This bug was fixed in the package linux-armadaxp - 3.2.0-1636.53
---------------
linux-armadaxp (3.2.0-1636.53) precise; urgency=low
[ Andy Whitcroft ]
* rebase to Ubuntu-3.2.0-67.101
[ Ubuntu: 3.2.0-67.101 ]
* l2tp: Privilege escalation in ppp over l2tp sockets
- LP: #1341472
- CVE-2014-4943
linux-armadaxp (3.2.0-1636.52) precise; urgency=low
[ Ike Panhc ]
* Release Tracking Bug
- LP: #1338870
* Rebase to Ubuntu-3.2.0-67.100
[ Ubuntu: 3.2.0-67.100 ]
* Merged back Ubuntu-3.2.0-65.99 security release
* Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
- LP: #1337339
* Release Tracking Bug
- LP: #1338654
* ptrace,x86: force IRET path after a ptrace_stop()
- LP: #1337339
- CVE-2014-4699
linux-armadaxp (3.2.0-1636.51) precise-proposed; urgency=low
[ Ike Panhc ]
* Release Tracking Bug
- LP: #1336144
* Rebase to Ubuntu-3.2.0-66.99
[ Ubuntu: 3.2.0-66.99 ]
* Release Tracking Bug
- LP: #1335906
* skbuff: export skb_copy_ubufs
- LP: #1298119
- CVE-2014-0131
* skbuff: add an api to orphan frags
- LP: #1298119
- CVE-2014-0131
* skbuff: skb_segment: orphan frags before copying
- LP: #1298119
- CVE-2014-0131
* lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c
- CVE-2014-4608
* lib/lzo: Update LZO compression to current upstream version
- CVE-2014-4608
* lzo: properly check for overruns
- CVE-2014-4608
* KVM: x86 emulator: add support for vector alignment
- LP: #1330177
* KVM: x86: emulate movdqa
- LP: #1330177
-- Andy Whitcroft <a...@canonical.com> Tue, 15 Jul 2014 10:19:39 +0100
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4608
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4699
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4943
** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1739
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3917
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4014
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-4027
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1298119
Title:
CVE-2014-0131
Status in “linux” package in Ubuntu:
Invalid
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
Won't Fix
Status in “linux-lts-backport-natty” package in Ubuntu:
Won't Fix
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Invalid
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Invalid
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Committed
Status in “linux-armadaxp” source package in Precise:
Fix Released
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
Won't Fix
Status in “linux-lts-quantal” source package in Precise:
Fix Released
Status in “linux-lts-raring” source package in Precise:
Fix Released
Status in “linux-lts-saucy” source package in Precise:
Fix Committed
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
New
Status in “linux-lts-backport-maverick” source package in Quantal:
Won't Fix
Status in “linux-lts-backport-natty” source package in Quantal:
Won't Fix
Status in “linux” source package in Saucy:
Fix Committed
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
Won't Fix
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
New
Status in “linux” source package in Trusty:
Invalid
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Status in “linux” source package in Utopic:
Invalid
Status in “linux-armadaxp” source package in Utopic:
Invalid
Status in “linux-ec2” source package in Utopic:
Invalid
Status in “linux-fsl-imx51” source package in Utopic:
Invalid
Status in “linux-lts-backport-maverick” source package in Utopic:
Won't Fix
Status in “linux-lts-backport-natty” source package in Utopic:
Won't Fix
Status in “linux-lts-quantal” source package in Utopic:
Invalid
Status in “linux-lts-raring” source package in Utopic:
Invalid
Status in “linux-lts-saucy” source package in Utopic:
Invalid
Status in “linux-mvl-dove” source package in Utopic:
Invalid
Status in “linux-ti-omap4” source package in Utopic:
Invalid
Bug description:
Use-after-free vulnerability in the skb_segment function in
net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers
to obtain sensitive information from kernel memory by leveraging the
absence of a certain orphaning operation.
Break-Fix: a6686f2f382b13f8a7253401a66690c3633b6a74
1fd819ecb90cc9b822cd84d3056ddba315d3340f
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1298119/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
