CVE-2016-2117

Bug #1561403 reported by Steve Beattie
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Fix Released
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Fix Committed
High
Unassigned
Xenial
Fix Released
High
Unassigned
Yakkety
Fix Released
High
Unassigned
linux-armadaxp (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-flo (Ubuntu)
New
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
New
High
Unassigned
Xenial
New
High
Unassigned
Yakkety
New
High
Unassigned
linux-goldfish (Ubuntu)
New
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
New
Undecided
Unassigned
Wily
New
High
Unassigned
Xenial
New
High
Unassigned
Yakkety
New
High
Unassigned
linux-lts-quantal (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-lts-raring (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-lts-saucy (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-lts-trusty (Ubuntu)
Invalid
High
Unassigned
Precise
Fix Released
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-lts-utopic (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Fix Released
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-lts-vivid (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Fix Committed
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-lts-wily (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Fix Committed
High
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-lts-xenial (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Fix Released
High
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-mako (Ubuntu)
New
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
New
High
Unassigned
Xenial
New
High
Unassigned
Yakkety
New
High
Unassigned
linux-manta (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
New
Undecided
Unassigned
Wily
New
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned
linux-raspi2 (Ubuntu)
New
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Fix Committed
High
Unassigned
Xenial
Fix Released
High
Unassigned
Yakkety
New
High
Unassigned
linux-snapdragon (Ubuntu)
New
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
New
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Fix Released
High
Unassigned
Yakkety
New
High
Unassigned
linux-ti-omap4 (Ubuntu)
Invalid
High
Unassigned
Precise
Invalid
High
Unassigned
Trusty
Invalid
High
Unassigned
Vivid
Won't Fix
Undecided
Unassigned
Wily
Invalid
High
Unassigned
Xenial
Invalid
High
Unassigned
Yakkety
Invalid
High
Unassigned

Bug Description

The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.

Break-Fix: ec5f061564238892005257c83565a0b58ec79295 f43bfaeddc79effbf3d0fcb53ca477cca66f3db8

Revision history for this message
Steve Beattie (sbeattie) wrote :

CVE-2016-2117

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-lts-trusty (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-wily (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Trusty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Wily):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Xenial):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Trusty):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Wily):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Xenial):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-xenial (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Xenial):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-vivid (Ubuntu Xenial):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-raspi2 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Wily):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Xenial):
status: New → Invalid
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
description: updated
Changed in linux-lts-trusty (Ubuntu Precise):
importance: Undecided → High
Changed in linux-lts-trusty (Ubuntu Wily):
importance: Undecided → High
Changed in linux-lts-trusty (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-lts-trusty (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-lts-wily (Ubuntu Precise):
importance: Undecided → High
Changed in linux-lts-wily (Ubuntu Wily):
importance: Undecided → High
Changed in linux-lts-wily (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-lts-wily (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Wily):
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-lts-quantal (Ubuntu Trusty):
importance: Undecided → High
Changed in linux (Ubuntu Precise):
importance: Undecided → High
Changed in linux (Ubuntu Wily):
importance: Undecided → High
Changed in linux (Ubuntu Xenial):
importance: Undecided → High
Changed in linux (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Wily):
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-ti-omap4 (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Wily):
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-lts-raring (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Wily):
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-armadaxp (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-lts-xenial (Ubuntu Precise):
importance: Undecided → High
Changed in linux-lts-xenial (Ubuntu Wily):
importance: Undecided → High
Changed in linux-lts-xenial (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-lts-xenial (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Wily):
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-manta (Ubuntu Precise):
importance: Undecided → High
Changed in linux-manta (Ubuntu Wily):
importance: Undecided → High
Changed in linux-manta (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-manta (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-vivid (Ubuntu Precise):
importance: Undecided → High
Changed in linux-lts-vivid (Ubuntu Wily):
importance: Undecided → High
Changed in linux-lts-vivid (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-lts-vivid (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-raspi2 (Ubuntu Precise):
importance: Undecided → High
Changed in linux-raspi2 (Ubuntu Wily):
importance: Undecided → High
Changed in linux-raspi2 (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-raspi2 (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-mako (Ubuntu Precise):
importance: Undecided → High
Changed in linux-mako (Ubuntu Wily):
importance: Undecided → High
Changed in linux-mako (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-mako (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-lts-utopic (Ubuntu Precise):
importance: Undecided → High
Steve Beattie (sbeattie)
Changed in linux-lts-utopic (Ubuntu Wily):
importance: Undecided → High
Changed in linux-lts-utopic (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-lts-utopic (Ubuntu Trusty):
importance: Undecided → High
Changed in linux-goldfish (Ubuntu Precise):
importance: Undecided → High
Changed in linux-goldfish (Ubuntu Wily):
importance: Undecided → High
Changed in linux-goldfish (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-goldfish (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Changed in linux-flo (Ubuntu Precise):
importance: Undecided → High
Changed in linux-flo (Ubuntu Wily):
importance: Undecided → High
Changed in linux-flo (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-flo (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
Steve Beattie (sbeattie)
Changed in linux-manta (Ubuntu Xenial):
status: New → Invalid
Changed in linux (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Steve Beattie (sbeattie)
Changed in linux (Ubuntu Xenial):
status: Fix Committed → New
Changed in linux (Ubuntu Trusty):
status: Fix Committed → New
description: updated
Steve Beattie (sbeattie)
Changed in linux (Ubuntu Precise):
status: New → Invalid
Changed in linux (Ubuntu Wily):
status: New → Fix Committed
Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Changed in linux (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-utopic (Ubuntu Trusty):
status: New → Fix Committed
Steve Beattie (sbeattie)
Changed in linux-snapdragon (Ubuntu Precise):
status: New → Invalid
importance: Undecided → High
Changed in linux-snapdragon (Ubuntu Wily):
status: New → Invalid
importance: Undecided → High
Changed in linux-snapdragon (Ubuntu Xenial):
importance: Undecided → High
Changed in linux-snapdragon (Ubuntu Yakkety):
importance: Undecided → High
Changed in linux-snapdragon (Ubuntu Trusty):
status: New → Invalid
importance: Undecided → High
description: updated
Steve Beattie (sbeattie)
Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-lts-wily (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-lts-xenial (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-lts-vivid (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux-raspi2 (Ubuntu Wily):
status: New → Fix Committed
Changed in linux-raspi2 (Ubuntu Xenial):
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (16.9 KiB)

This bug was fixed in the package linux-snapdragon - 4.4.0-1014.16

---------------
linux-snapdragon (4.4.0-1014.16) xenial; urgency=low

  [ Kamal Mostafa ]

  * Rebase against Ubuntu-4.4.0-23.41
  * Release Tracking Bug
    - LP: #1582679

  * zfs: disable module checks for zfs when cross-compiling (LP: #1581127)
    - [Packaging] disable zfs module checks when cross-compiling

  * Xenial update to v4.4.10 stable release (LP: #1580754)
    - Revert "UBUNTU: SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for
      recursive method calls"
    - Revert "UBUNTU: SAUCE: nbd: ratelimit error msgs after socket close"
    - Revert: "powerpc/tm: Check for already reclaimed tasks"
    - RDMA/iw_cxgb4: Fix bar2 virt addr calculation for T4 chips
    - ipvs: handle ip_vs_fill_iph_skb_off failure
    - ipvs: correct initial offset of Call-ID header search in SIP persistence
      engine
    - ipvs: drop first packet to redirect conntrack
    - mfd: intel-lpss: Remove clock tree on error path
    - nbd: ratelimit error msgs after socket close
    - ata: ahci_xgene: dereferencing uninitialized pointer in probe
    - mwifiex: fix corner case association failure
    - CNS3xxx: Fix PCI cns3xxx_write_config()
    - clk-divider: make sure read-only dividers do not write to their register
    - soc: rockchip: power-domain: fix err handle while probing
    - clk: rockchip: free memory in error cases when registering clock branches
    - clk: meson: Fix meson_clk_register_clks() signature type mismatch
    - clk: qcom: msm8960: fix ce3_core clk enable register
    - clk: versatile: sp810: support reentrance
    - clk: qcom: msm8960: Fix ce3_src register offset
    - lpfc: fix misleading indentation
    - ath9k: ar5008_hw_cmn_spur_mitigate: add missing mask_m & mask_p
      initialisation
    - mac80211: fix statistics leak if dev_alloc_name() fails
    - tracing: Don't display trigger file for events that can't be enabled
    - MD: make bio mergeable
    - Minimal fix-up of bad hashing behavior of hash_64()
    - mm, cma: prevent nr_isolated_* counters from going negative
    - mm/zswap: provide unique zpool name
    - ARM: EXYNOS: Properly skip unitialized parent clock in power domain on
    - ARM: SoCFPGA: Fix secondary CPU startup in thumb2 kernel
    - xen: Fix page <-> pfn conversion on 32 bit systems
    - xen/balloon: Fix crash when ballooning on x86 32 bit PAE
    - xen/evtchn: fix ring resize when binding new events
    - HID: wacom: Add support for DTK-1651
    - HID: Fix boot delay for Creative SB Omni Surround 5.1 with quirk
    - Input: zforce_ts - fix dual touch recognition
    - proc: prevent accessing /proc/<PID>/environ until it's ready
    - mm: update min_free_kbytes from khugepaged after core initialization
    - batman-adv: fix DAT candidate selection (must use vid)
    - batman-adv: Check skb size before using encapsulated ETH+VLAN header
    - batman-adv: Fix broadcast/ogm queue limit on a removed interface
    - batman-adv: Reduce refcnt of removed router when updating route
    - writeback: Fix performance regression in wb_over_bg_thresh()
    - MAINTAINERS: Remove asterisk from EFI directory names
    - x86/tsc: Read all ratio bits ...

Changed in linux-snapdragon (Ubuntu Yakkety):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (18.3 KiB)

This bug was fixed in the package linux-raspi2 - 4.4.0-1011.14

---------------
linux-raspi2 (4.4.0-1011.14) xenial; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1582847
  * Rebase against Ubuntu-4.4.0-23.41

  * zfs: disable module checks for zfs when cross-compiling (LP: #1581127)
    - [Packaging] disable zfs module checks when cross-compiling

  * Xenial update to v4.4.10 stable release (LP: #1580754)
    - Revert "UBUNTU: SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for
      recursive method calls"
    - Revert "UBUNTU: SAUCE: nbd: ratelimit error msgs after socket close"
    - Revert: "powerpc/tm: Check for already reclaimed tasks"
    - RDMA/iw_cxgb4: Fix bar2 virt addr calculation for T4 chips
    - ipvs: handle ip_vs_fill_iph_skb_off failure
    - ipvs: correct initial offset of Call-ID header search in SIP persistence
      engine
    - ipvs: drop first packet to redirect conntrack
    - mfd: intel-lpss: Remove clock tree on error path
    - nbd: ratelimit error msgs after socket close
    - ata: ahci_xgene: dereferencing uninitialized pointer in probe
    - mwifiex: fix corner case association failure
    - CNS3xxx: Fix PCI cns3xxx_write_config()
    - clk-divider: make sure read-only dividers do not write to their register
    - soc: rockchip: power-domain: fix err handle while probing
    - clk: rockchip: free memory in error cases when registering clock branches
    - clk: meson: Fix meson_clk_register_clks() signature type mismatch
    - clk: qcom: msm8960: fix ce3_core clk enable register
    - clk: versatile: sp810: support reentrance
    - clk: qcom: msm8960: Fix ce3_src register offset
    - lpfc: fix misleading indentation
    - ath9k: ar5008_hw_cmn_spur_mitigate: add missing mask_m & mask_p
      initialisation
    - mac80211: fix statistics leak if dev_alloc_name() fails
    - tracing: Don't display trigger file for events that can't be enabled
    - MD: make bio mergeable
    - Minimal fix-up of bad hashing behavior of hash_64()
    - mm, cma: prevent nr_isolated_* counters from going negative
    - mm/zswap: provide unique zpool name
    - ARM: EXYNOS: Properly skip unitialized parent clock in power domain on
    - ARM: SoCFPGA: Fix secondary CPU startup in thumb2 kernel
    - xen: Fix page <-> pfn conversion on 32 bit systems
    - xen/balloon: Fix crash when ballooning on x86 32 bit PAE
    - xen/evtchn: fix ring resize when binding new events
    - HID: wacom: Add support for DTK-1651
    - HID: Fix boot delay for Creative SB Omni Surround 5.1 with quirk
    - Input: zforce_ts - fix dual touch recognition
    - proc: prevent accessing /proc/<PID>/environ until it's ready
    - mm: update min_free_kbytes from khugepaged after core initialization
    - batman-adv: fix DAT candidate selection (must use vid)
    - batman-adv: Check skb size before using encapsulated ETH+VLAN header
    - batman-adv: Fix broadcast/ogm queue limit on a removed interface
    - batman-adv: Reduce refcnt of removed router when updating route
    - writeback: Fix performance regression in wb_over_bg_thresh()
    - MAINTAINERS: Remove asterisk from EFI directory names
    - x86/tsc: Read all ratio bits from MSR...

Changed in linux-raspi2 (Ubuntu Yakkety):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (16.9 KiB)

This bug was fixed in the package linux - 4.4.0-23.41

---------------
linux (4.4.0-23.41) xenial; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1582431

  * zfs: disable module checks for zfs when cross-compiling (LP: #1581127)
    - [Packaging] disable zfs module checks when cross-compiling

  * Xenial update to v4.4.10 stable release (LP: #1580754)
    - Revert "UBUNTU: SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for
      recursive method calls"
    - Revert "UBUNTU: SAUCE: nbd: ratelimit error msgs after socket close"
    - Revert: "powerpc/tm: Check for already reclaimed tasks"
    - RDMA/iw_cxgb4: Fix bar2 virt addr calculation for T4 chips
    - ipvs: handle ip_vs_fill_iph_skb_off failure
    - ipvs: correct initial offset of Call-ID header search in SIP persistence
      engine
    - ipvs: drop first packet to redirect conntrack
    - mfd: intel-lpss: Remove clock tree on error path
    - nbd: ratelimit error msgs after socket close
    - ata: ahci_xgene: dereferencing uninitialized pointer in probe
    - mwifiex: fix corner case association failure
    - CNS3xxx: Fix PCI cns3xxx_write_config()
    - clk-divider: make sure read-only dividers do not write to their register
    - soc: rockchip: power-domain: fix err handle while probing
    - clk: rockchip: free memory in error cases when registering clock branches
    - clk: meson: Fix meson_clk_register_clks() signature type mismatch
    - clk: qcom: msm8960: fix ce3_core clk enable register
    - clk: versatile: sp810: support reentrance
    - clk: qcom: msm8960: Fix ce3_src register offset
    - lpfc: fix misleading indentation
    - ath9k: ar5008_hw_cmn_spur_mitigate: add missing mask_m & mask_p
      initialisation
    - mac80211: fix statistics leak if dev_alloc_name() fails
    - tracing: Don't display trigger file for events that can't be enabled
    - MD: make bio mergeable
    - Minimal fix-up of bad hashing behavior of hash_64()
    - mm, cma: prevent nr_isolated_* counters from going negative
    - mm/zswap: provide unique zpool name
    - ARM: EXYNOS: Properly skip unitialized parent clock in power domain on
    - ARM: SoCFPGA: Fix secondary CPU startup in thumb2 kernel
    - xen: Fix page <-> pfn conversion on 32 bit systems
    - xen/balloon: Fix crash when ballooning on x86 32 bit PAE
    - xen/evtchn: fix ring resize when binding new events
    - HID: wacom: Add support for DTK-1651
    - HID: Fix boot delay for Creative SB Omni Surround 5.1 with quirk
    - Input: zforce_ts - fix dual touch recognition
    - proc: prevent accessing /proc/<PID>/environ until it's ready
    - mm: update min_free_kbytes from khugepaged after core initialization
    - batman-adv: fix DAT candidate selection (must use vid)
    - batman-adv: Check skb size before using encapsulated ETH+VLAN header
    - batman-adv: Fix broadcast/ogm queue limit on a removed interface
    - batman-adv: Reduce refcnt of removed router when updating route
    - writeback: Fix performance regression in wb_over_bg_thresh()
    - MAINTAINERS: Remove asterisk from EFI directory names
    - x86/tsc: Read all ratio bits from MSR_PLATFORM_INFO
    - ARM: cpuidle: Pass on arm_cpuidle_s...

Changed in linux (Ubuntu Yakkety):
status: New → Fix Released
Steve Beattie (sbeattie)
Changed in linux-raspi2 (Ubuntu Yakkety):
status: Fix Released → New
Changed in linux-snapdragon (Ubuntu Yakkety):
status: Fix Released → New
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.13.0-87.133

---------------
linux (3.13.0-87.133) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1585315

  [ Upstream Kernel Changes ]

  * Revert "usb: hub: do not clear BOS field during reset device"
    - LP: #1582864

linux (3.13.0-87.132) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1582398

  [ Kamal Mostafa ]

  * [Config] Drop ozwpan from the ABI

  [ Luis Henriques ]

  * [Config] CONFIG_USB_WPAN_HCD=n
    - LP: #1463740
    - CVE-2015-4004

  [ Prarit Bhargava ]

  * SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for recursive
    method calls
    - LP: #1577898

  [ Upstream Kernel Changes ]

  * usbnet: cleanup after bind() in probe()
    - LP: #1567191
    - CVE-2016-3951
  * KVM: x86: bit-ops emulation ignores offset on 64-bit
    - LP: #1423672
  * USB: usbip: fix potential out-of-bounds write
    - LP: #1572666
    - CVE-2016-3955
  * x86/mm/32: Enable full randomization on i386 and X86_32
    - LP: #1568523
    - CVE-2016-3672
  * Input: gtco - fix crash on detecting device without endpoints
    - LP: #1575706
    - CVE-2016-2187
  * atl2: Disable unimplemented scatter/gather feature
    - LP: #1561403
    - CVE-2016-2117
  * ALSA: usb-audio: Skip volume controls triggers hangup on Dell USB Dock
    - LP: #1577905
  * fs/pnode.c: treat zero mnt_group_id-s as unequal
    - LP: #1572316
  * propogate_mnt: Handle the first propogated copy being a slave
    - LP: #1572316
  * drm: Balance error path for GEM handle allocation
    - LP: #1579610
  * x86/mm: Add barriers and document switch_mm()-vs-flush synchronization
    - LP: #1538429
    - CVE-2016-2069
  * x86/mm: Improve switch_mm() barrier comments
    - LP: #1538429
    - CVE-2016-2069
  * net: fix infoleak in llc
    - LP: #1578496
    - CVE-2016-4485
  * net: fix infoleak in rtnetlink
    - LP: #1578497
    - CVE-2016-4486

 -- Kamal Mostafa <email address hidden> Tue, 24 May 2016 11:04:30 -0700

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-trusty - 3.13.0-88.135~precise1

---------------
linux-lts-trusty (3.13.0-88.135~precise1) precise; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler

 -- Andy Whitcroft <email address hidden> Thu, 09 Jun 2016 09:05:50 +0100

Changed in linux-lts-trusty (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-utopic - 3.16.0-73.95~14.04.1

---------------
linux-lts-utopic (3.16.0-73.95~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler

 -- Andy Whitcroft <email address hidden> Thu, 09 Jun 2016 08:46:24 +0100

Changed in linux-lts-utopic (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-lts-xenial - 4.4.0-24.43~14.04.1

---------------
linux-lts-xenial (4.4.0-24.43~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

  * arm64: statically link rtc-efi (LP: #1583738)
    - [Config] Link rtc-efi statically on arm64

 -- Andy Whitcroft <email address hidden> Wed, 08 Jun 2016 20:01:12 +0100

Changed in linux-lts-xenial (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.4.0-24.43

---------------
linux (4.4.0-24.43) xenial; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

  * arm64: statically link rtc-efi (LP: #1583738)
    - [Config] Link rtc-efi statically on arm64

 -- Kamal Mostafa <email address hidden> Fri, 03 Jun 2016 10:02:16 -0700

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-raspi2 - 4.4.0-1012.16

---------------
linux-raspi2 (4.4.0-1012.16) xenial; urgency=low

  [ Andy Whitcroft ]

  * Rebase against Ubuntu-4.4.0-23.41

  [ Ubuntu: 4.4.0-24.43 ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end
  * arm64: statically link rtc-efi (LP: #1583738)
    - [Config] Link rtc-efi statically on arm64

 -- Andy Whitcroft <email address hidden> Wed, 08 Jun 2016 20:38:13 +0100

Changed in linux-raspi2 (Ubuntu Xenial):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-snapdragon - 4.4.0-1015.18

---------------
linux-snapdragon (4.4.0-1015.18) xenial; urgency=low

  [ Kamal Mostafa ]

  [ Ubuntu: 4.4.0-24.42 ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end
  * arm64: statically link rtc-efi (LP: #1583738)
    - [Config] Link rtc-efi statically on arm64

 -- Andy Whitcroft <email address hidden> Wed, 08 Jun 2016 21:34:43 +0100

Changed in linux-snapdragon (Ubuntu Xenial):
status: New → Fix Released
status: New → Fix Released
Revision history for this message
Andy Whitcroft (apw) wrote : Closing unsupported series nomination.

This bug was nominated against a series that is no longer supported, ie vivid. The bug task representing the vivid nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-armadaxp (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-flo (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-lts-quantal (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-lts-saucy (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-lts-trusty (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-lts-utopic (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-lts-vivid (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-mako (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-raspi2 (Ubuntu Vivid):
status: New → Won't Fix
Andy Whitcroft (apw)
Changed in linux-ti-omap4 (Ubuntu Vivid):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.