kernel-packages team mailing list archive

Thread
Date
[Bug 1298119] Re: CVE-2014-0131

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1298119@xxxxxxxxxxxxxxxxxx>
Date: Wed, 16 Jul 2014 19:40:37 -0000
Reply-to: Bug 1298119 <1298119@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux-armadaxp - 3.2.0-1636.53

---------------
linux-armadaxp (3.2.0-1636.53) precise; urgency=low

  [ Andy Whitcroft ]

  * rebase to Ubuntu-3.2.0-67.101

  [ Ubuntu: 3.2.0-67.101 ]

  * l2tp: Privilege escalation in ppp over l2tp sockets
    - LP: #1341472
    - CVE-2014-4943

linux-armadaxp (3.2.0-1636.52) precise; urgency=low

  [ Ike Panhc ]

  * Release Tracking Bug
    - LP: #1338870
  * Rebase to Ubuntu-3.2.0-67.100

  [ Ubuntu: 3.2.0-67.100 ]

  * Merged back Ubuntu-3.2.0-65.99 security release
  * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
    - LP: #1337339
  * Release Tracking Bug
    - LP: #1338654
  * ptrace,x86: force IRET path after a ptrace_stop()
    - LP: #1337339
    - CVE-2014-4699

linux-armadaxp (3.2.0-1636.51) precise-proposed; urgency=low

  [ Ike Panhc ]

  * Release Tracking Bug
    - LP: #1336144
  * Rebase to Ubuntu-3.2.0-66.99

  [ Ubuntu: 3.2.0-66.99 ]

  * Release Tracking Bug
    - LP: #1335906
  * skbuff: export skb_copy_ubufs
    - LP: #1298119
    - CVE-2014-0131
  * skbuff: add an api to orphan frags
    - LP: #1298119
    - CVE-2014-0131
  * skbuff: skb_segment: orphan frags before copying
    - LP: #1298119
    - CVE-2014-0131
  * lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c
    - CVE-2014-4608
  * lib/lzo: Update LZO compression to current upstream version
    - CVE-2014-4608
  * lzo: properly check for overruns
    - CVE-2014-4608
  * KVM: x86 emulator: add support for vector alignment
    - LP: #1330177
  * KVM: x86: emulate movdqa
    - LP: #1330177
 -- Andy Whitcroft <apw@xxxxxxxxxxxxx>   Tue, 15 Jul 2014 10:19:39 +0100

** Changed in: linux-armadaxp (Ubuntu Precise)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4608

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4699

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4943

** Changed in: linux-lts-quantal (Ubuntu Precise)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1739

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3917

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4014

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4027

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1298119

Title:
  CVE-2014-0131

Status in “linux” package in Ubuntu:
  Invalid
Status in “linux-armadaxp” package in Ubuntu:
  Invalid
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
  Won't Fix
Status in “linux-lts-backport-natty” package in Ubuntu:
  Won't Fix
Status in “linux-lts-quantal” package in Ubuntu:
  Invalid
Status in “linux-lts-raring” package in Ubuntu:
  Invalid
Status in “linux-lts-saucy” package in Ubuntu:
  Invalid
Status in “linux-mvl-dove” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Invalid
Status in “linux” source package in Lucid:
  Invalid
Status in “linux-armadaxp” source package in Lucid:
  Invalid
Status in “linux-ec2” source package in Lucid:
  Invalid
Status in “linux-fsl-imx51” source package in Lucid:
  Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
  Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
  Invalid
Status in “linux-lts-raring” source package in Lucid:
  Invalid
Status in “linux-lts-saucy” source package in Lucid:
  Invalid
Status in “linux-mvl-dove” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “linux” source package in Precise:
  Fix Committed
Status in “linux-armadaxp” source package in Precise:
  Fix Released
Status in “linux-ec2” source package in Precise:
  Invalid
Status in “linux-fsl-imx51” source package in Precise:
  Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
  Won't Fix
Status in “linux-lts-quantal” source package in Precise:
  Fix Released
Status in “linux-lts-raring” source package in Precise:
  Fix Released
Status in “linux-lts-saucy” source package in Precise:
  Fix Committed
Status in “linux-mvl-dove” source package in Precise:
  Invalid
Status in “linux-ti-omap4” source package in Precise:
  New
Status in “linux-lts-backport-maverick” source package in Quantal:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Quantal:
  Won't Fix
Status in “linux” source package in Saucy:
  Fix Committed
Status in “linux-armadaxp” source package in Saucy:
  Invalid
Status in “linux-ec2” source package in Saucy:
  Invalid
Status in “linux-fsl-imx51” source package in Saucy:
  Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
  Won't Fix
Status in “linux-lts-quantal” source package in Saucy:
  Invalid
Status in “linux-lts-raring” source package in Saucy:
  Invalid
Status in “linux-lts-saucy” source package in Saucy:
  Invalid
Status in “linux-mvl-dove” source package in Saucy:
  Invalid
Status in “linux-ti-omap4” source package in Saucy:
  New
Status in “linux” source package in Trusty:
  Invalid
Status in “linux-armadaxp” source package in Trusty:
  Invalid
Status in “linux-ec2” source package in Trusty:
  Invalid
Status in “linux-fsl-imx51” source package in Trusty:
  Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
  Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
  Invalid
Status in “linux-lts-raring” source package in Trusty:
  Invalid
Status in “linux-lts-saucy” source package in Trusty:
  Invalid
Status in “linux-mvl-dove” source package in Trusty:
  Invalid
Status in “linux-ti-omap4” source package in Trusty:
  Invalid
Status in “linux” source package in Utopic:
  Invalid
Status in “linux-armadaxp” source package in Utopic:
  Invalid
Status in “linux-ec2” source package in Utopic:
  Invalid
Status in “linux-fsl-imx51” source package in Utopic:
  Invalid
Status in “linux-lts-backport-maverick” source package in Utopic:
  Won't Fix
Status in “linux-lts-backport-natty” source package in Utopic:
  Won't Fix
Status in “linux-lts-quantal” source package in Utopic:
  Invalid
Status in “linux-lts-raring” source package in Utopic:
  Invalid
Status in “linux-lts-saucy” source package in Utopic:
  Invalid
Status in “linux-mvl-dove” source package in Utopic:
  Invalid
Status in “linux-ti-omap4” source package in Utopic:
  Invalid

Bug description:
  Use-after-free vulnerability in the skb_segment function in
  net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers
  to obtain sensitive information from kernel memory by leveraging the
  absence of a certain orphaning operation.

  Break-Fix: a6686f2f382b13f8a7253401a66690c3633b6a74
  1fd819ecb90cc9b822cd84d3056ddba315d3340f

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1298119/+subscriptions
References

[Bug 1298119] [NEW] CVE-2014-0131
From: John Johansen, 2014-03-27