This bug was fixed in the package linux-lts-quantal - 3.5.0-54.81~precise1 --------------- linux-lts-quantal (3.5.0-54.81~precise1) precise; urgency=low
[ Upstream Kernel Changes ] * l2tp: Privilege escalation in ppp over l2tp sockets - LP: #1341472 - CVE-2014-4943 linux-lts-quantal (3.5.0-54.80~precise1) precise; urgency=low [ Luis Henriques ] * Merged back Ubuntu-lts-3.5.0-52.79 security release * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)" - LP: #1337339 * Release Tracking Bug - LP: #1338611 [ Upstream Kernel Changes ] * ptrace,x86: force IRET path after a ptrace_stop() - LP: #1337339 - CVE-2014-4699 linux-lts-quantal (3.5.0-53.79~precise1) precise; urgency=low [ Joseph Salisbury ] * Release Tracking Bug - LP: #1336400 [ Upstream Kernel Changes ] * skbuff: export skb_copy_ubufs - LP: #1298119 - CVE-2014-0131 * skbuff: add an api to orphan frags - LP: #1298119 - CVE-2014-0131 * skbuff: skb_segment: orphan frags before copying - LP: #1298119 - CVE-2014-0131 * media-device: fix infoleak in ioctl media_enum_entities() - LP: #1333609 - CVE-2014-1739 * auditsc: audit_krule mask accesses need bounds checking - LP: #1325941 - CVE-2014-3917 * userns: Allow chown and setgid preservation - LP: #1329103 - CVE-2014-4014 * fs,userns: Change inode_capable to capable_wrt_inode_uidgid - LP: #1329103 - CVE-2014-4014 * target/rd: Refactor rd_build_device_space + rd_release_device_space - LP: #1333612 - CVE-2014-4027 * lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c - CVE-2014-4608 * lib/lzo: Update LZO compression to current upstream version - CVE-2014-4608 * lzo: properly check for overruns - CVE-2014-4608 -- Luis Henriques <luis.henriq...@canonical.com> Mon, 14 Jul 2014 15:28:36 +0100 ** Changed in: linux-lts-quantal (Ubuntu Precise) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-0131 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-1739 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-3917 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-4027 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-4608 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-4699 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-4943 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1329103 Title: CVE-2014-4014 Status in “linux” package in Ubuntu: Fix Committed Status in “linux-armadaxp” package in Ubuntu: Invalid Status in “linux-ec2” package in Ubuntu: Invalid Status in “linux-fsl-imx51” package in Ubuntu: Invalid Status in “linux-lts-backport-maverick” package in Ubuntu: New Status in “linux-lts-backport-natty” package in Ubuntu: New Status in “linux-lts-quantal” package in Ubuntu: Invalid Status in “linux-lts-raring” package in Ubuntu: Invalid Status in “linux-lts-saucy” package in Ubuntu: Invalid Status in “linux-mvl-dove” package in Ubuntu: Invalid Status in “linux-ti-omap4” package in Ubuntu: Invalid Status in “linux” source package in Lucid: New Status in “linux-armadaxp” source package in Lucid: Invalid Status in “linux-ec2” source package in Lucid: New Status in “linux-fsl-imx51” source package in Lucid: Invalid Status in “linux-lts-backport-maverick” source package in Lucid: Won't Fix Status in “linux-lts-backport-natty” source package in Lucid: Won't Fix Status in “linux-lts-quantal” source package in Lucid: Invalid Status in “linux-lts-raring” source package in Lucid: Invalid Status in “linux-lts-saucy” source package in Lucid: Invalid Status in “linux-mvl-dove” source package in Lucid: Invalid Status in “linux-ti-omap4” source package in Lucid: Invalid Status in “linux” source package in Precise: New Status in “linux-armadaxp” source package in Precise: New Status in “linux-ec2” source package in Precise: Invalid Status in “linux-fsl-imx51” source package in Precise: Invalid Status in “linux-lts-backport-maverick” source package in Precise: Won't Fix Status in “linux-lts-backport-natty” source package in Precise: Won't Fix Status in “linux-lts-quantal” source package in Precise: Fix Released Status in “linux-lts-raring” source package in Precise: Fix Released Status in “linux-lts-saucy” source package in Precise: Fix Committed Status in “linux-mvl-dove” source package in Precise: Invalid Status in “linux-ti-omap4” source package in Precise: New Status in “linux” source package in Saucy: Fix Committed Status in “linux-armadaxp” source package in Saucy: Invalid Status in “linux-ec2” source package in Saucy: Invalid Status in “linux-fsl-imx51” source package in Saucy: Invalid Status in “linux-lts-backport-maverick” source package in Saucy: Won't Fix Status in “linux-lts-backport-natty” source package in Saucy: Won't Fix Status in “linux-lts-quantal” source package in Saucy: Invalid Status in “linux-lts-raring” source package in Saucy: Invalid Status in “linux-lts-saucy” source package in Saucy: Invalid Status in “linux-mvl-dove” source package in Saucy: Invalid Status in “linux-ti-omap4” source package in Saucy: New Status in “linux” source package in Trusty: New Status in “linux-armadaxp” source package in Trusty: Invalid Status in “linux-ec2” source package in Trusty: Invalid Status in “linux-fsl-imx51” source package in Trusty: Invalid Status in “linux-lts-backport-maverick” source package in Trusty: Won't Fix Status in “linux-lts-backport-natty” source package in Trusty: Won't Fix Status in “linux-lts-quantal” source package in Trusty: Invalid Status in “linux-lts-raring” source package in Trusty: Invalid Status in “linux-lts-saucy” source package in Trusty: Invalid Status in “linux-mvl-dove” source package in Trusty: Invalid Status in “linux-ti-omap4” source package in Trusty: Invalid Status in “linux” source package in Utopic: Fix Committed Status in “linux-armadaxp” source package in Utopic: Invalid Status in “linux-ec2” source package in Utopic: Invalid Status in “linux-fsl-imx51” source package in Utopic: Invalid Status in “linux-lts-backport-maverick” source package in Utopic: Won't Fix Status in “linux-lts-backport-natty” source package in Utopic: Won't Fix Status in “linux-lts-quantal” source package in Utopic: Invalid Status in “linux-lts-raring” source package in Utopic: Invalid Status in “linux-lts-saucy” source package in Utopic: Invalid Status in “linux-mvl-dove” source package in Utopic: Invalid Status in “linux-ti-omap4” source package in Utopic: Invalid Bug description: The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root. Break-Fix: - 23adbe12ef7d3d4195e80800ab36b37bee28cd03 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1329103/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp