kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #48306
[Bug 1252422] Re: CVE-2013-4579
This bug was fixed in the package linux - 3.2.0-60.91
---------------
linux (3.2.0-60.91) precise; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #1281800
[ Andy Whitcroft ]
* [Config] d-i -- add xts.ko to crypto-modules udeb
- LP: #1276739
[ Upstream Kernel Changes ]
* ath9k_htc: properly set MAC address and BSSID mask
- LP: #1252422
- CVE-2013-4579
* SELinux: Fix kernel BUG on empty security contexts.
- CVE-2014-1874
* net: do not pretend FRAGLIST support
- LP: #1281620
* rds: prevent BUG_ON triggered on congestion update to loopback
- LP: #1281620
* ipv6: don't count addrconf generated routes against gc limit
- LP: #1281620
* net: drop_monitor: fix the value of maxattr
- LP: #1281620
* tg3: Initialize REG_BASE_ADDR at PCI config offset 120 to 0
- LP: #1281620
* net: unix: allow bind to fail on mutex lock
- LP: #1281620
* net: inet_diag: zero out uninitialized idiag_{src,dst} fields
- LP: #1281620
* drivers/net/hamradio: Integer overflow in hdlcdrv_ioctl()
- LP: #1281620
* hamradio/yam: fix info leak in ioctl
- LP: #1281620
* rds: prevent dereference of a NULL device
- LP: #1281620
* net: rose: restore old recvmsg behavior
- LP: #1281620
* vlan: Fix header ops passthru when doing TX VLAN offload.
- LP: #1281620
* net: llc: fix use after free in llc_ui_recvmsg
- LP: #1281620
* bridge: use spin_lock_bh() in br_multicast_set_hash_max
- LP: #1281620
* bnx2x: fix DMA unmapping of TSO split BDs
- LP: #1281620
* inet_diag: fix inet_diag_dump_icsk() timewait socket state logic
- LP: #1281620
* net: avoid reference counter overflows on fib_rules in multicast
forwarding
- LP: #1281620
* xfs: Account log unmount transaction correctly
- LP: #1281620
* PCI: Enable ARI if dev and upstream bridge support it; disable
otherwise
- LP: #1281620
* mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate
successfully
- LP: #1281620
* staging: comedi: cb_pcidio: fix for newer PCI-DIO48H
- LP: #1281620
* Fix warning from machine_kexec.c
- LP: #1281620
* hpfs: fix warnings when the filesystem fills up
- LP: #1281620
* KVM: x86: Convert vapic synchronization to _cached functions
(CVE-2013-6368)
- LP: #1281620
* x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround
- LP: #1281620
* mm: ensure get_unmapped_area() returns higher address than
mmap_min_addr
- LP: #1281620
* ceph: cleanup aborted requests when re-sending requests.
- LP: #1281620
* ceph: wake up 'safe' waiters when unregistering request
- LP: #1281620
* sh: always link in helper functions extracted from libgcc
- LP: #1281620
* libata: add ATA_HORKAGE_BROKEN_FPDMA_AA quirk for Seagate Momentus
SpinPoint M8
- LP: #1281620
* ext4: call ext4_error_inode() if jbd2_journal_dirty_metadata() fails
- LP: #1281620
* ext4: fix use-after-free in ext4_mb_new_blocks
- LP: #1281620
* ext4: check for overlapping extents in ext4_valid_extent_entries()
- LP: #1281620
* ext2: Fix oops in ext2_get_block() called from ext2_quota_write()
- LP: #1281620
* ext4: fix del_timer() misuse for ->s_err_report
- LP: #1281620
* xhci: Limit the spurious wakeup fix only to HP machines
- LP: #1281620
* iscsi-target: Fix-up all zero data-length CDBs with R/W_BIT set
- LP: #1281620
* drm/radeon: Fix sideport problems on certain RS690 boards
- LP: #1281620
* ALSA: hda - Add enable_msi=0 workaround for four HP machines
- LP: #1260225, #1281620
* gpio: msm: Fix irq mask/unmask by writing bits instead of numbers
- LP: #1281620
* radiotap: fix bitmap-end-finding buffer overrun
- LP: #1281620
* ftrace: Initialize the ftrace profiler for each possible cpu
- LP: #1281620
* libata: disable a disk via libata.force params
- LP: #1281620
* drm/ttm: Fix accesses through vmas with only partial coverage
- LP: #1281620
* sched/rt: Fix rq's cpupri leak while enqueue/dequeue child RT entities
- LP: #1281620
* ALSA: Add SNDRV_PCM_STATE_PAUSED case in wait_for_avail function
- LP: #1281620
* drm/i915: Use the correct GMCH_CTRL register for Sandybridge+
- LP: #1281620
* rtlwifi: pci: Fix oops on driver unload
- LP: #1281620
* ath9k: Fix interrupt handling for the AR9002 family
- LP: #1281620
* cpupower: Fix segfault due to incorrect getopt_long arugments
- LP: #1281620
* ASoC: wm8904: fix DSP mode B configuration
- LP: #1281620
* net_dma: mark broken
- LP: #1281620
* dm9601: fix reception of full size ethernet frames on dm9620/dm9621a
- LP: #1281620
* dm9601: work around tx fifo sync issue on dm962x
- LP: #1281620
* ext4: add explicit casts when masking cluster sizes
- LP: #1281620
* drm/radeon: 0x9649 is SUMO2 not SUMO
- LP: #1281620
* selinux: fix broken peer recv check
- LP: #1281620
* selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock()
- LP: #1281620
* ARM: fix footbridge clockevent device
- LP: #1281620
* powerpc: Fix bad stack check in exception entry
- LP: #1281620
* ahci: Use PCI_VENDOR_ID_MARVELL_EXT for 0x1b4b
- LP: #1281620
* ahci: add an observed PCI ID for Marvell 88se9172 SATA controller
- LP: #1281620
* pci: Add PCI_DEVICE_SUB() macro
- LP: #1281620
* ahci: add PCI ID for Marvell 88SE9170 SATA controller
- LP: #1281620
* ARM: fix "bad mode in ... handler" message for undefined instructions
- LP: #1281620
* SELinux: Fix possible NULL pointer dereference in
selinux_inode_permission()
- LP: #1281620
* md/raid5: Fix possible confusion when multiple write errors occur.
- LP: #1281620
* md/raid10: fix two bugs in handling of known-bad-blocks.
- LP: #1281620
* md/raid10: fix bug when raid10 recovery fails to recover a block.
- LP: #1281620
* hwmon: (coretemp) Fix truncated name of alarm attributes
- LP: #1281620
* nilfs2: fix segctor bug that causes file system corruption
- LP: #1281620
* perf/x86/amd/ibs: Fix waking up from S3 for AMD family 10h
- LP: #1281620
* mm: fix aio performance regression for database caused by THP
- LP: #1281620
* mm: hugetlbfs: fix hugetlbfs optimization
- LP: #1281620
* sched/rt: Fix SCHED_RR across cgroups
- LP: #1281620
* sched,rt: fix isolated CPUs leaving root_task_group indefinitely
throttled
- LP: #1281620
* sched: Unthrottle rt runqueues in __disable_runtime()
- LP: #1281620
* sched/rt: Avoid updating RT entry timeout twice within one tick period
- LP: #1281620
* Linux 3.2.55
- LP: #1281620
* netfilter: nf_conntrack: avoid large timeout for mid-stream pickup
- LP: #1270237
-- Joseph Salisbury <joseph.salisbury@xxxxxxxxxxxxx> Tue, 18 Feb 2014 16:43:57 -0500
** Changed in: linux (Ubuntu Precise)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6368
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1874
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1252422
Title:
CVE-2013-4579
Status in “linux” package in Ubuntu:
Invalid
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
Won't Fix
Status in “linux-lts-backport-natty” package in Ubuntu:
Won't Fix
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Invalid
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Invalid
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Released
Status in “linux-armadaxp” source package in Precise:
Fix Released
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
Won't Fix
Status in “linux-lts-quantal” source package in Precise:
Fix Committed
Status in “linux-lts-raring” source package in Precise:
Fix Released
Status in “linux-lts-saucy” source package in Precise:
Fix Released
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
Fix Released
Status in “linux” source package in Quantal:
Fix Committed
Status in “linux-armadaxp” source package in Quantal:
Fix Committed
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-fsl-imx51” source package in Quantal:
Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
Won't Fix
Status in “linux-lts-backport-natty” source package in Quantal:
Won't Fix
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-lts-saucy” source package in Quantal:
Invalid
Status in “linux-mvl-dove” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
Fix Committed
Status in “linux-lts-backport-maverick” source package in Raring:
Won't Fix
Status in “linux-lts-backport-natty” source package in Raring:
Won't Fix
Status in “linux” source package in Saucy:
Fix Released
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
Won't Fix
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
Fix Committed
Status in “linux” source package in Trusty:
Invalid
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Bug description:
The ath9k_htc_set_bssid_mask function in
drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel
through 3.12 uses a BSSID masking approach to determine the set of MAC
addresses on which a Wi-Fi device is listening, which allows remote
attackers to discover the original MAC address after spoofing by
sending a series of packets to MAC addresses with certain bit
manipulations.
Break-Fix: 585895cdfc683a067d803fead83267cee309ffd0
657eb17d87852c42b55c4b06d5425baa08b2ddb3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1252422/+subscriptions
References