Bug #1584953 “backport fix for /proc/net issues with containers” : Bugs : linux package : Ubuntu

Seth Forshee (sforshee) on 2016-05-23

Changed in linux (Ubuntu):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Medium
status:	New → Confirmed
Changed in linux (Ubuntu Xenial):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Medium
status:	New → Confirmed

Revision history for this message

Seth Forshee (sforshee) wrote on 2016-05-23:

#1

Fix is already present in yakkety unstable. Marking devleopment task fixed.

Changed in linux (Ubuntu Xenial):
status:	Confirmed → In Progress
Changed in linux (Ubuntu):
status:	Confirmed → Fix Released

Revision history for this message

Seth Forshee (sforshee) wrote on 2016-05-24:

#2

I posted a test build with the backport at the link below. Please test and verify that the issue is fixed in this build. Thanks!

http://people.canonical.com/~sforshee/lp1584953/

Changed in linux (Ubuntu Xenial):
status:	In Progress → Incomplete

Revision history for this message

Seth Forshee (sforshee) wrote on 2016-05-24:

#3

iptables-test.sh Edit (247 bytes, text/x-sh)

Attaching script to reproduce based on https://github.com/lxc/lxd/issues/1978.

Using this script I've confirmed the fix works in all supported kernels since trusty, so I'll move forward with submitting the fix for SRU.

Changed in linux-lts-utopic (Ubuntu):
status:	New → Invalid
Changed in linux-lts-utopic (Ubuntu Vivid):
status:	New → Invalid
Changed in linux-lts-utopic (Ubuntu Wily):
status:	New → Invalid
Changed in linux-lts-utopic (Ubuntu Xenial):
status:	New → Invalid
Changed in linux-lts-utopic (Ubuntu Trusty):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Medium
status:	New → In Progress
Changed in linux (Ubuntu Trusty):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Medium
status:	New → In Progress
Changed in linux (Ubuntu Vivid):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Medium
status:	New → In Progress
Changed in linux (Ubuntu Wily):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Medium
status:	New → In Progress
Changed in linux (Ubuntu Xenial):
status:	Incomplete → In Progress

Seth Forshee (sforshee) on 2016-05-24

description:

updated

Kamal Mostafa (kamalmostafa) on 2016-05-25

Changed in linux (Ubuntu Trusty):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Vivid):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Wily):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Xenial):
status:	In Progress → Fix Committed
Changed in linux-lts-utopic (Ubuntu Trusty):
status:	In Progress → Fix Committed

Revision history for this message

Kamal Mostafa (kamalmostafa) wrote on 2016-06-14:

#4

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-trusty' to 'verification-done-trusty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:	added: verification-needed-trusty
tags:	added: verification-needed-vivid

Revision history for this message

Kamal Mostafa (kamalmostafa) wrote on 2016-06-14:

#5

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-vivid' to 'verification-done-vivid'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-wily

Revision history for this message

Kamal Mostafa (kamalmostafa) wrote on 2016-06-14:

#6

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-wily' to 'verification-done-wily'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-xenial

Revision history for this message

Kamal Mostafa (kamalmostafa) wrote on 2016-06-14:

#7

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Revision history for this message

Philipp Gassmann (phiphi.g) wrote on 2016-06-20:

#8

verification-done-xenial:

root@lxd1:~# lxc exec test2 -- bash
root@test2:~# iptables-save
# Generated by iptables-save v1.6.0 on Mon Jun 20 09:11:56 2016
*filter
:INPUT ACCEPT [131:12129]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [125:9999]
COMMIT
# Completed on Mon Jun 20 09:11:56 2016
# Generated by iptables-save v1.6.0 on Mon Jun 20 09:11:56 2016
*nat
:PREROUTING ACCEPT [3:1015]
:INPUT ACCEPT [1:328]
:OUTPUT ACCEPT [60:4035]
:POSTROUTING ACCEPT [60:4035]
COMMIT
# Completed on Mon Jun 20 09:11:56 2016
# Generated by iptables-save v1.6.0 on Mon Jun 20 09:11:56 2016
*mangle
:PREROUTING ACCEPT [133:12816]
:INPUT ACCEPT [131:12129]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [125:9999]
:POSTROUTING ACCEPT [125:9999]
COMMIT
# Completed on Mon Jun 20 09:11:56 2016
root@test2:~# uname -a
Linux test2 4.4.0-25-generic #44-Ubuntu SMP Fri Jun 10 18:19:48 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

tags:

added: verification-done-xenial
removed: verification-needed-xenial

Philipp Gassmann (phiphi.g) on 2016-06-21

tags:

added: verification-done-trusty
removed: verification-needed-trusty

Revision history for this message

Seth Forshee (sforshee) wrote on 2016-06-21:

#9

Verified proposed kernels for wily/vivid using test script.

tags:

added: verification-done-vivid verification-done-wily
removed: verification-needed-vivid verification-needed-wily

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-06-27:

#10

Download full text (26.1 KiB)

This bug was fixed in the package linux - 4.4.0-28.47

---------------
linux (4.4.0-28.47) xenial; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
- LP: #1595874

  * Linux netfilter local privilege escalation issues (LP: #1595350)
    - netfilter: x_tables: don't move to non-existent next rule
    - netfilter: x_tables: validate targets of jumps
    - netfilter: x_tables: add and use xt_check_entry_offsets
    - netfilter: x_tables: kill check_entry helper
    - netfilter: x_tables: assert minimum target size
    - netfilter: x_tables: add compat version of xt_check_entry_offsets
    - netfilter: x_tables: check standard target size too
    - netfilter: x_tables: check for bogus target offset
    - netfilter: x_tables: validate all offsets and sizes in a rule
    - netfilter: x_tables: don't reject valid target size on some architectures
    - netfilter: arp_tables: simplify translate_compat_table args
    - netfilter: ip_tables: simplify translate_compat_table args
    - netfilter: ip6_tables: simplify translate_compat_table args
    - netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - netfilter: x_tables: do compat validation via translate_table
    - netfilter: x_tables: introduce and use xt_copy_counters_from_user

  * Linux netfilter IPT_SO_SET_REPLACE memory corruption (LP: #1555338)
    - netfilter: x_tables: validate e->target_offset early
    - netfilter: x_tables: make sure e->next_offset covers remaining blob size
    - netfilter: x_tables: fix unconditional helper

linux (4.4.0-27.46) xenial; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1594906

* Support Edge Gateway's Bluetooth LED (LP: #1512999)
- Revert "UBUNTU: SAUCE: Bluetooth: Support for LED on Marvell modules"

linux (4.4.0-26.45) xenial; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1594442

* linux: Implement secure boot state variables (LP: #1593075)
- SAUCE: UEFI: Add secure boot and MOK SB State disabled sysctl

* failures building userspace packages that include ethtool.h (LP: #1592930)
- ethtool.h: define INT_MAX for userland

linux (4.4.0-25.44) xenial; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1591289

  * Xenial update to v4.4.13 stable release (LP: #1590455)
    - MIPS64: R6: R2 emulation bugfix
    - MIPS: math-emu: Fix jalr emulation when rd == $0
    - MIPS: MSA: Fix a link error on `_init_msa_upper' with older GCC
    - MIPS: Don't unwind to user mode with EVA
    - MIPS: Avoid using unwind_stack() with usermode
    - MIPS: Fix siginfo.h to use strict posix types
    - MIPS: Fix uapi include in exported asm/siginfo.h
    - MIPS: Fix watchpoint restoration
    - MIPS: Flush highmem pages in __flush_dcache_page
    - MIPS: Handle highmem pages in __update_cache
    - MIPS: Sync icache & dcache in set_pte_at
    - MIPS: ath79: make bootconsole wait for both THRE and TEMT
    - MIPS: Reserve nosave data for hibernation
    - MIPS: Loongson-3: Reserve 32MB for RS780E integrated GPU
    - MIPS: Use copy_s.fmt rather than copy_u.fmt
    - MIPS: Fix MSA ld_*/st_* asm macros to use PTR_ADDU
    - MIPS: Prevent "restoration" of MSA c...

This bug was fixed in the package linux - 4.4.0-28.47

---------------
linux (4.4.0-28.47) xenial; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
    - LP: #1595874

* Linux netfilter local privilege escalation issues (LP: #1595350)
    - netfilter: x_tables: don't move to non-existent next rule
    - netfilter: x_tables: validate targets of jumps
    - netfilter: x_tables: add and use xt_check_entry_offsets
    - netfilter: x_tables: kill check_entry helper
    - netfilter: x_tables: assert minimum target size
    - netfilter: x_tables: add compat version of xt_check_entry_offsets
    - netfilter: x_tables: check standard target size too
    - netfilter: x_tables: check for bogus target offset
    - netfilter: x_tables: validate all offsets and sizes in a rule
    - netfilter: x_tables: don't reject valid target size on some architectures
    - netfilter: arp_tables: simplify translate_compat_table args
    - netfilter: ip_tables: simplify translate_compat_table args
    - netfilter: ip6_tables: simplify translate_compat_table args
    - netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - netfilter: x_tables: do compat validation via translate_table
    - netfilter: x_tables: introduce and use xt_copy_counters_from_user

* Linux netfilter IPT_SO_SET_REPLACE memory corruption (LP: #1555338)
    - netfilter: x_tables: validate e->target_offset early
    - netfilter: x_tables: make sure e->next_offset covers remaining blob size
    - netfilter: x_tables: fix unconditional helper

linux (4.4.0-27.46) xenial; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1594906

* Support Edge Gateway's Bluetooth LED (LP: #1512999)
    - Revert "UBUNTU: SAUCE: Bluetooth: Support for LED on Marvell modules"

linux (4.4.0-26.45) xenial; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1594442

* linux: Implement secure boot state variables (LP: #1593075)
    - SAUCE: UEFI: Add secure boot and MOK SB State disabled sysctl

* failures building userspace packages that include ethtool.h (LP: #1592930)
    - ethtool.h: define INT_MAX for userland

linux (4.4.0-25.44) xenial; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1591289

* Xenial update to v4.4.13 stable release (LP: #1590455)
    - MIPS64: R6: R2 emulation bugfix
    - MIPS: math-emu: Fix jalr emulation when rd == $0
    - MIPS: MSA: Fix a link error on `_init_msa_upper' with older GCC
    - MIPS: Don't unwind to user mode with EVA
    - MIPS: Avoid using unwind_stack() with usermode
    - MIPS: Fix siginfo.h to use strict posix types
    - MIPS: Fix uapi include in exported asm/siginfo.h
    - MIPS: Fix watchpoint restoration
    - MIPS: Flush highmem pages in __flush_dcache_page
    - MIPS: Handle highmem pages in __update_cache
    - MIPS: Sync icache & dcache in set_pte_at
    - MIPS: ath79: make bootconsole wait for both THRE and TEMT
    - MIPS: Reserve nosave data for hibernation
    - MIPS: Loongson-3: Reserve 32MB for RS780E integrated GPU
    - MIPS: Use copy_s.fmt rather than copy_u.fmt
    - MIPS: Fix MSA ld_*/st_* asm macros to use PTR_ADDU
    - MIPS: Prevent "restoration" of MSA context in non-MSA kernels
    - MIPS: Disable preemption during prctl(PR_SET_FP_MODE, ...)
    - MIPS: ptrace: Fix FP context restoration FCSR regression
    - MIPS: ptrace: Prevent writes to read-only FCSR bits
    - MIPS: Fix sigreturn via VDSO on microMIPS kernel
    - MIPS: Build microMIPS VDSO for microMIPS kernels
    - MIPS: lib: Mark intrinsics notrace
    - MIPS: VDSO: Build with `-fno-strict-aliasing'
    - affs: fix remount failure when there are no options changed
    - ASoC: ak4642: Enable cache usage to fix crashes on resume
    - Input: uinput - handle compat ioctl for UI_SET_PHYS
    - ARM: mvebu: fix GPIO config on the Linksys boards
    - ARM: dts: at91: fix typo in sama5d2 PIN_PD24 description
    - ARM: dts: exynos: Add interrupt line to MAX8997 PMIC on exynos4210-trats
    - ARM: dts: imx35: restore existing used clock enumeration
    - ath9k: Add a module parameter to invert LED polarity.
    - ath9k: Fix LED polarity for some Mini PCI AR9220 MB92 cards.
    - ath10k: fix debugfs pktlog_filter write
    - ath10k: fix firmware assert in monitor mode
    - ath10k: fix rx_channel during hw reconfigure
    - ath10k: fix kernel panic, move arvifs list head init before htt init
    - ath5k: Change led pin configuration for compaq c700 laptop
    - hwrng: exynos - Fix unbalanced PM runtime put on timeout error path
    - rtlwifi: rtl8723be: Add antenna select module parameter
    - rtlwifi: btcoexist: Implement antenna selection
    - rtlwifi: Fix logic error in enter/exit power-save mode
    - rtlwifi: pci: use dev_kfree_skb_irq instead of kfree_skb in
      rtl_pci_reset_trx_ring
    - aacraid: Relinquish CPU during timeout wait
    - aacraid: Fix for aac_command_thread hang
    - aacraid: Fix for KDUMP driver hang
    - hwmon: (ads7828) Enable internal reference
    - mfd: intel-lpss: Save register context on suspend
    - mfd: intel_soc_pmic_core: Terminate panel control GPIO lookup table
      correctly
    - PM / Runtime: Fix error path in pm_runtime_force_resume()
    - cpuidle: Indicate when a device has been unregistered
    - cpuidle: Fix cpuidle_state_is_coupled() argument in cpuidle_enter()
    - clk: bcm2835: Fix PLL poweron
    - clk: at91: fix check of clk_register() returned value
    - clk: bcm2835: pll_off should only update CM_PLL_ANARST
    - clk: bcm2835: divider value has to be 1 or more
    - pinctrl: exynos5440: Use off-stack memory for pinctrl_gpio_range
    - PCI: Disable all BAR sizing for devices with non-compliant BARs
    - media: v4l2-compat-ioctl32: fix missing reserved field copy in
      put_v4l2_create32
    - mm: use phys_addr_t for reserve_bootmem_region() arguments
    - wait/ptrace: assume __WALL if the child is traced
    - QE-UART: add "fsl,t1040-ucc-uart" to of_device_id
    - powerpc/book3s64: Fix branching to OOL handlers in relocatable kernel
    - powerpc/eeh: Don't report error in eeh_pe_reset_and_recover()
    - powerpc/eeh: Restore initial state in eeh_pe_reset_and_recover()
    - xen/events: Don't move disabled irqs
    - xen: use same main loop for counting and remapping pages
    - sunrpc: fix stripping of padded MIC tokens
    - drm/gma500: Fix possible out of bounds read
    - drm/vmwgfx: Enable SVGA_3D_CMD_DX_SET_PREDICATION
    - drm/vmwgfx: use vmw_cmd_dx_cid_check for query commands.
    - drm/vmwgfx: Fix order of operation
    - drm/amdgpu: use drm_mode_vrefresh() rather than mode->vrefresh
    - drm/amdgpu: Fix hdmi deep color support.
    - drm/i915/fbdev: Fix num_connector references in intel_fb_initial_config()
    - drm/fb_helper: Fix references to dev->mode_config.num_connector
    - drm/atomic: Verify connector->funcs != NULL when clearing states
    - drm/i915: Don't leave old junk in ilk active watermarks on readout
    - drm/imx: Match imx-ipuv3-crtc components using device node in platform data
    - ext4: fix hang when processing corrupted orphaned inode list
    - ext4: clean up error handling when orphan list is corrupted
    - ext4: fix oops on corrupted filesystem
    - ext4: address UBSAN warning in mb_find_order_for_block()
    - ext4: silence UBSAN in ext4_mb_init()
    - PM / sleep: Handle failures in device_suspend_late() consistently
    - dma-debug: avoid spinlock recursion when disabling dma-debug
    - scripts/package/Makefile: rpmbuild add support of RPMOPTS
    - gcov: disable tree-loop-im to reduce stack usage
    - xfs: disallow rw remount on fs with unknown ro-compat features
    - xfs: Don't wrap growfs AGFL indexes
    - xfs: xfs_iflush_cluster fails to abort on error
    - xfs: fix inode validity check in xfs_iflush_cluster
    - xfs: skip stale inodes in xfs_iflush_cluster
    - xfs: print name of verifier if it fails
    - xfs: handle dquot buffer readahead in log recovery correctly
    - Linux 4.4.13

* 168c:001c [HP Compaq Presario C700 Notebook PC] Wireless led button doesn't
    switch colors (LP: #972604)
    - ath5k: Change led pin configuration for compaq c700 laptop

* Extended statistics from balloon for proper memory management (LP: #1587091)
    - mm/page_alloc.c: calculate 'available' memory in a separate function
    - virtio_balloon: export 'available' memory to balloon statistics

* CAPI: CGZIP AFU contexts do not receive interrupts after heavy afu
    open/close (LP: #1588468)
    - misc: cxl: use kobj_to_dev()
    - cxl: Move common code away from bare-metal-specific files
    - cxl: Move bare-metal specific code to specialized files
    - cxl: Define process problem state area at attach time only
    - cxl: Introduce implementation-specific API
    - cxl: Rename some bare-metal specific functions
    - cxl: Isolate a few bare-metal-specific calls
    - cxl: Update cxl_irq() prototype
    - cxl: IRQ allocation for guests
    - powerpc: New possible return value from hcall
    - cxl: New hcalls to support cxl adapters
    - cxl: Separate bare-metal fields in adapter and AFU data structures
    - cxlflash: Simplify PCI registration
    - cxlflash: Unmap problem state area before detaching master context
    - cxlflash: Split out context initialization
    - cxlflash: Simplify attach path error cleanup
    - cxlflash: Reorder user context initialization
    - cxl: Add guest-specific code
    - cxl: sysfs support for guests
    - cxl: Support to flash a new image on the adapter from a guest
    - cxl: Parse device tree and create cxl device(s) at boot
    - cxl: Support the cxl kernel API from a guest
    - cxl: Adapter failure handling
    - cxl: Add tracepoints around the cxl hcall
    - cxlflash: Use new cxl_pci_read_adapter_vpd() API
    - cxl: Remove cxl_get_phys_dev() kernel API
    - cxl: Ignore probes for virtual afu pci devices
    - cxl: Poll for outstanding IRQs when detaching a context

* NVMe max_segments queue parameter gets set to 1 (LP: #1588449)
    - nvme: set queue limits for the admin queue
    - nvme: fix max_segments integer truncation
    - block: fix blk_rq_get_max_sectors for driver private requests

* workaround cavium thunderx silicon erratum 23144 (LP: #1589704)
    - irqchip/gicv3-its: numa: Enable workaround for Cavium thunderx erratum 23144

* Xenial update to v4.4.12 stable release (LP: #1588945)
    - Btrfs: don't use src fd for printk
    - perf/x86/intel/pt: Generate PMI in the STOP region as well
    - perf/core: Fix perf_event_open() vs. execve() race
    - perf test: Fix build of BPF and LLVM on older glibc libraries
    - ext4: iterate over buffer heads correctly in move_extent_per_page()
    - arm64: Fix typo in the pmdp_huge_get_and_clear() definition
    - arm64: Ensure pmd_present() returns false after pmd_mknotpresent()
    - arm64: Implement ptep_set_access_flags() for hardware AF/DBM
    - arm64: Implement pmdp_set_access_flags() for hardware AF/DBM
    - arm64: cpuinfo: Missing NULL terminator in compat_hwcap_str
    - arm/arm64: KVM: Enforce Break-Before-Make on Stage-2 page tables
    - kvm: arm64: Fix EC field in inject_abt64
    - remove directory incorrectly tries to set delete on close on non-empty
      directories
    - fs/cifs: correctly to anonymous authentication via NTLMSSP
    - fs/cifs: correctly to anonymous authentication for the LANMAN authentication
    - fs/cifs: correctly to anonymous authentication for the NTLM(v1)
      authentication
    - fs/cifs: correctly to anonymous authentication for the NTLM(v2)
      authentication
    - asix: Fix offset calculation in asix_rx_fixup() causing slow transmissions
    - ring-buffer: Use long for nr_pages to avoid overflow failures
    - ring-buffer: Prevent overflow of size in ring_buffer_resize()
    - crypto: caam - fix caam_jr_alloc() ret code
    - crypto: talitos - fix ahash algorithms registration
    - crypto: sun4i-ss - Replace spinlock_bh by spin_lock_irq{save|restore}
    - clk: qcom: msm8916: Fix crypto clock flags
    - sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded
      systems
    - mfd: omap-usb-tll: Fix scheduling while atomic BUG
    - Input: pwm-beeper - fix - scheduling while atomic
    - irqchip/gic: Ensure ordering between read of INTACK and shared data
    - irqchip/gic-v3: Configure all interrupts as non-secure Group-1
    - can: fix handling of unmodifiable configuration options
    - mmc: mmc: Fix partition switch timeout for some eMMCs
    - mmc: sdhci-acpi: Remove MMC_CAP_BUS_WIDTH_TEST for Intel controllers
    - ACPI / osi: Fix an issue that acpi_osi=!* cannot disable ACPICA internal
      strings
    - dell-rbtn: Ignore ACPI notifications if device is suspended
    - mmc: longer timeout for long read time quirk
    - mmc: sdhci-pci: Remove MMC_CAP_BUS_WIDTH_TEST for Intel controllers
    - Bluetooth: vhci: fix open_timeout vs. hdev race
    - Bluetooth: vhci: purge unhandled skbs
    - Bluetooth: vhci: Fix race at creating hci device
    - mei: fix NULL dereferencing during FW initiated disconnection
    - mei: amthif: discard not read messages
    - mei: bus: call mei_cl_read_start under device lock
    - USB: serial: mxuport: fix use-after-free in probe error path
    - USB: serial: keyspan: fix use-after-free in probe error path
    - USB: serial: quatech2: fix use-after-free in probe error path
    - USB: serial: io_edgeport: fix memory leaks in attach error path
    - USB: serial: io_edgeport: fix memory leaks in probe error path
    - USB: serial: option: add support for Cinterion PH8 and AHxx
    - USB: serial: option: add more ZTE device ids
    - USB: serial: option: add even more ZTE device ids
    - usb: gadget: f_fs: Fix EFAULT generation for async read operations
    - usb: f_mass_storage: test whether thread is running before starting another
    - usb: misc: usbtest: fix pattern tests for scatterlists.
    - usb: gadget: udc: core: Fix argument of dev_err() in
      usb_gadget_map_request()
    - staging: comedi: das1800: fix possible NULL dereference
    - KVM: x86: fix ordering of cr0 initialization code in vmx_cpu_reset
    - MIPS: KVM: Fix timer IRQ race when freezing timer
    - MIPS: KVM: Fix timer IRQ race when writing CP0_Compare
    - KVM: x86: mask CPUID(0xD,0x1).EAX against host value
    - xen/x86: actually allocate legacy interrupts on PV guests
    - tty: vt, return error when con_startup fails
    - TTY: n_gsm, fix false positive WARN_ON
    - tty/serial: atmel: fix hardware handshake selection
    - Fix OpenSSH pty regression on close
    - serial: 8250_pci: fix divide error bug if baud rate is 0
    - serial: 8250_mid: use proper bar for DNV platform
    - serial: 8250_mid: recognize interrupt source in handler
    - serial: samsung: Reorder the sequence of clock control when call
      s3c24xx_serial_set_termios()
    - locking,qspinlock: Fix spin_is_locked() and spin_unlock_wait()
    - clk: bcm2835: add locking to pll*_on/off methods
    - mcb: Fixed bar number assignment for the gdd
    - ALSA: hda/realtek - New codecs support for ALC234/ALC274/ALC294
    - ALSA: hda - Fix headphone noise on Dell XPS 13 9360
    - ALSA: hda/realtek - Add support for ALC295/ALC3254
    - ALSA: hda - Fix headset mic detection problem for one Dell machine
    - IB/srp: Fix a debug kernel crash
    - thunderbolt: Fix double free of drom buffer
    - SIGNAL: Move generic copy_siginfo() to signal.h
    - UBI: Fix static volume checks when Fastmap is used
    - hpfs: fix remount failure when there are no options changed
    - hpfs: implement the show_options method
    - scsi: Add intermediate STARGET_REMOVE state to scsi_target_state
    - Revert "scsi: fix soft lockup in scsi_remove_target() on module removal"
    - kbuild: move -Wunused-const-variable to W=1 warning level
    - Linux 4.4.12

* [Hyper-V] fixes for kdump when running on a VM (LP: #1588965)
    - clocksource: Allow unregistering the watchdog

* net_admin apparmor denial when using Go (LP: #1465724)
    - SAUCE: kernel: Add noaudit variant of ns_capable()
    - SAUCE: net: Use ns_capable_noaudit() when determining net sysctl permissions

* [Hyper-V] Put tools/hv/lsvmbus in /usr/sbin (LP: #1585311)
    - [Debian] Install lsvmbus in cloud tools
    - SAUCE: tools/hv/lsvmbus -- convert to python3
    - SAUCE: tools/hv/lsvmbus -- add manual page

* btrfs: file write crashes with false ENOSPC during snapshot creation since
    kernel 4.4 - fix available (LP: #1584052)
    - btrfs: Continue write in case of can_not_nocow

* boot stalls on USB detection errors (LP: #1437492)
    - usb: core: hub: hub_port_init lock controller instead of bus

* [Bug]KNL:Spread MWAIT cache lines over all nodes (LP: #1585850)
    - kernek/fork.c: allocate idle task for a CPU always on its local node

* [Hyper-V] PCI Passthrough kernel hang and explicit barriers (LP: #1581243)
    - PCI: hv: Report resources release after stopping the bus
    - PCI: hv: Add explicit barriers to config space access

* Kernel 4.2.X and 4.4.X - Fix USB3.0 link power management (LPM)
    claim/release logic in USBFS (LP: #1577024)
    - USB: leave LPM alone if possible when binding/unbinding interface drivers

* STC840.20:tuleta:tul516p01 panic after injecting Leaf EEH (LP: #1581034)
    - NVMe: Fix namespace removal deadlock
    - NVMe: Requeue requests on suspended queues
    - NVMe: Move error handling to failed reset handler
    - blk-mq: End unstarted requests on dying queue

* conflicting modules in udebs - arc4.ko (LP: #1582991)
    - [Config] Remove arc4 from nic-modules

* CVE-2016-4482 (LP: #1578493)
    - USB: usbfs: fix potential infoleak in devio

* mlx5_core kexec fail  (LP: #1585978)
    - net/mlx5: Add pci shutdown callback

* backport fix for /proc/net issues with containers (LP: #1584953)
    - netfilter: Set /proc/net entries owner to root in namespace

* CVE-2016-4951 (LP: #1585365)
    - tipc: check nl sock before parsing nested attributes

* CVE-2016-4578 (LP: #1581866)
    - ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt

* CVE-2016-4569 (LP: #1580379)
    - ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS

* s390/pci: fix use after free in dma_init (LP: #1584828)
    - s390/pci: fix use after free in dma_init

* s390/mm: fix asce_bits handling with dynamic pagetable levels (LP: #1584827)
    - s390/mm: fix asce_bits handling with dynamic pagetable levels

* CAPI: CGZIP Wrong CAPI MMIO timeout (256usec desired but 1usec default
    setting in cxl.ko driver) (LP: #1584066)
    - powerpc: Define PVR value for POWER8NVL processor
    - cxl: Configure the PSL for two CAPI ports on POWER8NVL
    - cxl: Increase timeout for detection of AFU mmio hang

* ThunderX: soft lockup in cursor_timer_handler() (LP: #1574814)
    - SAUCE: tty: vt: Fix soft lockup in fbcon cursor blink timer.

* debian.master/.../getabis bogus warnings "inconsistant compiler versions"
    and "not a git repository" (LP: #1584890)
    - [debian] getabis: Only git add $abidir if running in local repo
    - [debian] getabis: Fix inconsistent compiler versions check

* Backport cxlflash patch related to EEH recovery into Xenial SRU stream
    (LP: #1584935)
    - cxlflash: Fix to resolve dead-lock during EEH recovery

* Xenial update to 4.4.11 stable release (LP: #1584912)
    - decnet: Do not build routes to devices without decnet private data.
    - route: do not cache fib route info on local routes with oif
    - packet: fix heap info leak in PACKET_DIAG_MCLIST sock_diag interface
    - net: sched: do not requeue a NULL skb
    - bpf/verifier: reject invalid LD_ABS | BPF_DW instruction
    - cdc_mbim: apply "NDP to end" quirk to all Huawei devices
    - net: use skb_postpush_rcsum instead of own implementations
    - vlan: pull on __vlan_insert_tag error path and fix csum correction
    - openvswitch: use flow protocol when recalculating ipv6 checksums
    - ipv4/fib: don't warn when primary address is missing if in_dev is dead
    - net/mlx4_en: fix spurious timestamping callbacks
    - bpf: fix check_map_func_compatibility logic
    - samples/bpf: fix trace_output example
    - net: Implement net_dbg_ratelimited() for CONFIG_DYNAMIC_DEBUG case
    - gre: do not pull header in ICMP error processing
    - net_sched: introduce qdisc_replace() helper
    - net_sched: update hierarchical backlog too
    - sch_htb: update backlog as well
    - sch_dsmark: update backlog as well
    - netem: Segment GSO packets on enqueue
    - net: fec: only clear a queue's work bit if the queue was emptied
    - VSOCK: do not disconnect socket when peer has shutdown SEND only
    - net: bridge: fix old ioctl unlocked net device walk
    - bridge: fix igmp / mld query parsing
    - uapi glibc compat: fix compile errors when glibc net/if.h included before
      linux/if.h MIME-Version: 1.0
    - net: fix a kernel infoleak in x25 module
    - net: thunderx: avoid exposing kernel stack
    - tcp: refresh skb timestamp at retransmit time
    - net/route: enforce hoplimit max value
    - ocfs2: revert using ocfs2_acl_chmod to avoid inode cluster lock hang
    - ocfs2: fix posix_acl_create deadlock
    - zsmalloc: fix zs_can_compact() integer overflow
    - crypto: qat - fix invalid pf2vf_resp_wq logic
    - crypto: hash - Fix page length clamping in hash walk
    - crypto: testmgr - Use kmalloc memory for RSA input
    - ALSA: usb-audio: Quirk for yet another Phoenix Audio devices (v2)
    - ALSA: usb-audio: Yet another Phoneix Audio device quirk
    - ALSA: hda - Fix subwoofer pin on ASUS N751 and N551
    - ALSA: hda - Fix white noise on Asus UX501VW headset
    - ALSA: hda - Fix broken reconfig
    - spi: pxa2xx: Do not detect number of enabled chip selects on Intel SPT
    - spi: spi-ti-qspi: Fix FLEN and WLEN settings if bits_per_word is overridden
    - spi: spi-ti-qspi: Handle truncated frames properly
    - pinctrl: at91-pio4: fix pull-up/down logic
    - regmap: spmi: Fix regmap_spmi_ext_read in multi-byte case
    - perf/core: Disable the event on a truncated AUX record
    - vfs: add vfs_select_inode() helper
    - vfs: rename: check backing inode being equal
    - ARM: dts: at91: sam9x5: Fix the memory range assigned to the PMC
    - workqueue: fix rebind bound workers warning
    - regulator: s2mps11: Fix invalid selector mask and voltages for buck9
    - regulator: axp20x: Fix axp22x ldo_io voltage ranges
    - atomic_open(): fix the handling of create_error
    - qla1280: Don't allocate 512kb of host tags
    - tools lib traceevent: Do not reassign parg after collapse_tree()
    - get_rock_ridge_filename(): handle malformed NM entries
    - Input: max8997-haptic - fix NULL pointer dereference
    - Revert "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing"
    - drm/radeon: fix PLL sharing on DCE6.1 (v2)
    - drm/i915: Bail out of pipe config compute loop on LPT
    - drm/i915/bdw: Add missing delay during L3 SQC credit programming
    - drm/radeon: fix DP link training issue with second 4K monitor
    - nf_conntrack: avoid kernel pointer value leak in slab name
    - Linux 4.4.11

* Support Edge Gateway's Bluetooth LED (LP: #1512999)
    - SAUCE: Bluetooth: Support for LED on Marvell modules

* Support Edge Gateway's WIFI LED (LP: #1512997)
    - SAUCE: mwifiex: Switch WiFi LED state according to the device status

* Marvell wireless driver update for FCC regulation (LP: #1528910)
    - mwifiex: parse adhoc start/join result
    - mwifiex: handle start AP error paths correctly
    - mwifiex: set regulatory info from EEPROM
    - mwifiex: don't follow AP if country code received from EEPROM
    - mwifiex: correction in region code to country mapping
    - mwifiex: update region_code_index array
    - mwifiex: use world for unidentified region code
    - SAUCE: mwifiex: add iw vendor command support

* Kernel can be oopsed using remap_file_pages (LP: #1558120)
    - Revert "UBUNTU: SAUCE: mm/mmap: fix oopsing on remap_file_pages"
    - SAUCE: AUFS: mm/mmap: fix oopsing on remap_file_pages aufs mmap: bugfix,
      mainly for linux-4.5-rc5, remap_file_pages(2) emulation

* cgroup namespace update (LP: #1584163)
    - Revert "UBUNTU: SAUCE: cgroup mount: ignore nsroot="
    - Revert "UBUNTU: SAUCE: (noup) cgroup namespaces: add a 'nsroot=' mountinfo
      field"
    - cgroup, kernfs: make mountinfo show properly scoped path for cgroup
      namespaces
    - kernfs: kernfs_sop_show_path: don't return 0 after seq_dentry call
    - cgroup: fix compile warning

* Missing libunwind support in perf (LP: #1248289)
    - [Config] add binutils-dev to the Build-Depends: to fix perf unwinding

* e1000 Tx Unit Hang  (LP: #1582328)
    - e1000: Double Tx descriptors needed check for 82544
    - e1000: Do not overestimate descriptor counts in Tx pre-check

* Unsharing user and ipc namespaces simultaneously makes mqueue unmountable
    (LP: #1582378)
    - SAUCE: (namespace) mqueue: Super blocks must be owned by the user ns which
      owns the ipc ns

* Pull in the amdgpu/radeon code from Linux 4.5.3 (LP: #1580526)
    - drm/radeon: rework fbdev handling on chips with no connectors
    - drm/radeon/mst: fix regression in lane/link handling.
    - drm/amd/powerplay: add uvd/vce dpm enabling flag to fix the performance
      issue for CZ
    - drm/amd/powerplay: fix segment fault issue in multi-display case.
    - drm/ttm: fix kref count mess in ttm_bo_move_to_lru_tail

* aufs CONFIG_AUFS_EXPORT build option should be enabled (LP: #1121699)
    - [Config] enable CONFIG_AUFS_EXPORT

* promote *_diag modules from linux-image-extra to linux-image (LP: #1580355)
    - [Config] Update inclusion list for CRIU

* [Xenial] net: updates to ethtool and virtio_net for speed/duplex support
    (LP: #1581132)
    - ethtool: add speed/duplex validation functions
    - ethtool: make validate_speed accept all speeds between 0 and INT_MAX
    - virtio_net: add ethtool support for set and get of settings
    - virtio_net: validate ethtool port setting and explain the user validation

* perf tool: Display event codes for Generic HW (PMU) events (LP: #1578211)
    - powerpc/perf: Remove PME_ prefix for power7 events
    - powerpc/perf: Export Power8 generic and cache events to sysfs

* Mellanox ConnectX4 MTU limits: max and min (LP: #1528466)
    - net/mlx5: Introduce a new header file for physical port functions
    - net/mlx5e: Device's mtu field is u16 and not int
    - net/mlx5e: Fix minimum MTU

* Miscellaneous Ubuntu changes
    - [Config] CONFIG_CAVIUM_ERRATUM_23144=y

-- Luis Henriques <luis.henriques@canonical.com>  Fri, 24 Jun 2016 09:57:21 +0100

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-06-27:

#11

Download full text (7.4 KiB)

This bug was fixed in the package linux - 4.2.0-41.48

---------------
linux (4.2.0-41.48) wily; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
- LP: #1595914

[ Upstream Kernel Changes ]

  * netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (4.2.0-40.47) wily; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1595725

[ Serge Hallyn ]

* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
- LP: #1555338, #1595350

linux (4.2.0-39.46) wily; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1591301

[ J. R. Okajima ]

  * SAUCE: AUFS: mm/mmap: fix oopsing on remap_file_pages aufs mmap:
    bugfix, mainly for linux-4.5-rc5, remap_file_pages(2) emulation
    - LP: #1558120

[ Kamal Mostafa ]

  * [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

[ Tim Gardner ]

  * Revert "SAUCE: mm/mmap: fix oopsing on remap_file_pages"
    - LP: #1558120
  * [Config] Remove arc4 from nic-modules
    - LP: #1582991

[ Upstream Kernel Changes ]

  * Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864
  * hpsa: move lockup_detected attribute to host attr
    - LP: #1581169
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel inf...

This bug was fixed in the package linux - 4.2.0-41.48

---------------
linux (4.2.0-41.48) wily; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
    - LP: #1595914

[ Upstream Kernel Changes ]

* netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (4.2.0-40.47) wily; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1595725

[ Serge Hallyn ]

* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
    - LP: #1555338, #1595350

linux (4.2.0-39.46) wily; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1591301

[ J. R. Okajima ]

* SAUCE: AUFS: mm/mmap: fix oopsing on remap_file_pages aufs mmap:
    bugfix, mainly for linux-4.5-rc5, remap_file_pages(2) emulation
    - LP: #1558120

[ Kamal Mostafa ]

* [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

[ Tim Gardner ]

* Revert "SAUCE: mm/mmap: fix oopsing on remap_file_pages"
    - LP: #1558120
  * [Config] Remove arc4 from nic-modules
    - LP: #1582991

[ Upstream Kernel Changes ]

* Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864
  * hpsa: move lockup_detected attribute to host attr
    - LP: #1581169
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * tipc: check nl sock before parsing nested attributes
    - LP: #1585365
    - CVE-2016-4951
  * netfilter: Set /proc/net entries owner to root in namespace
    - LP: #1584953
  * USB: usbfs: fix potential infoleak in devio
    - LP: #1578493
    - CVE-2016-4482
  * USB: leave LPM alone if possible when binding/unbinding interface
    drivers
    - LP: #1577024
  * [4.2-stable only] fix backport "IB/security: restrict use of the
    write() interface"
    - LP: #1586447
  * regulator: s2mps11: Fix invalid selector mask and voltages for buck9
    - LP: #1586447
  * regmap: spmi: Fix regmap_spmi_ext_read in multi-byte case
    - LP: #1586447
  * ALSA: usb-audio: Quirk for yet another Phoenix Audio devices (v2)
    - LP: #1586447
  * atomic_open(): fix the handling of create_error
    - LP: #1586447
  * drm/i915/bdw: Add missing delay during L3 SQC credit programming
    - LP: #1586447
  * crypto: hash - Fix page length clamping in hash walk
    - LP: #1586447
  * drm/radeon: fix DP link training issue with second 4K monitor
    - LP: #1586447
  * drm/radeon: fix PLL sharing on DCE6.1 (v2)
    - LP: #1586447
  * ALSA: hda - Fix white noise on Asus UX501VW headset
    - LP: #1586447
  * Input: max8997-haptic - fix NULL pointer dereference
    - LP: #1586447
  * drm/i915: Bail out of pipe config compute loop on LPT
    - LP: #1586447
  * ALSA: hda - Fix broken reconfig
    - LP: #1586447
  * ALSA: hda - Fix subwoofer pin on ASUS N751 and N551
    - LP: #1586447
  * vfs: add vfs_select_inode() helper
    - LP: #1586447
  * vfs: rename: check backing inode being equal
    - LP: #1586447
  * ALSA: usb-audio: Yet another Phoneix Audio device quirk
    - LP: #1586447
  * perf/x86: Fix undefined shift on 32-bit kernels
    - LP: #1586447
  * perf/x86/intel/pt: Generate PMI in the STOP region as well
    - LP: #1586447
  * perf/core: Disable the event on a truncated AUX record
    - LP: #1586447
  * tools lib traceevent: Do not reassign parg after collapse_tree()
    - LP: #1586447
  * workqueue: fix rebind bound workers warning
    - LP: #1586447
  * ocfs2: fix posix_acl_create deadlock
    - LP: #1586447
  * nf_conntrack: avoid kernel pointer value leak in slab name
    - LP: #1586447
  * macvtap: segmented packet is consumed
    - LP: #1586447
  * regulator: axp20x: Fix axp22x ldo_io voltage ranges
    - LP: #1586447
  * arm64: bpf: jit JMP_JSET_{X,K}
    - LP: #1586447
  * bridge: fix igmp / mld query parsing
    - LP: #1586447
  * net/mlx4_en: Fix endianness bug in IPV6 csum calculation
    - LP: #1586447
  * net: fec: only clear a queue's work bit if the queue was emptied
    - LP: #1586447
  * tcp: refresh skb timestamp at retransmit time
    - LP: #1586447
  * net/route: enforce hoplimit max value
    - LP: #1586447
  * decnet: Do not build routes to devices without decnet private data.
    - LP: #1586447
  * route: do not cache fib route info on local routes with oif
    - LP: #1586447
  * net: use skb_postpush_rcsum instead of own implementations
    - LP: #1586447
  * vlan: pull on __vlan_insert_tag error path and fix csum correction
    - LP: #1586447
  * ipv4/fib: don't warn when primary address is missing if in_dev is dead
    - LP: #1586447
  * bpf: fix double-fdput in replace_map_fd_with_map_ptr()
    - LP: #1586447
  * net_sched: introduce qdisc_replace() helper
    - LP: #1586447
  * net_sched: update hierarchical backlog too
    - LP: #1586447
  * sch_htb: update backlog as well
    - LP: #1586447
  * sch_dsmark: update backlog as well
    - LP: #1586447
  * netem: Segment GSO packets on enqueue
    - LP: #1586447
  * VSOCK: do not disconnect socket when peer has shutdown SEND only
    - LP: #1586447
  * net: bridge: fix old ioctl unlocked net device walk
    - LP: #1586447
  * cdc_mbim: apply "NDP to end" quirk to all Huawei devices
    - LP: #1586447
  * soreuseport: fix ordering for mixed v4/v6 sockets
    - LP: #1586447
  * uapi glibc compat: fix compile errors when glibc net/if.h included
    before linux/if.h
    - LP: #1586447
  * Linux 4.2.8-ckt11
    - LP: #1586447
  * usb: core: hub: hub_port_init lock controller instead of bus
    - LP: #1437492

-- Luis Henriques <luis.henriques@canonical.com>  Fri, 24 Jun 2016 11:46:57 +0100

Changed in linux (Ubuntu Wily):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-06-27:

#12

Download full text (6.2 KiB)

This bug was fixed in the package linux - 3.19.0-64.72

---------------
linux (3.19.0-64.72) vivid; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
- LP: #1595976

[ Upstream Kernel Changes ]

  * netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (3.19.0-63.71) vivid; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1595723

[ Serge Hallyn ]

* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
- LP: #1555338, #1595350

linux (3.19.0-62.70) vivid; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1591307

[ Kamal Mostafa ]

  * [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

[ Tim Gardner ]

* [Config] Remove arc4 from nic-modules
- LP: #1582991

[ Upstream Kernel Changes ]

  * Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * tipc: check nl sock before parsing nested attributes
    - LP: #1585365
    - CVE-2016-4951
  * netfilter: Set /proc/net entries owner to root in namespace
    - L...

This bug was fixed in the package linux - 3.19.0-64.72

---------------
linux (3.19.0-64.72) vivid; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
    - LP: #1595976

[ Upstream Kernel Changes ]

* netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (3.19.0-63.71) vivid; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1595723

[ Serge Hallyn ]

* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
    - LP: #1555338, #1595350

linux (3.19.0-62.70) vivid; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1591307

[ Kamal Mostafa ]

* [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

[ Tim Gardner ]

* [Config] Remove arc4 from nic-modules
    - LP: #1582991

[ Upstream Kernel Changes ]

* Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * tipc: check nl sock before parsing nested attributes
    - LP: #1585365
    - CVE-2016-4951
  * netfilter: Set /proc/net entries owner to root in namespace
    - LP: #1584953
  * USB: usbfs: fix potential infoleak in devio
    - LP: #1578493
    - CVE-2016-4482
  * USB: leave LPM alone if possible when binding/unbinding interface
    drivers
    - LP: #1577024
  * compiler-gcc: integrate the various compiler-gcc[345].h files
    - LP: #1587557
  * fix backport "IB/security: restrict use of the write() interface"
    - LP: #1587557
  * x86: LLVMLinux: Fix "incomplete type const struct x86cpu_device_id"
    - LP: #1587557
  * regulator: s2mps11: Fix invalid selector mask and voltages for buck9
    - LP: #1587557
  * regmap: spmi: Fix regmap_spmi_ext_read in multi-byte case
    - LP: #1587557
  * atomic_open(): fix the handling of create_error
    - LP: #1587557
  * crypto: hash - Fix page length clamping in hash walk
    - LP: #1587557
  * drm/radeon: fix PLL sharing on DCE6.1 (v2)
    - LP: #1587557
  * ALSA: hda - Fix white noise on Asus UX501VW headset
    - LP: #1587557
  * Input: max8997-haptic - fix NULL pointer dereference
    - LP: #1587557
  * drm/i915: Bail out of pipe config compute loop on LPT
    - LP: #1587557
  * ALSA: hda - Fix subwoofer pin on ASUS N751 and N551
    - LP: #1587557
  * tools lib traceevent: Free filter tokens in process_filter()
    - LP: #1587557
  * tools lib traceevent: Do not reassign parg after collapse_tree()
    - LP: #1587557
  * workqueue: fix rebind bound workers warning
    - LP: #1587557
  * ocfs2: fix posix_acl_create deadlock
    - LP: #1587557
  * nf_conntrack: avoid kernel pointer value leak in slab name
    - LP: #1587557
  * net: fec: only clear a queue's work bit if the queue was emptied
    - LP: #1587557
  * net/mlx4_en: Fix endianness bug in IPV6 csum calculation
    - LP: #1587557
  * macvtap: segmented packet is consumed
    - LP: #1587557
  * tcp: refresh skb timestamp at retransmit time
    - LP: #1587557
  * arm64: bpf: jit JMP_JSET_{X,K}
    - LP: #1587557
  * decnet: Do not build routes to devices without decnet private data.
    - LP: #1587557
  * route: do not cache fib route info on local routes with oif
    - LP: #1587557
  * net: use skb_postpush_rcsum instead of own implementations
    - LP: #1587557
  * vlan: pull on __vlan_insert_tag error path and fix csum correction
    - LP: #1587557
  * ipv4/fib: don't warn when primary address is missing if in_dev is dead
    - LP: #1587557
  * bpf: fix double-fdput in replace_map_fd_with_map_ptr()
    - LP: #1587557
  * net_sched: introduce qdisc_replace() helper
    - LP: #1587557
  * net_sched: update hierarchical backlog too
    - LP: #1587557
  * sch_htb: update backlog as well
    - LP: #1587557
  * sch_dsmark: update backlog as well
    - LP: #1587557
  * netem: Segment GSO packets on enqueue
    - LP: #1587557
  * VSOCK: do not disconnect socket when peer has shutdown SEND only
    - LP: #1587557
  * net: bridge: fix old ioctl unlocked net device walk
    - LP: #1587557
  * Linux 3.19.8-ckt22
    - LP: #1587557
  * usb: core: hub: hub_port_init lock controller instead of bus
    - LP: #1437492
  * i915_bpo: Check live status before reading edid
    - LP: #1588375

-- Luis Henriques <luis.henriques@canonical.com>  Fri, 24 Jun 2016 15:39:13 +0100

Changed in linux (Ubuntu Vivid):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-06-27:

#13

Download full text (4.0 KiB)

This bug was fixed in the package linux - 3.13.0-91.138

---------------
linux (3.13.0-91.138) trusty; urgency=medium

[ Luis Henriques ]

* Release Tracking Bug
- LP: #1595991

[ Upstream Kernel Changes ]

  * netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (3.13.0-90.137) trusty; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1595693

[ Serge Hallyn ]

* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
- LP: #1555338, #1595350

linux (3.13.0-89.136) trusty; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1591315

[ Kamal Mostafa ]

  * [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

[ Stefan Bader ]

* SAUCE: powerpc/powernv: Fix incomplete backport of 8117ac6
- LP: #1589910

[ Tim Gardner ]

* [Config] Remove arc4 from nic-modules
- LP: #1582991

[ Upstream Kernel Changes ]

  * KVM: x86: move steal time initialization to vcpu entry time
    - LP: #1494350
  * lpfc: Fix premature release of rpi bit in bitmask
    - LP: #1580560
  * lpfc: Correct loss of target discovery after cable swap.
    - LP: #1580560
  * mm/balloon_compaction: redesign ballooned pages management
    - LP: #1572562
  * mm/balloon_compaction: fix deflation when compaction is disabled
    - LP: #1572562
  * bridge: Fix the way to find old local fdb entries in br_fdb_changeaddr
    - LP: #1581585
  * bridge: notify user space after fdb update
    - LP: #1581585
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
   ...

This bug was fixed in the package linux - 3.13.0-91.138

---------------
linux (3.13.0-91.138) trusty; urgency=medium

[ Luis Henriques ]

* Release Tracking Bug
    - LP: #1595991

[ Upstream Kernel Changes ]

* netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux (3.13.0-90.137) trusty; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1595693

[ Serge Hallyn ]

* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
    - LP: #1555338, #1595350

linux (3.13.0-89.136) trusty; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1591315

[ Kamal Mostafa ]

* [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

[ Stefan Bader ]

* SAUCE: powerpc/powernv: Fix incomplete backport of 8117ac6
    - LP: #1589910

[ Tim Gardner ]

* [Config] Remove arc4 from nic-modules
    - LP: #1582991

[ Upstream Kernel Changes ]

* KVM: x86: move steal time initialization to vcpu entry time
    - LP: #1494350
  * lpfc: Fix premature release of rpi bit in bitmask
    - LP: #1580560
  * lpfc: Correct loss of target discovery after cable swap.
    - LP: #1580560
  * mm/balloon_compaction: redesign ballooned pages management
    - LP: #1572562
  * mm/balloon_compaction: fix deflation when compaction is disabled
    - LP: #1572562
  * bridge: Fix the way to find old local fdb entries in br_fdb_changeaddr
    - LP: #1581585
  * bridge: notify user space after fdb update
    - LP: #1581585
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * netfilter: Set /proc/net entries owner to root in namespace
    - LP: #1584953
  * USB: usbfs: fix potential infoleak in devio
    - LP: #1578493
    - CVE-2016-4482
  * IB/security: Restrict use of the write() interface
    - LP: #1580372
    - CVE-2016-4565
  * netlink: autosize skb lengthes
    - LP: #1568969
  * xfs: allow inode allocations in post-growfs disk space
    - LP: #1560142

-- Luis Henriques <luis.henriques@canonical.com>  Fri, 24 Jun 2016 16:19:03 +0100

Changed in linux (Ubuntu Trusty):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-06-27:

#14

Download full text (3.5 KiB)

This bug was fixed in the package linux-lts-utopic - 3.16.0-76.98~14.04.1

---------------
linux-lts-utopic (3.16.0-76.98~14.04.1) trusty; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
- LP: #1596019

[ Upstream Kernel Changes ]

  * netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux-lts-utopic (3.16.0-75.97~14.04.1) trusty; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1595703

[ Serge Hallyn ]

* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
- LP: #1555338, #1595350

linux-lts-utopic (3.16.0-74.96~14.04.1) trusty; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
- LP: #1591324

[ Kamal Mostafa ]

  * [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

[ Tim Gardner ]

* [Config] Remove arc4 from nic-modules
- LP: #1582991

[ Upstream Kernel Changes ]

  * Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864
  * mm/balloon_compaction: redesign ballooned pages management
    - LP: #1572562
  * mm/balloon_compaction: fix deflation when compaction is disabled
    - LP: #1572562
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_rid...

This bug was fixed in the package linux-lts-utopic - 3.16.0-76.98~14.04.1

---------------
linux-lts-utopic (3.16.0-76.98~14.04.1) trusty; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
    - LP: #1596019

[ Upstream Kernel Changes ]

* netfilter: x_tables: validate e->target_offset early
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: make sure e->next_offset covers remaining blob
    size
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: fix unconditional helper
    - LP: #1555338
    - CVE-2016-3134
  * netfilter: x_tables: don't move to non-existent next rule
    - LP: #1595350
  * netfilter: x_tables: validate targets of jumps
    - LP: #1595350
  * netfilter: x_tables: add and use xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: kill check_entry helper
    - LP: #1595350
  * netfilter: x_tables: assert minimum target size
    - LP: #1595350
  * netfilter: x_tables: add compat version of xt_check_entry_offsets
    - LP: #1595350
  * netfilter: x_tables: check standard target size too
    - LP: #1595350
  * netfilter: x_tables: check for bogus target offset
    - LP: #1595350
  * netfilter: x_tables: validate all offsets and sizes in a rule
    - LP: #1595350
  * netfilter: x_tables: don't reject valid target size on some
    architectures
    - LP: #1595350
  * netfilter: arp_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: ip6_tables: simplify translate_compat_table args
    - LP: #1595350
  * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
    - LP: #1595350
  * netfilter: x_tables: do compat validation via translate_table
    - LP: #1595350
  * netfilter: x_tables: introduce and use xt_copy_counters_from_user
    - LP: #1595350

linux-lts-utopic (3.16.0-75.97~14.04.1) trusty; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1595703

[ Serge Hallyn ]

* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
    - LP: #1555338, #1595350

linux-lts-utopic (3.16.0-74.96~14.04.1) trusty; urgency=low

[ Kamal Mostafa ]

* Release Tracking Bug
    - LP: #1591324

[ Kamal Mostafa ]

* [debian] getabis: Only git add $abidir if running in local repo
    - LP: #1584890
  * [debian] getabis: Fix inconsistent compiler versions check
    - LP: #1584890

[ Tim Gardner ]

* [Config] Remove arc4 from nic-modules
    - LP: #1582991

[ Upstream Kernel Changes ]

* Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864
  * mm/balloon_compaction: redesign ballooned pages management
    - LP: #1572562
  * mm/balloon_compaction: fix deflation when compaction is disabled
    - LP: #1572562
  * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
    - LP: #1580379
    - CVE-2016-4569
  * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
    - LP: #1581866
    - CVE-2016-4578
  * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
    - LP: #1581866
    - CVE-2016-4578
  * net: fix a kernel infoleak in x25 module
    - LP: #1585366
    - CVE-2016-4580
  * get_rock_ridge_filename(): handle malformed NM entries
    - LP: #1583962
    - CVE-2016-4913
  * netfilter: Set /proc/net entries owner to root in namespace
    - LP: #1584953
  * USB: usbfs: fix potential infoleak in devio
    - LP: #1578493
    - CVE-2016-4482
  * IB/security: Restrict use of the write() interface
    - LP: #1580372
    - CVE-2016-4565

-- Luis Henriques <luis.henriques@canonical.com>  Fri, 24 Jun 2016 17:17:07 +0100

Changed in linux-lts-utopic (Ubuntu Trusty):
status:	Fix Committed → Fix Released

Ubuntu
linux package

backport fix for /proc/net issues with containers

Bug Description

Related branches

CVE References

Other bug subscribers

Bug attachments

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	Medium	Seth Forshee
Trusty	Fix Released	Medium	Seth Forshee
Vivid	Fix Released	Medium	Seth Forshee
Wily	Fix Released	Medium	Seth Forshee
Xenial	Fix Released	Medium	Seth Forshee
linux-lts-utopic (Ubuntu)	Invalid	Undecided	Unassigned
Trusty	Fix Released	Medium	Seth Forshee
Vivid	Invalid	Undecided	Unassigned
Wily	Invalid	Undecided	Unassigned
Xenial	Invalid	Undecided	Unassigned

Ubuntulinux package

backport fix for /proc/net issues with containers

Bug Description

Related branches

CVE References

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
linux package