[Kernel-packages] [Bug 1478826] Re: CVE-2015-5157

Fri, 09 Oct 2015 03:07:26 -0700 

This bug was fixed in the package linux - 4.2.0-15.18

---------------
linux (4.2.0-15.18) wily; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1503692

  [ Andy Whitcroft ]

  * Revert "SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()"
    Was incorrectly backported.

  [ Ben Hutchings ]

  * SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
    - CVE-2015-7312

  [ Tim Gardner ]

  * [Debian] config-check and prepare using ${DEBIAN}/config/annotations
    Makes the LTS update script work better.

linux (4.2.0-15.17) wily; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1503016
  * rebase to v4.2.3

  [ Andrew Donnellan ]

  * SAUCE: cxl: fix leak of IRQ names in cxl_free_afu_irqs()
  * SAUCE: cxl: fix leak of ctx->irq_bitmap when releasing context via
    kernel API
  * SAUCE: cxl: fix leak of ctx->mapping when releasing kernel API contexts

  [ Ben Hutchings ]

  * SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
    - CVE-2015-7312

  [ Dan Carpenter ]

  * SAUCE: (noup) cxlflash: a couple off by one bugs
    - LP: #1499849

  [ John Johansen ]

  * SAUCE: (no-up) apparmor: fix mount not handling disconnected paths
    - LP: #1496430

  [ Manoj Kumar ]

  * SAUCE: (noup) cxlflash: Fix to avoid invalid port_sel value
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Replace magic numbers with literals
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix read capacity timeout
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to double the delay each time
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to escalate to LINK_RESET on login timeout
    - LP: #1499849

  [ Matthew R. Ochs ]

  * SAUCE: (noup) cxlflash: Fix potential oops following LUN removal
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix data corruption when vLUN used over
    multiple cards
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid sizeof(bool)
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix context encode mask width
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid CXL services during EEH
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct naming of limbo state and waitq
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Make functions static
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Refine host/device attributes
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid spamming the kernel log
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid stall while waiting on TMF
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix location of setting resid
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix host link up event handling
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix async interrupt bypass logic
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Remove dual port online dependency
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix AFU version access/storage and add check
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct usage of scsi_host_put()
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to prevent workq from accessing freed
    memory
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct behavior in device reset handler
    following EEH
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Remove unnecessary scsi_block_requests
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix function prolog parameters and return codes
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix MMIO and endianness errors
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to prevent EEH recovery failure
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct spelling, grammar, and alignment
    mistakes
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to prevent stale AFU RRQ
    - LP: #1499849
  * SAUCE: (noup) MAINTAINERS: Add cxlflash driver
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid corrupting adapter fops
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct trace string
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid potential deadlock on EEH
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid leaving dangling interrupt
    resources
    - LP: #1499849

  [ Philippe Bergheaud ]

  * SAUCE: cxl: Workaround malformed pcie packets on some cards

  [ Tim Gardner ]

  * [Config] CONFIG_CC_STACKPROTECTOR_STRONG=y
    - LP: #1380025
  * [Config] Add MMC modules sufficient for net booting
    - LP: #1502772

  [ Upstream Kernel Changes ]

  * Initialize msg/shm IPC objects before doing ipc_addid()
  * RDS: verify the underlying transport exists before creating a
    connection
  * cxl: abort cxl_pci_enable_device_hook() if PCI channel is offline
  * cxl: Fix build failure due to -Wunused-variable behaviour change
  * cxl: Fix lockdep warning while creating afu_err_buff attribute
  * USB: whiteheat: fix potential null-deref at probe
    - LP: #1478826
    - CVE-2015-5257
  * dcache: Handle escaped paths in prepend_path
    - CVE-2015-2925
  * vfs: Test for and handle paths that are unreachable from their mnt_root
    - CVE-2015-2925
  * hv_netvsc: Add support to set MTU reservation from guest side
    - LP: #1494431
  * hv_netvsc: Add close of RNDIS filter into change mtu call
    - LP: #1494431

 -- Tim Gardner <tim.gard...@canonical.com>  Wed, 07 Oct 2015 07:28:10
-0600

** Changed in: linux (Ubuntu Wily)
       Status: Invalid => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2925

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5257

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-7312

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1478826

Title:
  CVE-2015-5157

Status in linux package in Ubuntu:
  Fix Released
Status in linux-armadaxp package in Ubuntu:
  Invalid
Status in linux-ec2 package in Ubuntu:
  Invalid
Status in linux-flo package in Ubuntu:
  New
Status in linux-fsl-imx51 package in Ubuntu:
  Invalid
Status in linux-goldfish package in Ubuntu:
  New
Status in linux-lts-backport-maverick package in Ubuntu:
  New
Status in linux-lts-backport-natty package in Ubuntu:
  New
Status in linux-lts-quantal package in Ubuntu:
  Invalid
Status in linux-lts-raring package in Ubuntu:
  Invalid
Status in linux-lts-saucy package in Ubuntu:
  Invalid
Status in linux-lts-trusty package in Ubuntu:
  Invalid
Status in linux-lts-utopic package in Ubuntu:
  Invalid
Status in linux-lts-vivid package in Ubuntu:
  Invalid
Status in linux-mako package in Ubuntu:
  New
Status in linux-manta package in Ubuntu:
  New
Status in linux-mvl-dove package in Ubuntu:
  Invalid
Status in linux-ti-omap4 package in Ubuntu:
  Invalid
Status in linux source package in Precise:
  Fix Committed
Status in linux-armadaxp source package in Precise:
  New
Status in linux-ec2 source package in Precise:
  Invalid
Status in linux-flo source package in Precise:
  Invalid
Status in linux-fsl-imx51 source package in Precise:
  Invalid
Status in linux-goldfish source package in Precise:
  Invalid
Status in linux-lts-backport-maverick source package in Precise:
  New
Status in linux-lts-backport-natty source package in Precise:
  New
Status in linux-lts-quantal source package in Precise:
  Invalid
Status in linux-lts-raring source package in Precise:
  Invalid
Status in linux-lts-saucy source package in Precise:
  Invalid
Status in linux-lts-trusty source package in Precise:
  Fix Released
Status in linux-lts-utopic source package in Precise:
  Invalid
Status in linux-lts-vivid source package in Precise:
  Invalid
Status in linux-mako source package in Precise:
  Invalid
Status in linux-manta source package in Precise:
  Invalid
Status in linux-mvl-dove source package in Precise:
  Invalid
Status in linux-ti-omap4 source package in Precise:
  New
Status in linux source package in Trusty:
  Fix Released
Status in linux-armadaxp source package in Trusty:
  Invalid
Status in linux-ec2 source package in Trusty:
  Invalid
Status in linux-flo source package in Trusty:
  Invalid
Status in linux-fsl-imx51 source package in Trusty:
  Invalid
Status in linux-goldfish source package in Trusty:
  Invalid
Status in linux-lts-backport-maverick source package in Trusty:
  New
Status in linux-lts-backport-natty source package in Trusty:
  New
Status in linux-lts-quantal source package in Trusty:
  Invalid
Status in linux-lts-raring source package in Trusty:
  Invalid
Status in linux-lts-saucy source package in Trusty:
  Invalid
Status in linux-lts-trusty source package in Trusty:
  Invalid
Status in linux-lts-utopic source package in Trusty:
  Fix Released
Status in linux-lts-vivid source package in Trusty:
  Fix Released
Status in linux-mako source package in Trusty:
  Invalid
Status in linux-manta source package in Trusty:
  Invalid
Status in linux-mvl-dove source package in Trusty:
  Invalid
Status in linux-ti-omap4 source package in Trusty:
  Invalid
Status in linux source package in Vivid:
  Fix Released
Status in linux-armadaxp source package in Vivid:
  Invalid
Status in linux-ec2 source package in Vivid:
  Invalid
Status in linux-flo source package in Vivid:
  New
Status in linux-fsl-imx51 source package in Vivid:
  Invalid
Status in linux-goldfish source package in Vivid:
  New
Status in linux-lts-backport-maverick source package in Vivid:
  New
Status in linux-lts-backport-natty source package in Vivid:
  New
Status in linux-lts-quantal source package in Vivid:
  Invalid
Status in linux-lts-raring source package in Vivid:
  Invalid
Status in linux-lts-saucy source package in Vivid:
  Invalid
Status in linux-lts-trusty source package in Vivid:
  Invalid
Status in linux-lts-utopic source package in Vivid:
  Invalid
Status in linux-lts-vivid source package in Vivid:
  Invalid
Status in linux-mako source package in Vivid:
  New
Status in linux-manta source package in Vivid:
  New
Status in linux-mvl-dove source package in Vivid:
  Invalid
Status in linux-ti-omap4 source package in Vivid:
  Invalid
Status in linux source package in Wily:
  Fix Released
Status in linux-armadaxp source package in Wily:
  Invalid
Status in linux-ec2 source package in Wily:
  Invalid
Status in linux-flo source package in Wily:
  New
Status in linux-fsl-imx51 source package in Wily:
  Invalid
Status in linux-goldfish source package in Wily:
  New
Status in linux-lts-backport-maverick source package in Wily:
  New
Status in linux-lts-backport-natty source package in Wily:
  New
Status in linux-lts-quantal source package in Wily:
  Invalid
Status in linux-lts-raring source package in Wily:
  Invalid
Status in linux-lts-saucy source package in Wily:
  Invalid
Status in linux-lts-trusty source package in Wily:
  Invalid
Status in linux-lts-utopic source package in Wily:
  Invalid
Status in linux-lts-vivid source package in Wily:
  Invalid
Status in linux-mako source package in Wily:
  New
Status in linux-manta source package in Wily:
  New
Status in linux-mvl-dove source package in Wily:
  Invalid
Status in linux-ti-omap4 source package in Wily:
  Invalid

Bug description:
  arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the
  x86_64 platform mishandles IRET faults in processing NMIs that
  occurred during userspace execution, which might allow local users to
  gain privileges by triggering an NMI.

  Break-Fix: - 9b6e6a8334d56354853f9c255d1395c2ba570e0a

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1478826/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to