This bug was fixed in the package linux-ec2 - 2.6.32-375.92 --------------- linux-ec2 (2.6.32-375.92) lucid; urgency=low
[ Stefan Bader ] * Rebased to Ubuntu-2.6.32-71.138 * Xen: x86, 64-bit: Move K8 B step iret fixup to fault entry asm - LP: #1403918 * Xen: x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels - LP: #1403918 * Xen: x86-32, espfix: Remove filter for espfix32 due to race - LP: #1403918 * Xen: x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack - LP: #1403918 * Xen: x86, espfix: Make espfix64 a Kconfig option, fix UML - LP: #1403918 * Xen: x86, espfix: Make it possible to disable 16-bit support - LP: #1403918 * Xen: x86_64/entry/xen: Do not invoke espfix64 on Xen - LP: #1403918 * Xen: [Config] Enable CONFIG_X86_16BIT * Rebased to Ubuntu-2.6.32-72.139 * Release Tracking Bug - LP: #1411354 [ Ubuntu: 2.6.32-72.139 ] * isofs: Fix infinite looping over CE entries - LP: #1407947 - CVE-2014-9420 * x86/tls: Validate TLS entries to protect espfix - LP: #1403852 - CVE-2014-8133 [ Ubuntu: 2.6.32-71.138 ] * [Config] updateconfigs CONFIG_X86_16BIT=y after v2.6.32.65 update * KVM: x86: Check non-canonical addresses upon WRMSR - LP: #1384539 - CVE-2014-3610 * KVM: x86: Improve thread safety in pit - LP: #1384540 - CVE-2014-3611 * net:socket: set msg_namelen to 0 if msg_name is passed as NULL in msghdr struct from userland. - LP: #1335478 * x86, 64-bit: Move K8 B step iret fixup to fault entry asm - LP: #1403918 * x86-64: Adjust frame type at paranoid_exit: - LP: #1403918 * x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels - LP: #1403918 * x86-32, espfix: Remove filter for espfix32 due to race - LP: #1403918 * x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack - LP: #1403918 * x86, espfix: Move espfix definitions into a separate header file - LP: #1403918 * x86, espfix: Fix broken header guard - LP: #1403918 * x86, espfix: Make espfix64 a Kconfig option, fix UML - LP: #1403918 * x86, espfix: Make it possible to disable 16-bit support - LP: #1403918 * x86_64/entry/xen: Do not invoke espfix64 on Xen - LP: #1403918 * x86/espfix/xen: Fix allocation of pages for paravirt page tables - LP: #1403918 * x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C - LP: #1403918 * x86_64, traps: Rework bad_iret - LP: #1403918 -- Stefan Bader <stefan.ba...@canonical.com> Thu, 18 Dec 2014 18:20:27 +0100 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1403852 Title: CVE-2014-8133 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Invalid Status in linux-ec2 package in Ubuntu: Invalid Status in linux-flo package in Ubuntu: New Status in linux-fsl-imx51 package in Ubuntu: Invalid Status in linux-goldfish package in Ubuntu: New Status in linux-lts-backport-maverick package in Ubuntu: New Status in linux-lts-backport-natty package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: Invalid Status in linux-lts-raring package in Ubuntu: Invalid Status in linux-lts-saucy package in Ubuntu: Invalid Status in linux-lts-trusty package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: Invalid Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-mvl-dove package in Ubuntu: Invalid Status in linux-ti-omap4 package in Ubuntu: Invalid Status in linux source package in Lucid: Fix Released Status in linux-armadaxp source package in Lucid: Invalid Status in linux-ec2 source package in Lucid: Fix Released Status in linux-flo source package in Lucid: Invalid Status in linux-fsl-imx51 source package in Lucid: Invalid Status in linux-goldfish source package in Lucid: Invalid Status in linux-lts-backport-maverick source package in Lucid: New Status in linux-lts-backport-natty source package in Lucid: New Status in linux-lts-quantal source package in Lucid: Invalid Status in linux-lts-raring source package in Lucid: Invalid Status in linux-lts-saucy source package in Lucid: Invalid Status in linux-lts-trusty source package in Lucid: Invalid Status in linux-lts-utopic source package in Lucid: Invalid Status in linux-mako source package in Lucid: Invalid Status in linux-manta source package in Lucid: Invalid Status in linux-mvl-dove source package in Lucid: Invalid Status in linux-ti-omap4 source package in Lucid: Invalid Status in linux source package in Precise: Fix Committed Status in linux-armadaxp source package in Precise: Fix Committed Status in linux-ec2 source package in Precise: Invalid Status in linux-flo source package in Precise: Invalid Status in linux-fsl-imx51 source package in Precise: Invalid Status in linux-goldfish source package in Precise: Invalid Status in linux-lts-backport-maverick source package in Precise: New Status in linux-lts-backport-natty source package in Precise: New Status in linux-lts-quantal source package in Precise: New Status in linux-lts-raring source package in Precise: Invalid Status in linux-lts-saucy source package in Precise: New Status in linux-lts-trusty source package in Precise: New Status in linux-lts-utopic source package in Precise: Invalid Status in linux-mako source package in Precise: Invalid Status in linux-manta source package in Precise: Invalid Status in linux-mvl-dove source package in Precise: Invalid Status in linux-ti-omap4 source package in Precise: Fix Committed Status in linux source package in Trusty: New Status in linux-armadaxp source package in Trusty: Invalid Status in linux-ec2 source package in Trusty: Invalid Status in linux-flo source package in Trusty: Invalid Status in linux-fsl-imx51 source package in Trusty: Invalid Status in linux-goldfish source package in Trusty: Invalid Status in linux-lts-backport-maverick source package in Trusty: New Status in linux-lts-backport-natty source package in Trusty: New Status in linux-lts-quantal source package in Trusty: Invalid Status in linux-lts-raring source package in Trusty: Invalid Status in linux-lts-saucy source package in Trusty: Invalid Status in linux-lts-trusty source package in Trusty: Invalid Status in linux-lts-utopic source package in Trusty: New Status in linux-mako source package in Trusty: Invalid Status in linux-manta source package in Trusty: Invalid Status in linux-mvl-dove source package in Trusty: Invalid Status in linux-ti-omap4 source package in Trusty: Invalid Status in linux source package in Utopic: New Status in linux-armadaxp source package in Utopic: Invalid Status in linux-ec2 source package in Utopic: Invalid Status in linux-flo source package in Utopic: New Status in linux-fsl-imx51 source package in Utopic: Invalid Status in linux-goldfish source package in Utopic: New Status in linux-lts-backport-maverick source package in Utopic: New Status in linux-lts-backport-natty source package in Utopic: New Status in linux-lts-quantal source package in Utopic: Invalid Status in linux-lts-raring source package in Utopic: Invalid Status in linux-lts-saucy source package in Utopic: Invalid Status in linux-lts-trusty source package in Utopic: Invalid Status in linux-lts-utopic source package in Utopic: Invalid Status in linux-mako source package in Utopic: New Status in linux-manta source package in Utopic: New Status in linux-mvl-dove source package in Utopic: Invalid Status in linux-ti-omap4 source package in Utopic: Invalid Status in linux source package in Vivid: Fix Committed Status in linux-armadaxp source package in Vivid: Invalid Status in linux-ec2 source package in Vivid: Invalid Status in linux-flo source package in Vivid: New Status in linux-fsl-imx51 source package in Vivid: Invalid Status in linux-goldfish source package in Vivid: New Status in linux-lts-backport-maverick source package in Vivid: New Status in linux-lts-backport-natty source package in Vivid: New Status in linux-lts-quantal source package in Vivid: Invalid Status in linux-lts-raring source package in Vivid: Invalid Status in linux-lts-saucy source package in Vivid: Invalid Status in linux-lts-trusty source package in Vivid: Invalid Status in linux-lts-utopic source package in Vivid: Invalid Status in linux-mako source package in Vivid: New Status in linux-manta source package in Vivid: New Status in linux-mvl-dove source package in Vivid: Invalid Status in linux-ti-omap4 source package in Vivid: Invalid Bug description: arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value. Break-Fix: - 41bdc78544b8a93a9c6814b8bbbfef966272abbe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1403852/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp