[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Information type changed from Public to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-0069 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-3601 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-5077 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-5472 ** Summary changed: - CVE-2014-0069: CIFS -- add hardening patch + CIFS: sanity check length of data to send before sending -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CIFS: sanity check length of data to send before sending To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Changed in: linux (Ubuntu) Status: Invalid = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Changed in: linux (Ubuntu) Status: Fix Released = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
This bug was fixed in the package linux - 3.13.0-36.63 --- linux (3.13.0-36.63) trusty; urgency=low [ Joseph Salisbury ] * Release Tracking Bug - LP: #1365052 [ Feng Kan ] * SAUCE: (no-up) irqchip:gic: change access of gicc_ctrl register to read modify write. - LP: #1357527 * SAUCE: (no-up) arm64: optimized copy_to_user and copy_from_user assembly code - LP: #1358949 [ Ming Lei ] * SAUCE: (no-up) Drop APM X-Gene SoC Ethernet driver - LP: #1360140 * [Config] Drop XGENE entries - LP: #1360140 * [Config] CONFIG_NET_XGENE=m for arm64 - LP: #1360140 [ Stefan Bader ] * SAUCE: Add compat macro for skb_get_hash - LP: #1358162 * SAUCE: bcache: prevent crash on changing writeback_running - LP: #1357295 [ Suman Tripathi ] * SAUCE: (no-up) arm64: Fix the csr-mask for APM X-Gene SoC AHCI SATA PHY clock DTS node. - LP: #1359489 * SAUCE: (no-up) ahci_xgene: Skip the PHY and clock initialization if already configured by the firmware. - LP: #1359501 * SAUCE: (no-up) ahci_xgene: Fix the link down in first attempt for the APM X-Gene SoC AHCI SATA host controller driver. - LP: #1359507 [ Tuan Phan ] * SAUCE: (no-up) pci-xgene-msi: fixed deadlock in irq_set_affinity - LP: #1359514 [ Upstream Kernel Changes ] * iwlwifi: mvm: Add a missed beacons threshold - LP: #1349572 * mac80211: reset probe_send_count also in HW_CONNECTION_MONITOR case - LP: #1349572 * genirq: Add an accessor for IRQ_PER_CPU flag - LP: #1357527 * arm64: perf: add support for percpu pmu interrupt - LP: #1357527 * cifs: sanity check length of data to send before sending - LP: #1283101 * KVM: nVMX: Pass vmexit parameters to nested_vmx_vmexit - LP: #1329434 * KVM: nVMX: Rework interception of IRQs and NMIs - LP: #1329434 * KVM: vmx: disable APIC virtualization in nested guests - LP: #1329434 * HID: Add transport-driver functions to the USB HID interface. - LP: #1353021 * ahci_xgene: Removing NCQ support from the APM X-Gene SoC AHCI SATA Host Controller driver. - LP: #1358498 * fold d_kill() and d_free() - LP: #1354234 * fold try_prune_one_dentry() - LP: #1354234 * new helper: dentry_free() - LP: #1354234 * expand the call of dentry_lru_del() in dentry_kill() - LP: #1354234 * dentry_kill(): don't try to remove from shrink list - LP: #1354234 * don't remove from shrink list in select_collect() - LP: #1354234 * more graceful recovery in umount_collect() - LP: #1354234 * dcache: don't need rcu in shrink_dentry_list() - LP: #1354234 * lift the already marked killed case into shrink_dentry_list() * split dentry_kill() - LP: #1354234 * expand dentry_kill(dentry, 0) in shrink_dentry_list() - LP: #1354234 * shrink_dentry_list(): take parent's -d_lock earlier - LP: #1354234 * dealing with the rest of shrink_dentry_list() livelock - LP: #1354234 * dentry_kill() doesn't need the second argument now - LP: #1354234 * dcache: add missing lockdep annotation - LP: #1354234 * fs: convert use of typedef ctl_table to struct ctl_table - LP: #1354234 * lock_parent: don't step on stale -d_parent of all-but-freed one - LP: #1354234 * tools/testing/selftests/ptrace/peeksiginfo.c: add PAGE_SIZE definition - LP: #1358855 * x86, irq, pic: Probe for legacy PIC and set legacy_pic appropriately - LP: #1317697 * bnx2x: Fix kernel crash and data miscompare after EEH recovery - LP: #1353105 * bnx2x: Adapter not recovery from EEH error injection - LP: #1353105 * Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE - LP: #1359670 * bcache: fix crash on shutdown in passthrough mode - LP: #1357295 * bcache: fix uninterruptible sleep in writeback thread - LP: #1357295 * namespaces: Use task_lock and not rcu to protect nsproxy - LP: #1328088 * MAINTAINERS: Add entry for APM X-Gene SoC ethernet driver - LP: #1360140 * Documentation: dts: Add bindings for APM X-Gene SoC ethernet driver - LP: #1360140 * dts: Add bindings for APM X-Gene SoC ethernet driver - LP: #1360140 * drivers: net: Add APM X-Gene SoC ethernet driver support. - LP: #1360140 * powerpc/mm: Add new set flag argument to pte/pmd update function - LP: #1357014 * powerpc/thp: Add write barrier after updating the valid bit - LP: #1357014 * powerpc/thp: Don't recompute vsid and ssize in loop on invalidate - LP: #1357014 * powerpc/thp: Invalidate old 64K based hash page mapping before insert of 4k pte - LP: #1357014 * powerpc/thp: Handle combo pages in invalidate - LP: #1357014 * powerpc/thp: Invalidate with vpn in loop - LP: #1357014 * powerpc/thp: Use ACCESS_ONCE when loading pmdp - LP: #1357014 * powerpc/mm: Use read barrier when creating real_pte - LP: #1357014 * powerpc/thp: Add tracepoints to track hugepage
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Branch linked: lp:ubuntu/precise-security/linux-lts-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Tags removed: verification-needed-trusty ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- trusty' to 'verification-done-trusty'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Branch linked: lp:ubuntu/precise-proposed/linux-lts-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Branch linked: lp:ubuntu/trusty-proposed/linux-keystone -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Changed in: linux (Ubuntu Trusty) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Changed in: linux (Ubuntu Saucy) Status: Confirmed = Won't Fix ** Changed in: linux-lts-raring (Ubuntu Precise) Status: Confirmed = Won't Fix ** Changed in: linux-lts-saucy (Ubuntu Precise) Status: Confirmed = Won't Fix ** Changed in: linux-ti-omap4 (Ubuntu Saucy) Status: Confirmed = Won't Fix ** Changed in: linux (Ubuntu Lucid) Status: Confirmed = Won't Fix ** Changed in: linux-ec2 (Ubuntu Lucid) Status: Confirmed = Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Changed in: linux (Ubuntu) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Changed in: linux (Ubuntu Quantal) Status: Confirmed = Won't Fix ** Changed in: linux-lts-quantal (Ubuntu Precise) Status: Confirmed = Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Changed in: linux-ti-omap4 (Ubuntu Quantal) Status: Confirmed = Won't Fix ** Changed in: linux-armadaxp (Ubuntu Quantal) Status: Confirmed = Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Changed in: linux (Ubuntu) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Summary changed: - CVE-2014-0069: add hardening patch + CVE-2014-0069: CIFS -- add hardening patch ** Description changed: This CVE was fixed under 5d81de8e8667da7135d3a32a964087c0faf5483f but there is a second fix which will make this much safer going forward against other bugs: http://article.gmane.org/gmane.linux.kernel.cifs/9402 Makes sense to put this into any release which needs it. - # from cifs branch for-next (may change again yet) + # As applied to linus' tree Break-fix: - a26054d184763969a411e3939fe243516715ff59 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1283101 Title: CVE-2014-0069: CIFS -- add hardening patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs