kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #83809
[Bug 1370042] Re: CVE-2014-6410
This bug was fixed in the package linux-ti-omap4 - 3.2.0-1455.75
---------------
linux-ti-omap4 (3.2.0-1455.75) precise; urgency=low
* Release Tracking Bug
- LP: #1372683
[ Paolo Pisati ]
* rebased on Ubuntu-3.2.0-70.105
[ Ubuntu: 3.2.0-70.105 ]
* Release Tracking Bug
- re-used previous tracking bug
* udf: Avoid infinite loop when processing indirect ICBs
- LP: #1370042
- CVE-2014-6410
linux-ti-omap4 (3.2.0-1454.74) precise; urgency=low
* Release Tracking Bug
- LP: #1372683
[ Paolo Pisati ]
* rebased on Ubuntu-3.2.0-70.104
[ Ubuntu: 3.2.0-70.104 ]
* Release Tracking Bug
- LP: #1372522
* SAUCE: Fix nfs oops stable regression
- LP: #1348670
* [Config] updateconfigs
- LP: #1369711
* Revert "x86-64, modify_ldt: Make support for 16-bit segments a runtime
option"
- LP: #1369711
* KVM: x86: Inter-privilege level ret emulation is not implemeneted
- LP: #1369711
* ASoC: samsung: Correct I2S DAI suspend/resume ops
- LP: #1369711
* block: don't assume last put of shared tags is for the host
- LP: #1369711
* stable_kernel_rules: Add pointer to netdev-FAQ for network patches
- LP: #1369711
* debugfs: Fix corrupted loop in debugfs_remove_recursive
- LP: #1369711
* serial: core: Preserve termios c_cflag for console resume
- LP: #1369711
* tda10071: force modulation to QPSK on DVB-S
- LP: #1369711
* gspca_pac7302: Add new usb-id for Genius i-Look 317
- LP: #1369711
* mtd/ftl: fix the double free of the buffers allocated in build_maps()
- LP: #1369711
* x86: don't exclude low BIOS area when allocating address space for
non-PCI cards
- LP: #1369711
* Bluetooth: never linger on process exit
- LP: #1369711
* scsi: handle flush errors properly
- LP: #1369711
* USB: OHCI: don't lose track of EDs when a controller dies
- LP: #1369711
* ahci: add support for the Promise FastTrak TX8660 SATA HBA (ahci mode)
- LP: #1369711
* usbcore: don't log on consecutive debounce failures of the same port
- LP: #1369711
* USB: Fix persist resume of some SS USB devices
- LP: #1369711
* drm/radeon: fix irq ring buffer overflow handling
- LP: #1369711
* hwmon: (smsc47m192) Fix temperature limit and vrm write operations
- LP: #1369711
* staging: vt6655: Fix Warning on boot handle_irq_event_percpu.
- LP: #1369711
* staging: vt6655: Fix disassociated messages every 10 seconds
- LP: #1369711
* bfa: Fix undefined bit shift on big-endian architectures with 32-bit
DMA address
- LP: #1369711
* hpsa: fix bad -ENOMEM return value in hpsa_big_passthru_ioctl
- LP: #1369711
* Drivers: scsi: storvsc: Implement a eh_timed_out handler
- LP: #1369711
* Fix gcc-4.9.0 miscompilation of load_balance() in scheduler
- LP: #1369711
* iommu/vt-d: Exclude devices using RMRRs from IOMMU API domains
- LP: #1369711
* net: sendmsg: fix NULL pointer dereference
- LP: #1369711
* tpm: Provide a generic means to override the chip returned timeouts
- LP: #1369711
* hwmon: (ads1015) Fix off-by-one for valid channel index checking
- LP: #1369711
* MIPS: tlbex: Fix a missing statement for HUGETLB
- LP: #1369711
* MIPS: Prevent user from setting FCSR cause bits
- LP: #1369711
* mm, thp: do not allow thp faults to avoid cpuset restrictions
- LP: #1369711
* md/raid1,raid10: always abort recover on write error.
- LP: #1369711
* ext4: cleanup in ext4_discard_allocated_blocks()
- LP: #1369711
* ext4: fix ext4_discard_allocated_blocks() if we can't allocate the pa
struct
- LP: #1369711
* hwmon: (lm85) Fix various errors on attribute writes
- LP: #1369711
* hwmon: (lm78) Fix overflow problems seen when writing large temperature
limits
- LP: #1369711
* hwmon: (amc6821) Fix return value
- LP: #1369711
* hwmon: (amc6821) Fix possible race condition bug
- LP: #1369711
* MIPS: GIC: Prevent array overrun
- LP: #1369711
* crypto: af_alg - properly label AF_ALG socket
- LP: #1369711
* mnt: Change the default remount atime from relatime to the existing
value
- LP: #1369711
* ARM: OMAP3: Fix choice of omap3_restore_es function in OMAP34XX
rev3.1.2 case.
- LP: #1369711
* netlabel: use GFP flags from caller instead of GFP_ATOMIC
- LP: #1369711
* netlabel: fix a problem when setting bits below the previously lowest
bit
- LP: #1369711
* USB: serial: ftdi_sio: Annotate the current Xsens PID assignments
- LP: #1369711
* USB: serial: ftdi_sio: Add support for new Xsens devices
- LP: #1369711
* ALSA: virtuoso: Xonar DSX support
- LP: #1369711
* ALSA: virtuoso: add Xonar Essence STX II support
- LP: #1369711
* hwmon: (gpio-fan) Prevent overflow problem when writing large limits
- LP: #1369711
* hwmon: (sis5595) Prevent overflow problem when writing large limits
- LP: #1369711
* drm/ttm: Fix possible stack overflow by recursive shrinker calls.
- LP: #1369711
* powerpc/mm/numa: Fix break placement
- LP: #1369711
* drm/radeon: load the lm63 driver for an lm64 thermal chip.
- LP: #1369711
* RDMA/iwcm: Use a default listen backlog if needed
- LP: #1369711
* hwmon: (lm92) Prevent overflow problem when writing large limits
- LP: #1369711
* hwmon: (ads1015) Fix out-of-bounds array access
- LP: #1369711
* s390/locking: Reenable optimistic spinning
- LP: #1369711
* ring-buffer: Up rb_iter_peek() loop count to 3
- LP: #1369711
* ring-buffer: Always reset iterator to reader page
- LP: #1369711
* x86/xen: resume timer irqs early
- LP: #1369711
* carl9170: fix sending URBs with wrong type when using full-speed
- LP: #1369711
* reiserfs: Fix use after free in journal teardown
- LP: #1369711
* powerpc: Fix build errors STRICT_MM_TYPECHECKS
- LP: #1369711
* powerpc/mm: Use read barrier when creating real_pte
- LP: #1369711
* ASoC: pxa-ssp: drop SNDRV_PCM_FMTBIT_S24_LE
- LP: #1369711
* Btrfs: fix csum tree corruption, duplicate and outdated checksums
- LP: #1369711
* ALSA: hda/realtek - Avoid setting wrong COEF on ALC269 & co
- LP: #1369711
* CIFS: Fix wrong directory attributes after rename
- LP: #1369711
* md/raid6: avoid data corruption during recovery of double-degraded
RAID6
- LP: #1369711
* USB: option: add VIA Telecom CDS7 chipset device id
- LP: #1369711
* USB: ftdi_sio: add Basic Micro ATOM Nano USB2Serial PID
- LP: #1369711
* USB: serial: pl2303: add device id for ztek device
- LP: #1369711
* USB: ftdi_sio: Added PID for new ekey device
- LP: #1369711
* iommu/amd: Fix cleanup_domain for mass device removal
- LP: #1369711
* pata_scc: propagate return value of scc_wait_after_reset
- LP: #1369711
* xhci: Treat not finding the event_seg on COMP_STOP the same as
COMP_STOP_INVAL
- LP: #1369711
* usb: xhci: amd chipset also needs short TX quirk
- LP: #1369711
* MIPS: OCTEON: make get_system_type() thread-safe
- LP: #1369711
* xhci: rework cycle bit checking for new dequeue pointers
- LP: #1369711
* HID: logitech: perform bounds checking on device_id early enough
- LP: #1369711
* HID: fix a couple of off-by-ones
- LP: #1369711
* USB: whiteheat: Added bounds checking for bulk command response
- LP: #1369711
* HID: logitech-dj: prevent false errors to be shown
- LP: #1369711
* ACPI / EC: Add support to disallow QR_EC to be issued when SCI_EVT
isn't set
- LP: #1369711
* USB: sisusb: add device id for Magic Control USB video
- LP: #1369711
* NFSv4: Fix problems with close in the presence of a delegation
- LP: #1369711
* HID: magicmouse: sanity check report size in raw_event() callback
- LP: #1369711
* HID: picolcd: sanity check report size in raw_event() callback
- LP: #1369711
* ARM: 8128/1: abort: don't clear the exclusive monitors
- LP: #1369711
* ARM: 8129/1: errata: work around Cortex-A15 erratum 830321 using dummy
strex
- LP: #1369711
* USB: serial: fix potential stack buffer overflow
- LP: #1369711
* USB: serial: fix potential heap buffer overflow
- LP: #1369711
* openrisc: add missing header inclusion
- LP: #1369711
* MIPS: perf: Fix build error caused by unused
counters_per_cpu_to_total()
- LP: #1369711
* MIPS: Fix accessing to per-cpu data when flushing the cache
- LP: #1369711
* openrisc: include export.h for EXPORT_SYMBOL
- LP: #1369711
* inetpeer: get rid of ip_id_count
- LP: #1369711
* ip: make IP identifiers less predictable
- LP: #1369711
* tcp: Fix integer-overflows in TCP veno
- LP: #1369711
* tcp: Fix integer-overflow in TCP vegas
- LP: #1369711
* macvlan: Initialize vlan_features to turn on offload support.
- LP: #1369711
* iovec: make sure the caller actually wants anything in
memcpy_fromiovecend
- LP: #1369711
* sctp: fix possible seqlock seadlock in sctp_packet_transmit()
- LP: #1369711
* sparc64: Fix argument sign extension for compat_sys_futex().
- LP: #1369711
* sparc64: Make itc_sync_lock raw
- LP: #1369711
* sparc64: Handle 32-bit tasks properly in compute_effective_address().
- LP: #1369711
* sparc64: Fix top-level fault handling bugs.
- LP: #1369711
* sparc64: Don't bark so loudly about 32-bit tasks generating 64-bit
fault addresses.
- LP: #1369711
* sparc64: Fix huge TSB mapping on pre-UltraSPARC-III cpus.
- LP: #1369711
* sparc64: Add membar to Niagara2 memcpy code.
- LP: #1369711
* sparc64: Do not insert non-valid PTEs into the TSB hash table.
- LP: #1369711
* sparc64: Guard against flushing openfirmware mappings.
- LP: #1369711
* bbc-i2c: Fix BBC I2C envctrl on SunBlade 2000
- LP: #1369711
* sunsab: Fix detection of BREAK on sunsab serial console
- LP: #1369711
* sparc64: ldc_connect() should not return EINVAL when handshake is in
progress.
- LP: #1369711
* arch/sparc/math-emu/math_32.c: drop stray break operator
- LP: #1369711
* slab/mempolicy: always use local policy from interrupt context
- LP: #1369711
* sparc: use asm-generic version of types.h
- LP: #1369711
* x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack
- LP: #1369711
* x86, espfix: Move espfix definitions into a separate header file
- LP: #1369711
* x86, espfix: Fix broken header guard
- LP: #1369711
* x86, espfix: Make espfix64 a Kconfig option, fix UML
- LP: #1369711
* x86, espfix: Make it possible to disable 16-bit support
- LP: #1369711
* x86_64/entry/xen: Do not invoke espfix64 on Xen
- LP: #1369711
* x86/espfix/xen: Fix allocation of pages for paravirt page tables
- LP: #1369711
* microblaze: Fix makefile to work with latest toolchain
- LP: #1369711
* Linux 3.2.63
- LP: #1369711
* libceph: add process_one_ticket() helper
- LP: #1370044, #1370046, #1370047
- CVE-2014-6418
* libceph: do not hard code max auth ticket len
- LP: #1370044, #1370046, #1370047
- CVE-2014-6418
-- Paolo Pisati <paolo.pisati@xxxxxxxxxxxxx> Fri, 26 Sep 2014 16:09:47 +0200
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1370042
Title:
CVE-2014-6410
Status in “linux” package in Ubuntu:
Fix Released
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
New
Status in “linux-lts-backport-natty” package in Ubuntu:
New
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Fix Released
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
New
Status in “linux-lts-backport-natty” source package in Lucid:
New
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Released
Status in “linux-armadaxp” source package in Precise:
Fix Released
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
New
Status in “linux-lts-backport-natty” source package in Precise:
New
Status in “linux-lts-quantal” source package in Precise:
New
Status in “linux-lts-raring” source package in Precise:
Invalid
Status in “linux-lts-saucy” source package in Precise:
New
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
Fix Released
Status in “linux” source package in Trusty:
Fix Released
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
New
Status in “linux-lts-backport-natty” source package in Trusty:
New
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Status in “linux” source package in Utopic:
Fix Released
Status in “linux-armadaxp” source package in Utopic:
Invalid
Status in “linux-ec2” source package in Utopic:
Invalid
Status in “linux-fsl-imx51” source package in Utopic:
Invalid
Status in “linux-lts-backport-maverick” source package in Utopic:
New
Status in “linux-lts-backport-natty” source package in Utopic:
New
Status in “linux-lts-quantal” source package in Utopic:
Invalid
Status in “linux-lts-raring” source package in Utopic:
Invalid
Status in “linux-lts-saucy” source package in Utopic:
Invalid
Status in “linux-mvl-dove” source package in Utopic:
Invalid
Status in “linux-ti-omap4” source package in Utopic:
Invalid
Bug description:
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel
through 3.16.3 does not restrict the amount of ICB indirection, which
allows physically proximate attackers to cause a denial of service
(infinite loop or stack consumption) via a UDF filesystem with a
crafted inode.
Break-Fix: - c03aa9f6e1f938618e6db2e23afef0574efeeb65
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1370042/+subscriptions
References
