* ptrace: being capable wrt a process requires mapped uids/gids
- LP: #1527374
linux (4.2.0-22.26) wily; urgency=low
[ Upstream Kernel Changes ]
* xen: Add RING_COPY_REQUEST()
- CVE-2015-8550
* xen-netback: don't use last request to determine minimum Tx credit
- CVE-2015-8550
* xen-netback: use RING_COPY_REQUEST() throughout
- CVE-2015-8550
* xen-blkback: only read request operation from shared ring once
- CVE-2015-8550
* xen-blkback: read from indirect descriptors only once
- CVE-2015-8550
* xen-scsiback: safely copy requests
- CVE-2015-8550
* xen/pciback: Save xen_pci_op commands before processing it
- CVE-2015-8550
* xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI
or MSI-X enabled
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
* xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI
or MSI-X enabled
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
* xen/pciback: Do not install an IRQ handler for MSI interrupts.
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
* xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has
MSI(X) enabled.
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
* xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
-- Kamal Mostafa <email address hidden> Thu, 17 Dec 2015 12:54:53 -0800
This bug was fixed in the package linux - 4.2.0-22.27
---------------
linux (4.2.0-22.27) wily; urgency=low
[ Kamal Mostafa ]
* Release Tracking Bug
- LP: #1527391
[ Jann Horn ]
* ptrace: being capable wrt a process requires mapped uids/gids
- LP: #1527374
linux (4.2.0-22.26) wily; urgency=low
[ Upstream Kernel Changes ]
* xen: Add RING_COPY_REQUEST()OP_enable_msi when device has MSIOP_enable_msix when device has MSIOP_disable_msi[|x] only disable if device has
- CVE-2015-8550
* xen-netback: don't use last request to determine minimum Tx credit
- CVE-2015-8550
* xen-netback: use RING_COPY_REQUEST() throughout
- CVE-2015-8550
* xen-blkback: only read request operation from shared ring once
- CVE-2015-8550
* xen-blkback: read from indirect descriptors only once
- CVE-2015-8550
* xen-scsiback: safely copy requests
- CVE-2015-8550
* xen/pciback: Save xen_pci_op commands before processing it
- CVE-2015-8550
* xen/pciback: Return error on XEN_PCI_
or MSI-X enabled
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
* xen/pciback: Return error on XEN_PCI_
or MSI-X enabled
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
* xen/pciback: Do not install an IRQ handler for MSI interrupts.
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
* xen/pciback: For XEN_PCI_
MSI(X) enabled.
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
* xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
- CVE-2015-8551, CVE-2015-8552, CVE-2015-8553
-- Kamal Mostafa <email address hidden> Thu, 17 Dec 2015 12:54:53 -0800