kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #91775
[Bug 1383358] Re: CVE-2014-7975
This bug was fixed in the package linux - 3.16.0-25.33
---------------
linux (3.16.0-25.33) utopic; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1389170
[ dann frazier ]
* [Config] Disable CONFIG_IPMI_SI_PROBE_DEFAULTS on armhf and arm64
- LP: #1388952
[ Duc Dang ]
* SAUCE: (no-up) [PCIE] APM X-Gene: Remove debug messages in MSI
interrupt handler path.
- LP: #1382244
* SAUCE: (no-up) PCI: X-Gene: Fix max payload size and phantom function
configuration
- LP: #1386261
[ Tim Gardner ]
* Revert "SAUCE: (no-up) PCI: Increase BAR size quirk for IBM ipr SAS
Crocodile adapters"
- LP: #1387813
* [Config] CONFIG_SOUND_OSS_CORE_PRECLAIM=n
- LP: #1385510
* [Debian] install usbipd
- LP: #898003
* [Debian] Fix linux-doc dangling symlinks
- LP: #661306
[ Upstream Kernel Changes ]
* Revert "macvlan: simplify the structure port"
- LP: #1381490
* Revert "net/macb: add pinctrl consumer support"
- LP: #1381490
* Revert "lzo: properly check for overruns"
- LP: #1387813
* Revert "ath9k_hw: reduce ANI firstep range for older chips"
- LP: #1387813
* ASoC: ssm2602: do not hardcode type to SSM2602
- LP: #1379785
* ASoC: core: fix possible ZERO_SIZE_PTR pointer dereferencing error.
- LP: #1379785
* perf: fix perf bug in fork()
- LP: #1379785
* mm: memcontrol: do not iterate uninitialized memcgs
- LP: #1379785
* mm: migrate: Close race between migration completion and mprotect
- LP: #1379785
* i2c: qup: Fix order of runtime pm initialization
- LP: #1379785
* i2c: rk3x: fix 0 length write transfers
- LP: #1379785
* ACPI / i915: Update the condition to ignore firmware backlight change
request
- LP: #1379785
* cpufreq: integrator: fix integrator_cpufreq_remove return type
- LP: #1379785
* cpufreq: pcc-cpufreq: Fix wait_event() under spinlock
- LP: #1379785
* md/raid5: disable 'DISCARD' by default due to safety concerns.
- LP: #1379785
* drm/i915: Flush the PTEs after updating them before suspend
- LP: #1379785
* Fix problem recognizing symlinks
- LP: #1379785
* init/Kconfig: Fix HAVE_FUTEX_CMPXCHG to not break up the EXPERT menu
- LP: #1379785
* ring-buffer: Fix infinite spin in reading buffer
- LP: #1379785
* uas: Only complain about missing sg if all other checks succeed
- LP: #1379785
* uas: Log a warning when we cannot use uas because the hcd lacks streams
- LP: #1379785
* uas: Disable uas on ASM1051 devices
- LP: #1379785
* uas: Add missing le16_to_cpu calls to asm1051 / asm1053 usb-id check
- LP: #1379785
* x86, ia64: Move EFI_FB vga_default_device() initialization to
pci_vga_fixup()
- LP: #1379785
* vgaarb: Don't default exclusively to first video device with mem+io
- LP: #1379785
* mm, thp: move invariant bug check out of loop in __split_huge_page_map
- LP: #1379785
* mm: numa: Do not mark PTEs pte_numa when splitting huge pages
- LP: #1379785
* media: vb2: fix VBI/poll regression
- LP: #1379785
* jiffies: Fix timeval conversion to jiffies
- LP: #1379785
* Linux 3.16.5
- LP: #1379785
* netlink: reset network header before passing to taps
- LP: #1381490
* rtnetlink: fix VF info size
- LP: #1381490
* net: Always untag vlan-tagged traffic on input.
- LP: #1381490
* myri10ge: check for DMA mapping errors
- LP: #1381490
* tcp: don't use timestamp from repaired skb-s to calculate RTT (v2)
- LP: #1381490
* sit: Fix ipip6_tunnel_lookup device matching criteria
- LP: #1381490
* tcp: fix tcp_release_cb() to dispatch via address family for
mtu_reduced()
- LP: #1381490
* tcp: fix ssthresh and undo for consecutive short FRTO episodes
- LP: #1381490
* net: phy: smsc: move smsc_phy_config_init reset part in a soft_reset
function
- LP: #1381490
* tipc: fix message importance range check
- LP: #1381490
* packet: handle too big packets for PACKET_V3
- LP: #1381490
* bnx2x: Revert UNDI flushing mechanism
- LP: #1381490
* net: ipv6: fib: don't sleep inside atomic lock
- LP: #1381490
* openvswitch: fix panic with multiple vlan headers
- LP: #1381490
* vxlan: fix incorrect initializer in union vxlan_addr
- LP: #1381490
* net: fix checksum features handling in netif_skb_features()
- LP: #1381490
* ipv6: fix rtnl locking in setsockopt for anycast and multicast
- LP: #1381490
* l2tp: fix race while getting PMTU on PPP pseudo-wire
- LP: #1381490
* ipv6: restore the behavior of ipv6_sock_ac_drop()
- LP: #1381490
* bonding: fix div by zero while enslaving and transmitting
- LP: #1381490
* net: filter: fix possible use after free
- LP: #1381490
* bridge: Check if vlan filtering is enabled only once.
- LP: #1381490
* bridge: Fix br_should_learn to check vlan_enabled
- LP: #1381490
* net: allow macvlans to move to net namespace
- LP: #1381490
* macvlan: allow to enqueue broadcast pkt on virtual device
- LP: #1381490
* tg3: Work around HW/FW limitations with vlan encapsulated frames
- LP: #1381490
* tg3: Allow for recieve of full-size 8021AD frames
- LP: #1381490
* xfrm: Generate blackhole routes only from route lookup functions
- LP: #1381490
* xfrm: Generate queueing routes only from route lookup functions
- LP: #1381490
* ip_tunnel: Don't allow to add the same tunnel multiple times.
- LP: #1381490
* macvtap: Fix race between device delete and open.
- LP: #1381490
* net/mlx4_core: Allow not to specify probe_vf in SRIOV IB mode
- LP: #1381490
* net/mlx4: Correctly configure single ported VFs from the host
- LP: #1381490
* gro: fix aggregation for skb using frag_list
- LP: #1381490
* ipv6: remove rt6i_genid
- LP: #1381490
* hyperv: Fix a bug in netvsc_start_xmit()
- LP: #1381490
* ip6_gre: fix flowi6_proto value in xmit path
- LP: #1381490
* net: systemport: fix bcm_sysport_insert_tsb()
- LP: #1381490
* team: avoid race condition in scheduling delayed work
- LP: #1381490
* hyperv: Fix a bug in netvsc_send()
- LP: #1381490
* sctp: handle association restarts when the socket is closed.
- LP: #1381490
* net_sched: copy exts->type in tcf_exts_change()
- LP: #1381490
* uas: Add a quirk for rejecting ATA_12 and ATA_16 commands
- LP: #1381490
* uas: Add no-report-opcodes quirk
- LP: #1381490
* uas: Add US_FL_NO_ATA_1X quirk for Seagate (0bc2:ab20) drives
- LP: #1381490
* uas: Add another ASM1051 usb-id to the uas blacklist
- LP: #1381490
* USB: Add device quirk for ASUS T100 Base Station keyboard
- LP: #1381490
* USB: serial: cp210x: added Ketra N1 wireless interface support
- LP: #1381490
* USB: cp210x: add support for Seluxit USB dongle
- LP: #1381490
* usb: musb: dsps: kill OTG timer on suspend
- LP: #1381490
* crypto: caam - fix addressing of struct member
- LP: #1381490
* driver/base/node: remove unnecessary kfree of node struct from
unregister_one_node
- LP: #1381490
* serial: 8250: Add Quark X1000 to 8250_pci.c
- LP: #1381490
* Linux 3.16.6
- LP: #1381490
* fs: Add a missing permission check to do_umount
- LP: #1383358
- CVE-2014-7975
* deb-pkg: Add support for powerpc little endian
- LP: #1383884
* xen/balloon: Don't continue ballooning when BP_ECANCELED is encountered
- LP: #1304001
* cxl: Disable secondary hash in segment table
- LP: #1387523
* cxl: Refactor cxl_load_segment() and find_free_sste()
- LP: #1387523
* powerpc/mm: Use appropriate ESID mask in copro_calculate_slb()
- LP: #1387523
* cxl: Fix PSL error due to duplicate segment table entries
- LP: #1387523
* btrfs: wake up transaction thread from SYNC_FS ioctl
- LP: #1387813
* btrfs: Fix a deadlock in btrfs_dev_replace_finishing()
- LP: #1387813
* Btrfs: add missing compression property remove in btrfs_ioctl_setflags
- LP: #1387813
* Btrfs: fix up bounds checking in lseek
- LP: #1387813
* Btrfs: don't do async reclaim during log replay
- LP: #1387813
* Btrfs: try not to ENOSPC on log replay
- LP: #1387813
* Btrfs: cleanup error handling in build_backref_tree
- LP: #1387813
* Btrfs: fix build_backref_tree issue with multiple shared blocks
- LP: #1387813
* Btrfs: fix race in WAIT_SYNC ioctl
- LP: #1387813
* usb: pch_udc: usb gadget device support for Intel Quark X1000
- LP: #1387813
* pci_ids: Add support for Intel Quark ILB
- LP: #1387813
* kvm: x86: fix stale mmio cache bug
- LP: #1387813
* kvm: fix potentially corrupt mmio cache
- LP: #1387813
* KVM: do not bias the generation number in kvm_current_mmio_generation
- LP: #1387813
* KVM: s390: unintended fallthrough for external call
- LP: #1387813
* kvm: don't take vcpu mutex for obviously invalid vcpu ioctls
- LP: #1387813
* x86,kvm,vmx: Preserve CR4 across VM entry
- LP: #1387813
* x86/intel/quark: Switch off CR4.PGE so TLB flush uses CR3 instead
- LP: #1387813
* spi: dw-mid: respect 8 bit mode
- LP: #1387813
* spi: dw-mid: check that DMA was inited before exit
- LP: #1387813
* HID: rmi: check sanity of the incoming report
- LP: #1387813
* mpc85xx_edac: Make L2 interrupt shared too
- LP: #1387813
* regmap: debugfs: fix possbile NULL pointer dereference
- LP: #1387813
* regmap: fix NULL pointer dereference in _regmap_write/read
- LP: #1387813
* regmap: fix possible ZERO_SIZE_PTR pointer dereferencing error.
- LP: #1387813
* be2iscsi: check ip buffer before copying
- LP: #1387813
* regulator: ltc3589: fix broken voltage transitions
- LP: #1387813
* qla2xxx: fix kernel NULL pointer access
- LP: #1387813
* qla2xxx: Use correct offset to req-q-out for reserve calculation
- LP: #1387813
* qla2xxx: Fix shost use-after-free on device removal
- LP: #1387813
* dmaengine: fix xor sources continuation
- LP: #1387813
* firmware_class: make sure fw requests contain a name
- LP: #1387813
* arm64: debug: don't re-enable debug exceptions on return from el1_dbg
- LP: #1387813
* Drivers: hv: util: Properly pack the data for file copy functionality
- LP: #1387813
* Drivers: hv: vmbus: Cleanup vmbus_post_msg()
- LP: #1387813
* Drivers: hv: vmbus: Cleanup vmbus_teardown_gpadl()
- LP: #1387813
* Drivers: hv: vmbus: Cleanup vmbus_close_internal()
- LP: #1387813
* Drivers: hv: vmbus: Cleanup vmbus_establish_gpadl()
- LP: #1387813
* Drivers: hv: vmbus: Fix a bug in vmbus_open()
- LP: #1387813
* Drivers: hv: vmbus: Cleanup hv_post_message()
- LP: #1387813
* mei: bus: fix possible boundaries violation
- LP: #1387813
* m68k: Disable/restore interrupts in hwreg_present()/hwreg_write()
- LP: #1387813
* Fixing lease renewal
- LP: #1387813
* Documentation: lzo: document part of the encoding
- LP: #1387813
* lzo: check for length overrun in variable length encoding.
- LP: #1387813
* tty: omap-serial: fix division by zero
- LP: #1387813
* NFSv4: Fix lock recovery when CREATE_SESSION/SETCLIENTID_CONFIRM fails
- LP: #1387813
* NFSv4: fix open/lock state recovery error handling
- LP: #1387813
* NFSv4.1: Fix an NFSv4.1 state renewal regression
- LP: #1387813
* nfsd4: reserve adequate space for LOCK op
- LP: #1387813
* NFS: Fix an uninitialised pointer Oops in the writeback error path
- LP: #1387813
* NFS: Fix a bogus warning in nfs_generic_pgio
- LP: #1387813
* iwlwifi: mvm: disable BT Co-running by default
- LP: #1387813
* iwlwifi: Add missing PCI IDs for the 7260 series
- LP: #1387813
* spi: dw-mid: terminate ongoing transfers at exit
- LP: #1387813
* PCI: mvebu: Fix uninitialized variable in mvebu_get_tgt_attr()
- LP: #1387813
* PCI: Add missing MEM_64 mask in
pci_assign_unassigned_bridge_resources()
- LP: #1387813
* PCI: Generate uppercase hex for modalias interface class
- LP: #1387813
* rt2800: correct BBP1_TX_POWER_CTRL mask
- LP: #1387813
* Bluetooth: Fix HCI H5 corrupted ack value
- LP: #1387813
* Bluetooth: Fix incorrect LE CoC PDU length restriction based on HCI MTU
- LP: #1387813
* Bluetooth: Fix issue with USB suspend in btusb driver
- LP: #1387813
* Bluetooth: Fix setting correct security level when initiating SMP
- LP: #1387813
* mm: clear __GFP_FS when PF_MEMALLOC_NOIO is set
- LP: #1387813
* fanotify: enable close-on-exec on events' fd when requested in
fanotify_init()
- LP: #1387813
* kernel: add support for gcc 5
- LP: #1387813
* rtc-cmos: fix wakeup from S5 without CONFIG_PM_SLEEP
- LP: #1387813
* futex: Ensure get_futex_key_refs() always implies a barrier
- LP: #1387813
* powerpc/iommu/ddw: Fix endianness
- LP: #1387813
* powerpc/eeh: Clear frozen device state in time
- LP: #1387813
* ima: fix fallback to use new_sync_read()
- LP: #1387813
* ima: provide flag to identify new empty files
- LP: #1387813
* arm64: compat: fix compat types affecting struct compat_elf_prpsinfo
- LP: #1387813
* ALSA: pcm: use the same dma mmap codepath both for arm and arm64
- LP: #1387813
* ALSA: bebob: Fix failure to detect source of clock for Terratec Phase
88
- LP: #1387813
* ALSA: emu10k1: Fix deadlock in synth voice lookup
- LP: #1387813
* ALSA: ALC283 codec - Avoid pop noise on headphones during
suspend/resume
- LP: #1387813
* ALSA: usb-audio: Add support for Steinberg UR22 USB interface
- LP: #1387813
* ALSA: hda - hdmi: Fix missing ELD change event on plug/unplug
- LP: #1387813
* ALSA: hda - Fix inverted LED gpio setup for Lenovo Ideapad
- LP: #1387813
* ALSA: hda - Add missing terminating entry to SND_HDA_PIN_QUIRK macro
- LP: #1387813
* ARM: at91/dt: Fix typo regarding can0_clk
- LP: #1387813
* ARM: at91: fix at91sam9263ek DT mmc pinmuxing settings
- LP: #1387813
* ARM: at91/PMC: don't forget to write PMC_PCDR register to disable
clocks
- LP: #1387813
* ARM: Kirkwood: Fix DT based DSA.
- LP: #1387813
* ARM: mvebu: Netgear RN104: Use Hardware BCH ECC
- LP: #1387813
* ARM: mvebu: Netgear RN2120: Use Hardware BCH ECC
- LP: #1387813
* ARM: mvebu: Netgear RN102: Use Hardware BCH ECC
- LP: #1387813
* ARM: dts: imx28-evk: Let i2c0 run at 100kHz
- LP: #1387813
* ecryptfs: avoid to access NULL pointer when write metadata in xattr
- LP: #1387813
* xfs: ensure WB_SYNC_ALL writeback handles partial pages correctly
- LP: #1387813
* sparc64: Do not disable interrupts in nmi_cpu_busy()
- LP: #1387813
* sparc64: Fix pcr_ops initialization and usage bugs.
- LP: #1387813
* sparc32: dma_alloc_coherent must honour gfp flags
- LP: #1387813
* sparc64: sun4v TLB error power off events
- LP: #1387813
* sparc64: Fix corrupted thread fault code.
- LP: #1387813
* sparc64: find_node adjustment
- LP: #1387813
* sparc64: Move request_irq() from ldc_bind() to ldc_alloc()
- LP: #1387813
* sparc: Let memset return the address argument
- LP: #1387813
* sparc: bpf_jit: fix support for ldx/stx mem and SKF_AD_VLAN_TAG
- LP: #1387813
* sparc: bpf_jit: fix loads from negative offsets
- LP: #1387813
* sparc64: Fix reversed start/end in flush_tlb_kernel_range()
- LP: #1387813
* sparc64: Fix lockdep warnings on reboot on Ultra-5
- LP: #1387813
* sparc64: Fix FPU register corruption with AES crypto offload.
- LP: #1387813
* sparc64: Do not define thread fpregs save area as zero-length array.
- LP: #1387813
* sparc64: Fix hibernation code refrence to PAGE_OFFSET.
- LP: #1387813
* sparc64: correctly recognise M6 and M7 cpu type
- LP: #1387813
* sparc64: support M6 and M7 for building CPU distribution map
- LP: #1387813
* sparc64: cpu hardware caps support for sparc M6 and M7
- LP: #1387813
* sparc64: T5 PMU
- LP: #1387813
* sparc64: Switch to 4-level page tables.
- LP: #1387813
* sparc64: Define VA hole at run time, rather than at compile time.
- LP: #1387813
* sparc64: Adjust KTSB assembler to support larger physical addresses.
- LP: #1387813
* sparc64: Fix physical memory management regressions with large
max_phys_bits.
- LP: #1387813
* sparc64: Use kernel page tables for vmemmap.
- LP: #1387813
* sparc64: Increase MAX_PHYS_ADDRESS_BITS to 53.
- LP: #1387813
* sparc64: Adjust vmalloc region size based upon available virtual
address bits.
- LP: #1387813
* sparc64: sparse irq
- LP: #1387813
* sparc64: Kill unnecessary tables and increase MAX_BANKS.
- LP: #1387813
* sparc64: Increase size of boot string to 1024 bytes
- LP: #1387813
* sparc64: Fix register corruption in top-most kernel stack frame during
boot.
- LP: #1387813
* sparc64: Implement __get_user_pages_fast().
- LP: #1387813
* PCI: Increase IBM ipr SAS Crocodile BARs to at least system page size
- LP: #1387813
* Linux 3.16.7
- LP: #1387813
* powerpc/perf/hv-24x7: Simplify catalog_read()
- LP: #1380432
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Tue, 04 Nov 2014 10:53:55 +0000
** Changed in: linux (Ubuntu Vivid)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1383358
Title:
CVE-2014-7975
Status in “linux” package in Ubuntu:
Fix Released
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
New
Status in “linux-lts-backport-natty” package in Ubuntu:
New
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Fix Released
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
New
Status in “linux-lts-backport-natty” source package in Lucid:
New
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Released
Status in “linux-armadaxp” source package in Precise:
Fix Released
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
New
Status in “linux-lts-backport-natty” source package in Precise:
New
Status in “linux-lts-quantal” source package in Precise:
Fix Committed
Status in “linux-lts-raring” source package in Precise:
Invalid
Status in “linux-lts-saucy” source package in Precise:
Fix Committed
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
Fix Released
Status in “linux” source package in Trusty:
Fix Released
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
New
Status in “linux-lts-backport-natty” source package in Trusty:
New
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Status in “linux” source package in Utopic:
Fix Released
Status in “linux-armadaxp” source package in Utopic:
Invalid
Status in “linux-ec2” source package in Utopic:
Invalid
Status in “linux-fsl-imx51” source package in Utopic:
Invalid
Status in “linux-lts-backport-maverick” source package in Utopic:
New
Status in “linux-lts-backport-natty” source package in Utopic:
New
Status in “linux-lts-quantal” source package in Utopic:
Invalid
Status in “linux-lts-raring” source package in Utopic:
Invalid
Status in “linux-lts-saucy” source package in Utopic:
Invalid
Status in “linux-mvl-dove” source package in Utopic:
Invalid
Status in “linux-ti-omap4” source package in Utopic:
Invalid
Status in “linux” source package in Vivid:
Fix Released
Status in “linux-armadaxp” source package in Vivid:
Invalid
Status in “linux-ec2” source package in Vivid:
Invalid
Status in “linux-fsl-imx51” source package in Vivid:
Invalid
Status in “linux-lts-backport-maverick” source package in Vivid:
New
Status in “linux-lts-backport-natty” source package in Vivid:
New
Status in “linux-lts-quantal” source package in Vivid:
Invalid
Status in “linux-lts-raring” source package in Vivid:
Invalid
Status in “linux-lts-saucy” source package in Vivid:
Invalid
Status in “linux-mvl-dove” source package in Vivid:
Invalid
Status in “linux-ti-omap4” source package in Vivid:
Invalid
Bug description:
The do_umount function in fs/namespace.c in the Linux kernel through
3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb
calls that change the root filesystem to read-only, which allows local
users to cause a denial of service (loss of writability) by making
certain unshare system calls, clearing the / MNT_LOCKED flag, and
making an MNT_FORCE umount system call.
Break-Fix: - a1480dcc3c706e309a88884723446f2e84fedd5b
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1383358/+subscriptions
References