kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #181442
[Bug 1567191] Re: CVE-2016-3951
This bug was fixed in the package linux - 3.13.0-87.133
---------------
linux (3.13.0-87.133) trusty; urgency=low
[ Kamal Mostafa ]
* Release Tracking Bug
- LP: #1585315
[ Upstream Kernel Changes ]
* Revert "usb: hub: do not clear BOS field during reset device"
- LP: #1582864
linux (3.13.0-87.132) trusty; urgency=low
[ Kamal Mostafa ]
* Release Tracking Bug
- LP: #1582398
[ Kamal Mostafa ]
* [Config] Drop ozwpan from the ABI
[ Luis Henriques ]
* [Config] CONFIG_USB_WPAN_HCD=n
- LP: #1463740
- CVE-2015-4004
[ Prarit Bhargava ]
* SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for recursive
method calls
- LP: #1577898
[ Upstream Kernel Changes ]
* usbnet: cleanup after bind() in probe()
- LP: #1567191
- CVE-2016-3951
* KVM: x86: bit-ops emulation ignores offset on 64-bit
- LP: #1423672
* USB: usbip: fix potential out-of-bounds write
- LP: #1572666
- CVE-2016-3955
* x86/mm/32: Enable full randomization on i386 and X86_32
- LP: #1568523
- CVE-2016-3672
* Input: gtco - fix crash on detecting device without endpoints
- LP: #1575706
- CVE-2016-2187
* atl2: Disable unimplemented scatter/gather feature
- LP: #1561403
- CVE-2016-2117
* ALSA: usb-audio: Skip volume controls triggers hangup on Dell USB Dock
- LP: #1577905
* fs/pnode.c: treat zero mnt_group_id-s as unequal
- LP: #1572316
* propogate_mnt: Handle the first propogated copy being a slave
- LP: #1572316
* drm: Balance error path for GEM handle allocation
- LP: #1579610
* x86/mm: Add barriers and document switch_mm()-vs-flush synchronization
- LP: #1538429
- CVE-2016-2069
* x86/mm: Improve switch_mm() barrier comments
- LP: #1538429
- CVE-2016-2069
* net: fix infoleak in llc
- LP: #1578496
- CVE-2016-4485
* net: fix infoleak in rtnetlink
- LP: #1578497
- CVE-2016-4486
-- Kamal Mostafa <kamal@xxxxxxxxxxxxx> Tue, 24 May 2016 11:04:30 -0700
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4004
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2069
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2117
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2187
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4485
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-4486
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1567191
Title:
CVE-2016-3951
Status in linux package in Ubuntu:
Fix Released
Status in linux-armadaxp package in Ubuntu:
Invalid
Status in linux-flo package in Ubuntu:
New
Status in linux-goldfish package in Ubuntu:
New
Status in linux-lts-quantal package in Ubuntu:
Invalid
Status in linux-lts-raring package in Ubuntu:
Invalid
Status in linux-lts-saucy package in Ubuntu:
Invalid
Status in linux-lts-trusty package in Ubuntu:
Invalid
Status in linux-lts-utopic package in Ubuntu:
Invalid
Status in linux-lts-vivid package in Ubuntu:
Invalid
Status in linux-lts-wily package in Ubuntu:
Invalid
Status in linux-lts-xenial package in Ubuntu:
Invalid
Status in linux-mako package in Ubuntu:
New
Status in linux-manta package in Ubuntu:
Invalid
Status in linux-raspi2 package in Ubuntu:
New
Status in linux-snapdragon package in Ubuntu:
New
Status in linux-ti-omap4 package in Ubuntu:
Invalid
Status in linux source package in Precise:
New
Status in linux-armadaxp source package in Precise:
New
Status in linux-flo source package in Precise:
Invalid
Status in linux-goldfish source package in Precise:
Invalid
Status in linux-lts-quantal source package in Precise:
Invalid
Status in linux-lts-raring source package in Precise:
Invalid
Status in linux-lts-saucy source package in Precise:
Invalid
Status in linux-lts-trusty source package in Precise:
Fix Committed
Status in linux-lts-utopic source package in Precise:
Invalid
Status in linux-lts-vivid source package in Precise:
Invalid
Status in linux-lts-wily source package in Precise:
Invalid
Status in linux-lts-xenial source package in Precise:
Invalid
Status in linux-mako source package in Precise:
Invalid
Status in linux-manta source package in Precise:
Invalid
Status in linux-raspi2 source package in Precise:
Invalid
Status in linux-snapdragon source package in Precise:
Invalid
Status in linux-ti-omap4 source package in Precise:
New
Status in linux source package in Trusty:
Fix Released
Status in linux-armadaxp source package in Trusty:
Invalid
Status in linux-flo source package in Trusty:
Invalid
Status in linux-goldfish source package in Trusty:
Invalid
Status in linux-lts-quantal source package in Trusty:
Invalid
Status in linux-lts-raring source package in Trusty:
Invalid
Status in linux-lts-saucy source package in Trusty:
Invalid
Status in linux-lts-trusty source package in Trusty:
Invalid
Status in linux-lts-utopic source package in Trusty:
Fix Committed
Status in linux-lts-vivid source package in Trusty:
Fix Committed
Status in linux-lts-wily source package in Trusty:
Fix Committed
Status in linux-lts-xenial source package in Trusty:
Fix Released
Status in linux-mako source package in Trusty:
Invalid
Status in linux-manta source package in Trusty:
Invalid
Status in linux-raspi2 source package in Trusty:
Invalid
Status in linux-snapdragon source package in Trusty:
Invalid
Status in linux-ti-omap4 source package in Trusty:
Invalid
Status in linux source package in Vivid:
New
Status in linux-armadaxp source package in Vivid:
New
Status in linux-flo source package in Vivid:
New
Status in linux-goldfish source package in Vivid:
New
Status in linux-lts-quantal source package in Vivid:
New
Status in linux-lts-raring source package in Vivid:
New
Status in linux-lts-saucy source package in Vivid:
New
Status in linux-lts-trusty source package in Vivid:
New
Status in linux-lts-utopic source package in Vivid:
New
Status in linux-lts-vivid source package in Vivid:
New
Status in linux-lts-wily source package in Vivid:
New
Status in linux-lts-xenial source package in Vivid:
New
Status in linux-mako source package in Vivid:
New
Status in linux-manta source package in Vivid:
New
Status in linux-raspi2 source package in Vivid:
New
Status in linux-snapdragon source package in Vivid:
New
Status in linux-ti-omap4 source package in Vivid:
New
Status in linux source package in Wily:
Fix Committed
Status in linux-armadaxp source package in Wily:
Invalid
Status in linux-flo source package in Wily:
New
Status in linux-goldfish source package in Wily:
New
Status in linux-lts-quantal source package in Wily:
Invalid
Status in linux-lts-raring source package in Wily:
Invalid
Status in linux-lts-saucy source package in Wily:
Invalid
Status in linux-lts-trusty source package in Wily:
Invalid
Status in linux-lts-utopic source package in Wily:
Invalid
Status in linux-lts-vivid source package in Wily:
Invalid
Status in linux-lts-wily source package in Wily:
Invalid
Status in linux-lts-xenial source package in Wily:
Invalid
Status in linux-mako source package in Wily:
New
Status in linux-manta source package in Wily:
New
Status in linux-raspi2 source package in Wily:
Fix Committed
Status in linux-snapdragon source package in Wily:
Invalid
Status in linux-ti-omap4 source package in Wily:
Invalid
Status in linux source package in Xenial:
Fix Released
Status in linux-armadaxp source package in Xenial:
Invalid
Status in linux-flo source package in Xenial:
New
Status in linux-goldfish source package in Xenial:
New
Status in linux-lts-quantal source package in Xenial:
Invalid
Status in linux-lts-raring source package in Xenial:
Invalid
Status in linux-lts-saucy source package in Xenial:
Invalid
Status in linux-lts-trusty source package in Xenial:
Invalid
Status in linux-lts-utopic source package in Xenial:
Invalid
Status in linux-lts-vivid source package in Xenial:
Invalid
Status in linux-lts-wily source package in Xenial:
Invalid
Status in linux-lts-xenial source package in Xenial:
Invalid
Status in linux-mako source package in Xenial:
New
Status in linux-manta source package in Xenial:
Invalid
Status in linux-raspi2 source package in Xenial:
Fix Released
Status in linux-snapdragon source package in Xenial:
Fix Released
Status in linux-ti-omap4 source package in Xenial:
Invalid
Status in linux source package in Yakkety:
Fix Released
Status in linux-armadaxp source package in Yakkety:
Invalid
Status in linux-flo source package in Yakkety:
New
Status in linux-goldfish source package in Yakkety:
New
Status in linux-lts-quantal source package in Yakkety:
Invalid
Status in linux-lts-raring source package in Yakkety:
Invalid
Status in linux-lts-saucy source package in Yakkety:
Invalid
Status in linux-lts-trusty source package in Yakkety:
Invalid
Status in linux-lts-utopic source package in Yakkety:
Invalid
Status in linux-lts-vivid source package in Yakkety:
Invalid
Status in linux-lts-wily source package in Yakkety:
Invalid
Status in linux-lts-xenial source package in Yakkety:
Invalid
Status in linux-mako source package in Yakkety:
New
Status in linux-manta source package in Yakkety:
Invalid
Status in linux-raspi2 source package in Yakkety:
New
Status in linux-snapdragon source package in Yakkety:
New
Status in linux-ti-omap4 source package in Yakkety:
Invalid
Bug description:
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux
kernel before 4.5 allows physically proximate attackers to cause a
denial of service (system crash) or possibly have unspecified other
impact by inserting a USB device with an invalid USB descriptor.
Break-Fix: - 4d06dd537f95683aba3651098ae288b7cbff8274
Break-Fix: - 1666984c8625b3db19a9abc298931d35ab7bc64b
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1567191/+subscriptions
References