kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #71453
[Bug 1298119] Re: CVE-2014-0131
This bug was fixed in the package linux-lts-raring -
3.8.0-44.66~precise1
---------------
linux-lts-raring (3.8.0-44.66~precise1) precise; urgency=low
[ Upstream Kernel Changes ]
* l2tp: Privilege escalation in ppp over l2tp sockets
- LP: #1341472
- CVE-2014-4943
linux-lts-raring (3.8.0-44.65~precise1) precise; urgency=low
[ Luis Henriques ]
* Merged back Ubuntu-lts-3.8.0-42.63 security release
* Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
- LP: #1337339
* Release Tracking Bug
- LP: #1338579
[ Upstream Kernel Changes ]
* ptrace,x86: force IRET path after a ptrace_stop()
- LP: #1337339
- CVE-2014-4699
linux-lts-raring (3.8.0-43.64~precise1) precise; urgency=low
[ Kamal Mostafa ]
* Revert "ARM: OMAP3: clock: Back-propagate rate change from
cam_mclk to dpll4_m5 on all OMAP3 platforms"
* Release Tracking Bug
- re-used previous tracking bug
linux-lts-raring (3.8.0-43.63~precise1) precise; urgency=low
[ Kamal Mostafa ]
* [Config] add debian/gbp.conf
* Release Tracking Bug
- LP: #1335912
[ Upstream Kernel Changes ]
* Revert "USB: serial: add usbid for dell wwan card to sierra.c"
- LP: #1333900
* Revert "macvlan : fix checksums error when we are in bridge mode"
- LP: #1333900
* auditsc: audit_krule mask accesses need bounds checking
- LP: #1325941
- CVE-2014-3917
* fs, userns: Change inode_capable to capable_wrt_inode_uidgid
- LP: #1329103
- CVE-2014-4014
* ACPI / EC: Clear stale EC events on Samsung systems
- LP: #1333900
* ACPI / EC: Process rather than discard events in acpi_ec_clear
- LP: #1333900
* mac80211: fix software remain-on-channel implementation
- LP: #1333900
* mac80211: exclude AP_VLAN interfaces from tx power calculation
- LP: #1333900
* parisc: fix epoll_pwait syscall on compat kernel
- LP: #1333900
* ALSA: hda/realtek - Add support of ALC288 codec
- LP: #1333900
* user namespace: fix incorrect memory barriers
- LP: #1333900
* mlx4_en: don't use napi_synchronize inside mlx4_en_netpoll
- LP: #1333900
* mei: ignore client writing state during cb completion
- LP: #1333900
* staging: r8712u: Fix case where ethtype was never obtained and always
be checked against 0
- LP: #1333900
* USB: serial: ftdi_sio: add id for Brainboxes serial cards
- LP: #1333900
* usb: option driver, add support for Telit UE910v2
- LP: #1333900
* USB: cp210x: Add 8281 (Nanotec Plug & Drive)
- LP: #1333900
* USB: pl2303: add ids for Hewlett-Packard HP POS pole displays
- LP: #1333900
* USB: usb_wwan: fix handling of missing bulk endpoints
- LP: #1333900
* USB: fix crash during hotplug of PCI USB controller card
- LP: #1333900
* USB: cdc-acm: Remove Motorola/Telit H24 serial interfaces from ACM
driver
- LP: #1333900
* drm/radeon: memory leak on bo reservation failure. v2
- LP: #1333900
* drm/radeon/si: make sure mc ucode is loaded before checking the size
- LP: #1333900
* mm/hugetlb.c: add cond_resched_lock() in return_unused_surplus_pages()
- LP: #1333900
* mm: use paravirt friendly ops for NUMA hinting ptes
- LP: #1333900
* iio: querying buffer scan_mask should return 0/1
- LP: #1333900
* pata_at91: fix ata_host_activate() failure handling
- LP: #1333900
* ext4: note the error in ext4_end_bio()
- LP: #1333900
* ext4: fix jbd2 warning under heavy xattr load
- LP: #1333900
* ext4: use i_size_read in ext4_unaligned_aio()
- LP: #1333900
* locks: allow __break_lease to sleep even when break_time is 0
- LP: #1333900
* genirq: Allow forcing cpu affinity of interrupts
- LP: #1333900
* nfsd: set timeparms.to_maxval in setup_callback_client
- LP: #1333900
* libata/ahci: accommodate tag ordered controllers
- LP: #1333900
* Input: synaptics - add min/max quirk for ThinkPad T431s, L440, L540, S1
Yoga and X1
- LP: #1333900
* drm/radeon: fix ATPX detection on non-VGA GPUs
- LP: #1333900
* mm: make fixup_user_fault() check the vma access rights too
- LP: #1333900
* ARM: 8027/1: fix do_div() bug in big-endian systems
- LP: #1333900
* ARM: 8030/1: ARM : kdump : add arch_crash_save_vmcoreinfo
- LP: #1333900
* USB: serial: fix sysfs-attribute removal deadlock
- LP: #1333900
* Btrfs: fix inode caching vs tree log
- LP: #1333900
* xhci: Switch Intel Lynx Point ports to EHCI on shutdown.
- LP: #1333900
* USB: io_ti: fix firmware download on big-endian machines
- LP: #1333900
* usb: qcserial: add Sierra Wireless EM7355
- LP: #1333900
* usb: qcserial: add Sierra Wireless MC73xx
- LP: #1333900
* usb: qcserial: add Sierra Wireless MC7305/MC7355
- LP: #1333900
* usb: option: add Olivetti Olicard 500
- LP: #1333900
* usb: option: add Alcatel L800MA
- LP: #1333900
* usb: option: add and update a number of CMOTech devices
- LP: #1333900
* list: introduce list_next_entry() and list_prev_entry()
- LP: #1333900
* net: sctp: wake up all assocs if sndbuf policy is per socket
- LP: #1333900
* net: sctp: test if association is dead in sctp_wake_up_waiters
- LP: #1333900
* l2tp: take PMTU from tunnel UDP socket
- LP: #1333900
* net: core: don't account for udp header size when computing seglen
- LP: #1333900
* bonding: Remove debug_fs files when module init fails
- LP: #1333900
* ipv6: Limit mtu to 65575 bytes
- LP: #1333900
* ipv4: return valid RTA_IIF on ip route get
- LP: #1333900
* filter: prevent nla extensions to peek beyond the end of the message
- LP: #1333900
* ip6_gre: don't allow to remove the fb_tunnel_dev
- LP: #1333900
* vlan: Fix lockdep warning when vlan dev handle notification
- LP: #1333900
* tg3: update rx_jumbo_pending ring param only when jumbo frames are
enabled
- LP: #1333900
* net: sctp: cache auth_enable per endpoint
- LP: #1333900
* rtnetlink: Warn when interface's information won't fit in our packet
- LP: #1333900
* rtnetlink: Only supply IFLA_VF_PORTS information when RTEXT_FILTER_VF
is set
- LP: #1333900
* ipv6: fib: fix fib dump restart
- LP: #1333900
* bridge: Handle IFLA_ADDRESS correctly when creating bridge device
- LP: #1333900
* sctp: reset flowi4_oif parameter on route lookup
- LP: #1333900
* tcp_cubic: fix the range of delayed_ack
- LP: #1333900
* net: ipv4: ip_forward: fix inverted local_df test
- LP: #1333900
* netfilter: ipv4: defrag: set local_df flag on defragmented skb
- LP: #1333900
* net: ipv6: send pkttoobig immediately if orig frag size > mtu
- LP: #1333900
* ipv4: fib_semantics: increment fib_info_cnt after fib_info allocation
- LP: #1333900
* net: cdc_mbim: handle unaccelerated VLAN tagged frames
- LP: #1333900
* macvlan: Don't propagate IFF_ALLMULTI changes on down interfaces.
- LP: #1333900
* ip6_tunnel: fix potential NULL pointer dereference
- LP: #1333900
* ipv4: initialise the itag variable in __mkroute_input
- LP: #1333900
* net-gro: reset skb->truesize in napi_reuse_skb()
- LP: #1333900
* net: qmi_wwan: fixup Sierra Wireless MC8305 entry
- LP: #1333900
* net: qmi_wwan: add Option GTM681W
- LP: #1333900
* net: qmi_wwan: add TP-LINK MA260
- LP: #1333900
* qmi_wwan: add ONDA MT689DC device ID (fwd)
- LP: #1333900
* net: qmi_wwan: add Telit LE920 newer firmware support
- LP: #1333900
* net: qmi_wwan: fix Cinterion PLXX product ID
- LP: #1333900
* net: qmi_wwan: Olivetti Olicard 200 support
- LP: #1333900
* net: qmi_wwan: add ZTE MF667
- LP: #1333900
* net: qmi_wwan: add support for Cinterion PXS8 and PHS8
- LP: #1333900
* net: qmi_wwan: add Sierra Wireless EM7355
- LP: #1333900
* net: qmi_wwan: add Sierra Wireless MC73xx
- LP: #1333900
* net: qmi_wwan: add Sierra Wireless MC7305/MC7355
- LP: #1333900
* net: qmi_wwan: add Olivetti Olicard 500
- LP: #1333900
* net: qmi_wwan: add Alcatel L800MA
- LP: #1333900
* net: qmi_wwan: add a number of CMOTech devices
- LP: #1333900
* net: qmi_wwan: add a number of Dell devices
- LP: #1333900
* xhci: For streams the css flag most be read from the stream-ctx on ep
stop
- LP: #1333900
* usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb
- LP: #1333900
* skbuff: skb_segment: orphan frags before copying
- LP: #1298119, #1333900
- CVE-2014-0131
* drm/vmwgfx: Make sure user-space can't DMA across buffer object
boundaries v2
- LP: #1333900
* s390/bpf,jit: initialize A register if 1st insn is BPF_S_LDX_B_MSH
- LP: #1333900
* ftrace/module: Hardcode ftrace_module_init() call into load_module()
- LP: #1333900
* [SCSI] mpt2sas: Don't disable device twice at suspend.
- LP: #1333900
* drivercore: deferral race condition fix
- LP: #1333900
* hrtimer: Prevent all reprogramming if hang detected
- LP: #1333900
* hrtimer: Prevent remote enqueue of leftmost timers
- LP: #1333900
* timer: Prevent overflow in apply_slack
- LP: #1333900
* rt2x00: fix beaconing on USB
- LP: #1333900
* Input: synaptics - add min/max quirk for ThinkPad Edge E431
- LP: #1333900
* Bluetooth: Fix triggering BR/EDR L2CAP Connect too early
- LP: #1333900
* Bluetooth: Add support for Lite-on [04ca:3007]
- LP: #1333900
* drm/i915: Break encoder->crtc link separately in intel_sanitize_crtc()
- LP: #1333900
* rtl8192cu: Fix unbalanced irq enable in error path of rtl92cu_hw_init()
- LP: #1333900
* drm/nouveau/acpi: allow non-optimus setups to load vbios from acpi
- LP: #1333900
* ALSA: usb-audio: work around corrupted TEAC UD-H01 feedback data
- LP: #1333900
* usb: qcserial: add a number of Dell devices
- LP: #1333900
* usb: storage: shuttle_usbat: fix discs being detected twice
- LP: #1333900
* fsl-usb: do not test for PHY_CLK_VALID bit on controller version 1.6
- LP: #1333900
* drivers/tty/hvc: don't free hvc_console_setup after init
- LP: #1333900
* USB: Nokia 305 should be treated as unusual dev
- LP: #1333900
* USB: Nokia 5300 should be treated as unusual dev
- LP: #1333900
* HID: add NO_INIT_REPORTS quirk for Synaptics Touch Pad V 103S
- LP: #1333900
* Input: elantech - fix touchpad initialization on Gigabyte U2442
- LP: #1333900
* posix_acl: handle NULL ACL in posix_acl_equiv_mode
- LP: #1333900
* mm/compaction: make isolate_freepages start at pageblock boundary
- LP: #1333900
* Linux 3.8.13.24
- LP: #1333900
* lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c
- CVE-2014-4608
* lib/lzo: Update LZO compression to current upstream version
- CVE-2014-4608
* lzo: properly check for overruns
- CVE-2014-4608
* percpu: make pcpu_alloc_chunk() use pcpu_mem_free() instead of kfree()
- LP: #1335893
* [media] fc2580: fix tuning failure on 32-bit arch
- LP: #1335893
* crypto: caam - add allocation failure handling in SPRINTFCAT macro
- LP: #1335893
* [media] media-device: fix infoleak in ioctl media_enum_entities()
- LP: #1335893
* md: avoid possible spinning md thread at shutdown.
- LP: #1335893
* NFSd: call rpc_destroy_wait_queue() from free_client()
- LP: #1335893
* genirq: Provide irq_force_affinity fallback for non-SMP
- LP: #1335893
* ACPI / blacklist: Add dmi_enable_osi_linux quirk for Asus EEE PC 1015PX
- LP: #1335893
* NFSD: Call ->set_acl with a NULL ACL structure if no entries
- LP: #1335893
* ARM: dts: i.MX53: Fix ipu register space size
- LP: #1335893
* mm, thp: close race between mremap() and split_huge_page()
- LP: #1335893
* hrtimer: Set expiry time before switch_hrtimer_base()
- LP: #1335893
* hwmon: (emc1403) fix inverted store_hyst()
- LP: #1335893
* hwmon: (emc1403) Support full range of known chip revision numbers
- LP: #1335893
* iommu/amd: Fix interrupt remapping for aliased devices
- LP: #1335893
* ASoC: wm8962: Update register CLASS_D_CONTROL_1 to be non-volatile
- LP: #1335893
* [media] V4L2: ov7670: fix a wrong index, potentially Oopsing the kernel
from user-space
- LP: #1335893
* [media] V4L2: fix VIDIOC_CREATE_BUFS in 64- / 32-bit compatibility mode
- LP: #1335893
* x86, mm, hugetlb: Add missing TLB page invalidation for hugetlb_cow()
- LP: #1335893
* i2c: designware: Mask all interrupts during i2c controller enable
- LP: #1335893
* i2c: s3c2410: resume race fix
- LP: #1335893
* i2c: rcar: bail out on zero length transfers
- LP: #1335893
* dm crypt: fix cpu hotplug crash by removing per-cpu structure
- LP: #1335893
* x86-64, modify_ldt: Make support for 16-bit segments a runtime option
- LP: #1335893
* PCI: shpchp: Check bridge's secondary (not primary) bus speed
- LP: #1335893
* libceph: fix corruption when using page_count 0 page in rbd
- LP: #1335893
* sched: Sanitize irq accounting madness
- LP: #1335893
* sched: Use CPUPRI_NR_PRIORITIES instead of MAX_RT_PRIO in cpupri check
- LP: #1335893
* net: cpsw: fix null dereference at probe
- LP: #1335893
* perf: Limit perf_event_attr::sample_period to 63 bits
- LP: #1335893
* perf: Prevent false warning in perf_swevent_add
- LP: #1335893
* drm/radeon: also try GART for CPU accessed buffers
- LP: #1335893
* drm/radeon: handle non-VGA class pci devices with ATRM
- LP: #1335893
* drm/radeon: avoid segfault on device open when accel is not working.
- LP: #1335893
* can: peak_pci: prevent use after free at netdev removal
- LP: #1335893
* nfsd4: remove lockowner when removing lock stateid
- LP: #1335893
* nfsd4: warn on finding lockowner without stateid's
- LP: #1335893
* dma: mv_xor: Flush descriptors before activating a channel
- LP: #1335893
* hwpoison, hugetlb: lock_page/unlock_page does not match for handling a
free hugepage
- LP: #1335893
* mm/memory-failure.c: fix memory leak by race between poison and
unpoison
- LP: #1335893
* ARM: OMAP3: clock: Back-propagate rate change from cam_mclk to dpll4_m5
on all OMAP3 platforms
- LP: #1335893
* Input: synaptics - add min/max quirk for the ThinkPad W540
- LP: #1335893
* futex: Add another early deadlock detection check
- LP: #1335893
* futex: Prevent attaching to kernel threads
- LP: #1335893
* ARM: imx: fix error handling in ipu device registration
- LP: #1335893
* sched/deadline: Change sched_getparam() behaviour vs SCHED_DEADLINE
- LP: #1335893
* ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets
- LP: #1335893
* ARM: 8051/1: put_user: fix possible data corruption in put_user
- LP: #1335893
* Input: synaptics - T540p - unify with other LEN0034 models
- LP: #1335893
* powerpc: Fix 64 bit builds with binutils 2.24
- LP: #1335893
* Staging: speakup: Move pasting into a work item
- LP: #1335893
* USB: Avoid runtime suspend loops for HCDs that can't handle
suspend/resume
- LP: #1335893
* USB: io_ti: fix firmware download on big-endian machines (part 2)
- LP: #1335893
* USB: ftdi_sio: add NovaTech OrionLXm product ID
- LP: #1335893
* USB: serial: option: add support for Novatel E371 PCIe card
- LP: #1335893
* md: always set MD_RECOVERY_INTR when aborting a reshape or other
"resync".
- LP: #1335893
* xhci: delete endpoints from bandwidth list before freeing whole device
- LP: #1335893
* ALSA: hda/realtek - Correction of fixup codes for PB V7900 laptop
- LP: #1335893
* ALSA: hda/realtek - Fix COEF widget NID for ALC260 replacer fixup
- LP: #1335893
* target: Fix alua_access_state attribute OOPs for un-configured devices
- LP: #1335893
* mm: rmap: fix use-after-free in __put_anon_vma
- LP: #1335893
* Linux 3.8.13.25
- LP: #1335893
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Mon, 14 Jul 2014 14:52:11 +0100
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: Won't Fix => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1298119
Title:
CVE-2014-0131
Status in “linux” package in Ubuntu:
Invalid
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
Won't Fix
Status in “linux-lts-backport-natty” package in Ubuntu:
Won't Fix
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Invalid
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Invalid
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Committed
Status in “linux-armadaxp” source package in Precise:
Fix Released
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
Won't Fix
Status in “linux-lts-quantal” source package in Precise:
Fix Released
Status in “linux-lts-raring” source package in Precise:
Fix Released
Status in “linux-lts-saucy” source package in Precise:
Fix Committed
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
New
Status in “linux-lts-backport-maverick” source package in Quantal:
Won't Fix
Status in “linux-lts-backport-natty” source package in Quantal:
Won't Fix
Status in “linux” source package in Saucy:
Fix Committed
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
Won't Fix
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
New
Status in “linux” source package in Trusty:
Invalid
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Status in “linux” source package in Utopic:
Invalid
Status in “linux-armadaxp” source package in Utopic:
Invalid
Status in “linux-ec2” source package in Utopic:
Invalid
Status in “linux-fsl-imx51” source package in Utopic:
Invalid
Status in “linux-lts-backport-maverick” source package in Utopic:
Won't Fix
Status in “linux-lts-backport-natty” source package in Utopic:
Won't Fix
Status in “linux-lts-quantal” source package in Utopic:
Invalid
Status in “linux-lts-raring” source package in Utopic:
Invalid
Status in “linux-lts-saucy” source package in Utopic:
Invalid
Status in “linux-mvl-dove” source package in Utopic:
Invalid
Status in “linux-ti-omap4” source package in Utopic:
Invalid
Bug description:
Use-after-free vulnerability in the skb_segment function in
net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers
to obtain sensitive information from kernel memory by leveraging the
absence of a certain orphaning operation.
Break-Fix: a6686f2f382b13f8a7253401a66690c3633b6a74
1fd819ecb90cc9b822cd84d3056ddba315d3340f
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1298119/+subscriptions
References
