← Back to team overview

kernel-packages team mailing list archive

[Bug 1229981] Re: CVE-2013-4345

 

This bug was fixed in the package linux-lts-raring -
3.8.0-38.56~precise1

---------------
linux-lts-raring (3.8.0-38.56~precise1) precise; urgency=low

  [ Andy Whitcroft ]

  * module signature does not use hash type in older releases

linux-lts-raring (3.8.0-38.55~precise1) precise; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1290512

  [ Tim Gardner ]

  * [Debian] Re-sign modules after debug objcopy
    - LP: #1253155

linux-lts-raring (3.8.0-38.54~precise1) precise; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1290512

  [ Upstream Kernel Changes ]

  * netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper
    - LP: #1274684
    - CVE-2014-1690
  * crypto: ansi_cprng - Fix off by one error in non-block size request
    - LP: #1229981
    - CVE-2013-4345
  * xfs: underflow bug in xfs_attrlist_by_handle()
    - LP: #1256091
    - CVE-2013-6382
  * crypto: s390 - fix concurrency issue in aes-ctr mode
    - LP: #1289439
  * crypto: s390 - fix des and des3_ede cbc concurrency issue
    - LP: #1289439
  * crypto: s390 - fix des and des3_ede ctr concurrency issue
    - LP: #1289439
  * [media] mxl111sf: Fix unintentional garbage stack read
    - LP: #1289439
  * [media] mxl111sf: Fix compile when CONFIG_DVB_USB_MXL111SF is unset
    - LP: #1289439
  * [media] af9035: add ID [2040:f900] Hauppauge WinTV-MiniStick 2
    - LP: #1289439
  * arm64: vdso: prevent ld from aligning PT_LOAD segments to 64k
    - LP: #1289439
  * arm64: add DSB after icache flush in __flush_icache_all()
    - LP: #1289439
  * arm64: Invalidate the TLB when replacing pmd entries during boot
    - LP: #1289439
  * arm64: vdso: fix coarse clock handling
    - LP: #1289439
  * arm64: vdso: update wtm fields for CLOCK_MONOTONIC_COARSE
    - LP: #1289439
  * drm/mgag200,ast,cirrus: fix regression with drm_can_sleep conversion
    - LP: #1289439
  * x86, hweight: Fix BUG when booting with CONFIG_GCOV_PROFILE_ALL=y
    - LP: #1289439
  * mm/swap: fix race on swap_info reuse between swapoff and swapon
    - LP: #1289439
  * mm: __set_page_dirty_nobuffers() uses spin_lock_irqsave() instead of
    spin_lock_irq()
    - LP: #1289439
  * mm: __set_page_dirty uses spin_lock_irqsave instead of spin_lock_irq
    - LP: #1289439
  * staging:iio:ad799x fix error_free_irq which was freeing an irq that may
    not have been requested
    - LP: #1289439
  * KVM: return an error code in kvm_vm_ioctl_register_coalesced_mmio()
    - LP: #1289439
  * block: __elv_next_request() shouldn't call into the elevator if
    bypassing
    - LP: #1289439
  * power: max17040: Fix NULL pointer dereference when there is no
    platform_data
    - LP: #1289439
  * s390/dump: Fix dump memory detection
    - LP: #1289439
  * ath9k_htc: make ->sta_rc_update atomic for most calls
    - LP: #1289439
  * ath9k_htc: Do not support PowerSave by default
    - LP: #1289439
  * ar5523: fix usb id for Gigaset.
    - LP: #1289439
  * ath9k: Do not support PowerSave by default
    - LP: #1289439
  * spi: nuc900: Set SPI_LSB_FIRST for master->mode_bits if hw->pdata->lsb
    is true
    - LP: #1289439
  * usb: ftdi_sio: add Mindstorms EV3 console adapter
    - LP: #1289439
  * usb-storage: restrict bcdDevice range for Super Top in Cypress ATACB
    - LP: #1289439
  * usb-storage: add unusual-devs entry for BlackBerry 9000
    - LP: #1289439
  * usb-storage: enable multi-LUN scanning when needed
    - LP: #1289439
  * of: Fix address decoding on Bimini and js2x machines
    - LP: #1289439
  * of: fix PCI bus match for PCIe slots
    - LP: #1289439
  * usb: qcserial: add Netgear Aircard 340U
    - LP: #1289439
  * USB: ftdi_sio: add Tagsys RFID Reader IDs
    - LP: #1289439
  * mac80211: move roc cookie assignment earlier
    - LP: #1289439
  * mac80211: release the channel in error path in start_ap
    - LP: #1289439
  * mac80211: Fix IBSS disconnect
    - LP: #1289439
  * mac80211: fix fragmentation code, particularly for encryption
    - LP: #1289439
  * time: Fix overflow when HZ is smaller than 60
    - LP: #1289439
  * ALSA: hda - Fix mic capture on Sony VAIO Pro 11
    - LP: #1289439
  * VME: Correct read/write alignment algorithm
    - LP: #1289439
  * Drivers: hv: vmbus: Don't timeout during the initial connection with
    host
    - LP: #1289439
  * raw: test against runtime value of max_raw_minors
    - LP: #1289439
  * tty: n_gsm: Fix for modems with brk in modem status control
    - LP: #1289439
  * staging: comedi: adv_pci1710: fix analog output readback value
    - LP: #1289439
  * xen-blkfront: handle backend CLOSED without CLOSING
    - LP: #1289439
  * Modpost: fixed USB alias generation for ranges including 0x9 and 0xA
    - LP: #1289439
  * fs/file.c:fdtable: avoid triggering OOMs from alloc_fdmem
    - LP: #1289439
  * genirq: Add missing irq_to_desc export for CONFIG_SPARSE_IRQ=n
    - LP: #1289439
  * xen: install xen/gntdev.h and xen/gntalloc.h
    - LP: #1289439
  * ring-buffer: Fix first commit on sub-buffer having non-zero delta
    - LP: #1289439
  * usb: option: blacklist ZTE MF667 net interface
    - LP: #1289439
  * ftrace/x86: Use breakpoints for converting function graph caller
    - LP: #1289439
  * block: add cond_resched() to potentially long running ioctl discard
    loop
    - LP: #1289439
  * md/raid5: Fix CPU hotplug callback registration
    - LP: #1289439
  * compiler/gcc4: Make quirk for asm_volatile_goto() unconditional
    - LP: #1289439
  * x86, smap: Don't enable SMAP if CONFIG_X86_SMAP is disabled
    - LP: #1289439
  * x86, smap: smap_violation() is bogus if CONFIG_X86_SMAP is off
    - LP: #1289439
  * lockd: send correct lock when granting a delayed lock.
    - LP: #1289439
  * IB/qib: Add missing serdes init sequence
    - LP: #1289439
  * EDAC: Poll timeout cannot be zero, p2
    - LP: #1289439
  * EDAC: Correct workqueue setup path
    - LP: #1289439
  * kvm: x86: fix apic_base enable check
    - LP: #1289439
  * Linux 3.8.13.19
    - LP: #1289439
 -- Brad Figg <brad.figg@xxxxxxxxxxxxx>   Thu, 13 Mar 2014 08:42:48 -0700

** Changed in: linux-lts-raring (Ubuntu Precise)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6382

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1690

** Changed in: linux-lts-raring (Ubuntu Precise)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1229981

Title:
  CVE-2013-4345

Status in “linux” package in Ubuntu:
  Invalid
Status in “linux-armadaxp” package in Ubuntu:
  Invalid
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
  Won't Fix
Status in “linux-lts-backport-natty” package in Ubuntu:
  Won't Fix
Status in “linux-lts-quantal” package in Ubuntu:
  Invalid
Status in “linux-lts-raring” package in Ubuntu:
  Invalid
Status in “linux-lts-saucy” package in Ubuntu:
  Invalid
Status in “linux-mvl-dove” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Invalid
Status in “linux” source package in Lucid:
  Fix Released
Status in “linux-armadaxp” source package in Lucid:
  Invalid
Status in “linux-ec2” source package in Lucid:
  Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
  Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
  Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
  Invalid
Status in “linux-lts-raring” source package in Lucid:
  Invalid
Status in “linux-lts-saucy” source package in Lucid:
  Invalid
Status in “linux-mvl-dove” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “linux” source package in Precise:
  Fix Released
Status in “linux-armadaxp” source package in Precise:
  Fix Released
Status in “linux-ec2” source package in Precise:
  Invalid
Status in “linux-fsl-imx51” source package in Precise:
  Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
  Won't Fix
Status in “linux-lts-quantal” source package in Precise:
  Fix Released
Status in “linux-lts-raring” source package in Precise:
  Fix Released
Status in “linux-lts-saucy” source package in Precise:
  Fix Released
Status in “linux-mvl-dove” source package in Precise:
  Invalid
Status in “linux-ti-omap4” source package in Precise:
  Fix Released
Status in “linux” source package in Quantal:
  Fix Released
Status in “linux-armadaxp” source package in Quantal:
  Fix Released
Status in “linux-ec2” source package in Quantal:
  Invalid
Status in “linux-fsl-imx51” source package in Quantal:
  Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Quantal:
  Won't Fix
Status in “linux-lts-quantal” source package in Quantal:
  Invalid
Status in “linux-lts-raring” source package in Quantal:
  Invalid
Status in “linux-lts-saucy” source package in Quantal:
  Invalid
Status in “linux-mvl-dove” source package in Quantal:
  Invalid
Status in “linux-ti-omap4” source package in Quantal:
  Fix Released
Status in “linux-lts-backport-maverick” source package in Raring:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Raring:
  Won't Fix
Status in “linux” source package in Saucy:
  Fix Released
Status in “linux-armadaxp” source package in Saucy:
  Invalid
Status in “linux-ec2” source package in Saucy:
  Invalid
Status in “linux-fsl-imx51” source package in Saucy:
  Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
  Won't Fix
Status in “linux-lts-quantal” source package in Saucy:
  Invalid
Status in “linux-lts-raring” source package in Saucy:
  Invalid
Status in “linux-lts-saucy” source package in Saucy:
  Invalid
Status in “linux-mvl-dove” source package in Saucy:
  Invalid
Status in “linux-ti-omap4” source package in Saucy:
  Fix Released
Status in “linux” source package in Trusty:
  Invalid
Status in “linux-armadaxp” source package in Trusty:
  Invalid
Status in “linux-ec2” source package in Trusty:
  Invalid
Status in “linux-fsl-imx51” source package in Trusty:
  Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
  Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
  Invalid
Status in “linux-lts-raring” source package in Trusty:
  Invalid
Status in “linux-lts-saucy” source package in Trusty:
  Invalid
Status in “linux-mvl-dove” source package in Trusty:
  Invalid
Status in “linux-ti-omap4” source package in Trusty:
  Invalid

Bug description:
  Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c
  in the Linux kernel through 3.11.4 makes it easier for context-
  dependent attackers to defeat cryptographic protection mechanisms via
  multiple requests for small amounts of data, leading to improper
  management of the state of the consumed data.

  Break-Fix: - 714b33d15130cbb5ab426456d4e3de842d6c5b8a

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1229981/+subscriptions


References