** Tags added: kernel-cve-tracking-bug
** Summary changed:
- overlay setattr vulnerability
+ 2015-8660
** Summary changed:
- 2015-8660
+ CVE-2015-8660
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bu
This bug was fixed in the package linux-lts-vivid - 3.19.0-43.49~14.04.1
---
linux-lts-vivid (3.19.0-43.49~14.04.1) trusty; urgency=low
[ Andy Whitcroft ]
* Release Tracking Bug
- LP: #1529971
[ Upstream Kernel Changes ]
* ovl: fix permission checking for setattr
-
This bug was fixed in the package linux-raspi2 - 4.2.0-1018.25
---
linux-raspi2 (4.2.0-1018.25) wily; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1529992
* rebased on Ubuntu-4.2.0-23.28
[ Ubuntu: 4.2.0-23.28 ]
* Release Tracking Bug
- LP: #1529361
This bug was fixed in the package linux-raspi2 - 4.2.0-1018.25
---
linux-raspi2 (4.2.0-1018.25) wily; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1529992
* rebased on Ubuntu-4.2.0-23.28
[ Ubuntu: 4.2.0-23.28 ]
* Release Tracking Bug
- LP: #1529361
This bug was fixed in the package linux-lts-wily - 4.2.0-23.28~14.04.1
---
linux-lts-wily (4.2.0-23.28~14.04.1) trusty; urgency=low
[ Andy Whitcroft ]
* Release Tracking Bug
- LP: #1529993
[ Upstream Kernel Changes ]
* ovl: fix permission checking for setattr
- LP:
This bug was fixed in the package linux-lts-wily - 4.2.0-23.28~14.04.1
---
linux-lts-wily (4.2.0-23.28~14.04.1) trusty; urgency=low
[ Andy Whitcroft ]
* Release Tracking Bug
- LP: #1529993
[ Upstream Kernel Changes ]
* ovl: fix permission checking for setattr
- LP:
This bug was fixed in the package linux - 3.19.0-43.49
---
linux (3.19.0-43.49) vivid; urgency=low
[ Andy Whitcroft ]
* Release Tracking Bug
- LP: #1529362
[ Upstream Kernel Changes ]
* ovl: fix permission checking for setattr
- LP: #1528904
- CVE-2015-8660
--
This bug was fixed in the package linux - 4.2.0-23.28
---
linux (4.2.0-23.28) wily; urgency=low
[ Andy Whitcroft ]
* Release Tracking Bug
- LP: #1529361
[ Upstream Kernel Changes ]
* ovl: fix permission checking for setattr
- LP: #1528904
- CVE-2015-8660
-- An
This bug was fixed in the package linux - 4.2.0-23.28
---
linux (4.2.0-23.28) wily; urgency=low
[ Andy Whitcroft ]
* Release Tracking Bug
- LP: #1529361
[ Upstream Kernel Changes ]
* ovl: fix permission checking for setattr
- LP: #1528904
- CVE-2015-8660
-- An
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-armadaxp (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-lts-quantal
** Description changed:
- http://www.openwall.com/lists/oss-security/2015/12/23/5
-
-
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=acff81ec2c79492b180fade3c2894425cd35a545
-
- This allows unprivileged users to change attributes on root-owned files.
+ The ovl_setatt
I have installed VMs with the various combinations and tried the POC as
supplied with each. I confirm that only vivid and later are exposed by
the exploit.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.laun
** Changed in: linux (Ubuntu)
Status: Confirmed => Triaged
** Changed in: linux (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1528904
Tit
Making this bug public since all the details in this bug are already
public.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8660
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Kernel
P
14 matches
Mail list logo
