← Back to team overview

kernel-packages team mailing list archive

[Bug 1261566] Re: CVE-2013-6367

 

This bug was fixed in the package linux-ec2 - 2.6.32-362.75

---------------
linux-ec2 (2.6.32-362.75) lucid-proposed; urgency=low

  [ Stefan Bader ]

  * Rebased to Ubuntu-2.6.32-57.119
  * Release Tracking Bug
    - LP: #1281942

  [ Ubuntu: 2.6.32-57.119 ]

  * ubuntu: AUFS: fsnotify_open() now receives a file
    - LP: #1097680
    - CVE-2013-0160
  * KVM: Improve create VCPU parameter (CVE-2013-4587)
    - LP: #1261564
    - CVE-2013-4587
  * KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367)
    - LP: #1261566
    - CVE-2013-6367
  * xfs: underflow bug in xfs_attrlist_by_handle()
    - LP: #1256091
    - CVE-2013-6382
  * aacraid: prevent invalid pointer dereference
    - LP: #1256083
    - CVE-2013-6380
  * wireless: radiotap: fix parsing buffer overrun
    - LP: #1260622
    - CVE-2013-7027
  * net: rework recvmsg handler msg_name and msg_namelen logic
    - LP: #1267081
    - CVE-2013-7266
  * net: rose: restore old recvmsg behavior
    - LP: #1267081
    - CVE-2013-7266
  * fsnotify: pass a file instead of an inode to open, read, and write
    - LP: #1097680
    - CVE-2013-0160
  * vfs: introduce FMODE_NONOTIFY
    - LP: #1097680
    - CVE-2013-0160
  * fanotify: FMODE_NONOTIFY and __O_SYNC in sparc conflict
    - LP: #1097680
    - CVE-2013-0160
  * TTY: do not update atime/mtime on read/write
    - LP: #1097680
    - CVE-2013-0160
  * TTY: fix atime/mtime regression
    - LP: #1097680
    - CVE-2013-0160
  * tty: fix up atime/mtime mess, take three
    - LP: #1097680
    - CVE-2013-0160
  * farsync: fix info leak in ioctl
    - LP: #1271442
    - CVE-2014-1444
  * wanxl: fix info leak in ioctl
    - LP: #1271444
    - CVE-2014-1445
  * hamradio/yam: fix info leak in ioctl
    - LP: #1271445
    - CVE-2014-1446
  * SELinux: Fix kernel BUG on empty security contexts.
    - CVE-2014-1874
  * exec/ptrace: fix get_dumpable() incorrect tests
    - LP: #1260610
    - CVE-2013-2929
 -- Stefan Bader <stefan.bader@xxxxxxxxxxxxx>   Wed, 19 Feb 2014 16:51:53 +0100

** Changed in: linux-ec2 (Ubuntu Lucid)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0160

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2929

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4587

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6380

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6382

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7027

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7266

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1444

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1445

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1446

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1874

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1261566

Title:
  CVE-2013-6367

Status in “linux” package in Ubuntu:
  Invalid
Status in “linux-armadaxp” package in Ubuntu:
  Invalid
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
  Won't Fix
Status in “linux-lts-backport-natty” package in Ubuntu:
  Won't Fix
Status in “linux-lts-quantal” package in Ubuntu:
  Invalid
Status in “linux-lts-raring” package in Ubuntu:
  Invalid
Status in “linux-lts-saucy” package in Ubuntu:
  Invalid
Status in “linux-mvl-dove” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Invalid
Status in “linux” source package in Lucid:
  Fix Committed
Status in “linux-armadaxp” source package in Lucid:
  Invalid
Status in “linux-ec2” source package in Lucid:
  Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
  Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
  Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
  Invalid
Status in “linux-lts-raring” source package in Lucid:
  Invalid
Status in “linux-lts-saucy” source package in Lucid:
  Invalid
Status in “linux-mvl-dove” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “linux” source package in Precise:
  Fix Released
Status in “linux-armadaxp” source package in Precise:
  Fix Released
Status in “linux-ec2” source package in Precise:
  Invalid
Status in “linux-fsl-imx51” source package in Precise:
  Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
  Won't Fix
Status in “linux-lts-quantal” source package in Precise:
  Fix Committed
Status in “linux-lts-raring” source package in Precise:
  Fix Committed
Status in “linux-lts-saucy” source package in Precise:
  Fix Released
Status in “linux-mvl-dove” source package in Precise:
  Invalid
Status in “linux-ti-omap4” source package in Precise:
  Fix Released
Status in “linux” source package in Quantal:
  Fix Committed
Status in “linux-armadaxp” source package in Quantal:
  Fix Committed
Status in “linux-ec2” source package in Quantal:
  Invalid
Status in “linux-fsl-imx51” source package in Quantal:
  Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Quantal:
  Won't Fix
Status in “linux-lts-quantal” source package in Quantal:
  Invalid
Status in “linux-lts-raring” source package in Quantal:
  Invalid
Status in “linux-lts-saucy” source package in Quantal:
  Invalid
Status in “linux-mvl-dove” source package in Quantal:
  Invalid
Status in “linux-ti-omap4” source package in Quantal:
  Fix Committed
Status in “linux-lts-backport-maverick” source package in Raring:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Raring:
  Won't Fix
Status in “linux” source package in Saucy:
  Fix Released
Status in “linux-armadaxp” source package in Saucy:
  Invalid
Status in “linux-ec2” source package in Saucy:
  Invalid
Status in “linux-fsl-imx51” source package in Saucy:
  Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
  Won't Fix
Status in “linux-lts-quantal” source package in Saucy:
  Invalid
Status in “linux-lts-raring” source package in Saucy:
  Invalid
Status in “linux-lts-saucy” source package in Saucy:
  Invalid
Status in “linux-mvl-dove” source package in Saucy:
  Invalid
Status in “linux-ti-omap4” source package in Saucy:
  Fix Committed
Status in “linux” source package in Trusty:
  Invalid
Status in “linux-armadaxp” source package in Trusty:
  Invalid
Status in “linux-ec2” source package in Trusty:
  Invalid
Status in “linux-fsl-imx51” source package in Trusty:
  Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
  Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
  Invalid
Status in “linux-lts-raring” source package in Trusty:
  Invalid
Status in “linux-lts-saucy” source package in Trusty:
  Invalid
Status in “linux-mvl-dove” source package in Trusty:
  Invalid
Status in “linux-ti-omap4” source package in Trusty:
  Invalid

Bug description:
  The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM
  subsystem in the Linux kernel through 3.12.5 allows guest OS users to
  cause a denial of service (divide-by-zero error and host OS crash) via
  crafted modifications of the TMICT value.

  Break-Fix: - b963a22e6d1a266a67e9eecc88134713fd54775c

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1261566/+subscriptions


References