** Tags added: cscc
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To manage notifications about this bug go to:
https://bugs.lau
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To manage
utopic has seen the end of its life and is no longer receiving any
updates. Marking the utopic task for this ticket as "Won't Fix".
** Changed in: linux (Ubuntu Utopic)
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4036
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To ma
This bug was fixed in the package linux - 3.13.0-54.91
---
linux (3.13.0-54.91) trusty; urgency=medium
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1458618
[ Upstream Kernel Changes ]
* [3.13-stable only] Revert "gianfar: Carefully free skbs in functions
called
This bug was fixed in the package linux - 3.13.0-54.91
---
linux (3.13.0-54.91) trusty; urgency=medium
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1458618
[ Upstream Kernel Changes ]
* [3.13-stable only] Revert "gianfar: Carefully free skbs in functions
called
** Tags removed: verification-needed-trusty
** Tags added: verification-done-trusty
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
trusty' to 'verification-done-trusty'.
If verification is not done by 5 working days from t
** Changed in: linux (Ubuntu Trusty)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
T
I've sent my backport of commit fb5ef9e7 for upstream to be included in
the stable kernels. I'll also send an SRU request for Trusty, Utopic
and Vivid.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/13
** Changed in: linux (Ubuntu Trusty)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To ma
** Changed in: linux (Ubuntu Trusty)
Status: In Progress => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To ma
s/truty/trusty/g
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To manage notifications about this bug go to:
https://bugs.launch
Joseph, I've tried the kernel on a truty system, looks good for me, the
cat command isn't terminate prematurely.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal
I backported commit fb5ef9e7 and built a Vivid test kernel with it. This
kernel can be downloaded from:
http://kernel.ubuntu.com/~jsalisbury/lp1381005/
I tested the kernel on one of my machines and it seemed to fix this bug.
Can other folks that can reproduce this bug test the kernel and post
b
I believe this is the commit we need:
commit fb5ef9e7da39968fec6d6f37f20a23d23740c75e
Author: Peter Hurley
Date: Fri Jan 16 15:05:39 2015 -0500
n_tty: Fix read buffer overwrite when no newline
It does not cherry pick cleanly, but I'll backport it and build a test
kernel. I'll post a link
I was able to reproduce this in Trusty. However, this seems to be fixed
in mainline as early as v4.0-rc1. I'll figure out which commit fixes
this and then have is SRU'd and request it in upstream stable, if it
wasn't already.
--
You received this bug notification because you are a member of Ubu
I can still reproduce this with 3.19 in vivid.
** Changed in: linux (Ubuntu)
Status: Expired => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from termina
[Expired for linux (Ubuntu) because there has been no activity for 60
days.]
** Changed in: linux (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
T
Would it be possible for you to test the latest upstream kernel? Refer
to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest
v3.18 kernel[0].
If this bug is fixed in the mainline kernel, please add the following
tag 'kernel-fixed-upstream'.
If the mainline kernel does not fix t
** Package changed: ubuntu => linux (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To manage notifications about this bu
Yes, this is definitely related. Also I can repro bypassing libc
(calling the read syscall directly) so the bug must be in kernel land.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
L
This looks related: http://lists.openwall.net/linux-
kernel/2013/12/02/707
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To mana
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: ubuntu
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin f
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381005
Title:
Long stdin from terminal can result in code execution
To manage not
25 matches
Mail list logo