linux-lts-trusty package in Ubuntu:
  Invalid
Status in linux-lts-utopic package in Ubuntu:
  Invalid
Status in linux-lts-vivid package in Ubuntu:
  Invalid
Status in linux-lts-wily package in Ubuntu:
  Invalid
Status in linux-lts-xenial package in Ubuntu:
  Invalid
Status in linux-mako package in Ubuntu:
  New
Status in linux-manta package in Ubuntu:
  Invalid
Status in linux-raspi2 package in Ubuntu:
  Fix Released
Status in linux-snapdragon package in Ubuntu:
  Fix Released
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Precise:
  Invalid
Status in linux-armadaxp source package in Precise:
  Invalid
Status in linux-flo source package in Precise:
  Invalid
Status in linux-goldfish source package in Precise:
  Invalid
Status in linux-lts-quantal source package in Precise:
  Invalid
Status in linux-lts-raring source package in Precise:
  Invalid
Status in linux-lts-saucy source package in Precise:
  Invalid
Status in linux-lts-trusty source package in Precise:
  Fix Committed
Status in linux-lts-utopic source package in Precise:
  Invalid
Status in linux-lts-vivid source package in Precise:
  Invalid
Status in linux-lts-wily source package in Precise:
  Invalid
Status in linux-lts-xenial source package in Precise:
  Invalid
Status in linux-mako source package in Precise:
  Invalid
Status in linux-manta source package in Precise:
  Invalid
Status in linux-raspi2 source package in Precise:
  Invalid
Status in linux-snapdragon source package in Precise:
  Invalid
Status in linux-ti-omap4 source package in Precise:
  Invalid
Status in linux source package in Trusty:
  Fix Committed
Status in linux-armadaxp source package in Trusty:
  Invalid
Status in linux-flo source package in Trusty:
  Invalid
Status in linux-goldfish source package in Trusty:
  Invalid
Status in linux-lts-quantal source package in Trusty:
  Invalid
Status in linux-lts-raring source package in Trusty:
  Invalid
Status in linux-lts-saucy source package in Trusty:
  Invalid
Status in linux-lts-trusty source package in Trusty:
  Invalid
Status in linux-lts-utopic source package in Trusty:
  Fix Committed
Status in linux-lts-vivid source package in Trusty:
  Fix Committed
Status in linux-lts-wily source package in Trusty:
  Fix Committed
Status in linux-lts-xenial source package in Trusty:
  Fix Committed
Status in linux-mako source package in Trusty:
  Invalid
Status in linux-manta source package in Trusty:
  Invalid
Status in linux-raspi2 source package in Trusty:
  Invalid
Status in linux-snapdragon source package in Trusty:
  Invalid
Status in linux-ti-omap4 source package in Trusty:
  Invalid
Status in linux source package in Vivid:
  New
Status in linux-armadaxp source package in Vivid:
  New
Status in linux-flo source package in Vivid:
  New
Status in linux-goldfish source package in Vivid:
  New
Status in linux-lts-quantal source package in Vivid:
  New
Status in linux-lts-raring source package in Vivid:
  New
Status in linux-lts-saucy source package in Vivid:
  New
Status in linux-lts-trusty source package in Vivid:
  New
Status in linux-lts-utopic source package in Vivid:
  New
Status in linux-lts-vivid source package in Vivid:
  New
Status in linux-lts-wily source package in Vivid:
  New
Status in linux-lts-xenial source package in Vivid:
  New
Status in linux-mako source package in Vivid:
  New
Status in linux-manta source package in Vivid:
  New
Status in linux-raspi2 source package in Vivid:
  New
Status in linux-snapdragon source package in Vivid:
  New
Status in linux-ti-omap4 source package in Vivid:
  New
Status in linux source package in Wily:
  Fix Committed
Status in linux-armadaxp source package in Wily:
  Invalid
Status in linux-flo source package in Wily:
  New
Status in linux-goldfish source package in Wily:
  New
Status in linux-lts-quantal source package in Wily:
  Invalid
Status in linux-lts-raring source package in Wily:
  Invalid
Status in linux-lts-saucy source package in Wily:
  Invalid
Status in linux-lts-trusty source package in Wily:
  Invalid
Status in linux-lts-utopic source package in Wily:
  Invalid
Status in linux-lts-vivid source package in Wily:
  Invalid
Status in linux-lts-wily source package in Wily:
  Invalid
Status in linux-lts-xenial source package in Wily:
  Invalid
Status in linux-mako source package in Wily:
  New
Status in linux-manta source package in Wily:
  New
Status in linux-raspi2 source package in Wily:
  Fix Committed
Status in linux-snapdragon source package in Wily:
  Invalid
Status in linux-ti-omap4 source package in Wily:
  Invalid
Status in linux source package in Xenial:
  Fix Committed
Status in linux-armadaxp source package in Xenial:
  Invalid
Status in linux-flo source package in Xenial:
  New
Status in linux-goldfish source package in Xenial:
  New
Status in linux-lts-quantal source package in Xenial:
  Invalid
Status in linux-lts-raring source package in Xenial:
  Invalid
Status in linux-lts-saucy source package in Xenial:
  Invalid
Status in linux-lts-trusty source package in Xenial:
  Invalid
Status in linux-lts-utopic source package in Xenial:
  Invalid
Status in linux-lts-vivid source package in Xenial:
  Invalid
Status in linux-lts-wily source package in Xenial:
  Invalid
Status in linux-lts-xenial source package in Xenial:
  Invalid
Status in linux-mako source package in Xenial:
  New
Status in linux-manta source package in Xenial:
  Invalid
Status in linux-raspi2 source package in Xenial:
  Fix Committed
Status in linux-snapdragon source package in Xenial:
  New
Status in linux-ti-omap4 source package in Xenial:
  Invalid
Status in linux source package in Yakkety:
  New
Status in linux-armadaxp source package in Yakkety:
  Invalid
Status in linux-flo source package in Yakkety:
  New
Status in linux-goldfish source package in Yakkety:
  New
Status in linux-lts-quantal source package in Yakkety:
  Invalid
Status in linux-lts-raring source package in Yakkety:
  Invalid
Status in linux-lts-saucy source package in Yakkety:
  Invalid
Status in linux-lts-trusty source package in Yakkety:
  Invalid
Status in linux-lts-utopic source package in Yakkety:
  Invalid
Status in linux-lts-vivid source package in Yakkety:
  Invalid
Status in linux-lts-wily source package in Yakkety:
  Invalid
Status in linux-lts-xenial source package in Yakkety:
  Invalid
Status in linux-mako source package in Yakkety:
  New
Status in linux-manta source package in Yakkety:
  Invalid
Status in linux-raspi2 source package in Yakkety:
  Fix Released
Status in linux-snapdragon source package in Yakkety:
  Fix Released
Status in linux-ti-omap4 source package in Yakkety:
  Invalid

Bug description:
  The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in
  the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O,
  which allows remote attackers to obtain sensitive information from
  kernel memory by reading packet data.

  Break-Fix: ec5f061564238892005257c83565a0b58ec79295
  f43bfaeddc79effbf3d0fcb53ca477cca66f3db8

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1561403/+subscriptions


References