[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
** No longer affects: lxc (Ubuntu) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-goldfish in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Won't Fix Status in linux-lts-raring package in Ubuntu: Won't Fix Status in linux-lts-saucy package in Ubuntu: Won't Fix Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-lts-xenial package in Ubuntu: New Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-snapdragon package in Ubuntu: New Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." Break-Fix: - local-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
** Description changed: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." + + Break-Fix: - local-2015-8709 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Won't Fix Status in linux-lts-raring package in Ubuntu: Won't Fix Status in linux-lts-saucy package in Ubuntu: Won't Fix Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-lts-xenial package in Ubuntu: New Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-snapdragon package in Ubuntu: New Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." Break-Fix: - local-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
** No longer affects: linux-lts-trusty (Ubuntu) ** Changed in: linux-lts-quantal (Ubuntu) Importance: Undecided => Medium ** Changed in: linux-lts-quantal (Ubuntu) Status: Confirmed => Won't Fix ** Changed in: linux-lts-raring (Ubuntu) Importance: Undecided => Medium ** Changed in: linux-lts-raring (Ubuntu) Status: Confirmed => Won't Fix ** Changed in: linux-lts-saucy (Ubuntu) Importance: Undecided => Medium ** Changed in: linux-lts-saucy (Ubuntu) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Won't Fix Status in linux-lts-raring package in Ubuntu: Won't Fix Status in linux-lts-saucy package in Ubuntu: Won't Fix Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-lts-xenial package in Ubuntu: New Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
** Branch linked: lp:~ubuntu-branches/ubuntu/trusty/linux-lts-wily /trusty-security ** Branch linked: lp:~ubuntu-branches/ubuntu/trusty/linux-lts-wily /trusty-proposed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-lts-xenial package in Ubuntu: New Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
** Branch linked: lp:ubuntu/trusty-security/linux-lts-vivid ** Branch linked: lp:ubuntu/trusty-proposed/linux-lts-vivid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-lts-xenial package in Ubuntu: New Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
** Description changed: - A kernel bug in user namespaces allows root in a container to ptrace - host-root-owned tasks during a window of opportunity during lxc-attach / - 'lxc exec', before they drop privilege by doing setuid to the container - root uid. + ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 + mishandles uid and gid mappings, which allows local users to gain + privileges by establishing a user namespace, waiting for a root process + to enter that namespace with an unsafe uid or gid, and then using the + ptrace system call. NOTE: the vendor states "there is no kernel bug + here." -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
This bug was fixed in the package linux - 4.3.0-6.17 --- linux (4.3.0-6.17) xenial; urgency=low [ Tim Gardner ] * Release Tracking Bug - LP: #1532958 [ Eric Dumazet ] * SAUCE: (noup) net: fix IP early demux races - LP: #1526946 [ Guilherme G. Piccoli ] * SAUCE: powerpc/eeh: Validate arch in eeh_add_device_early() - LP: #1486180 [ Hui Wang ] * [Config] CONFIG_I2C_DESIGNWARE_BAYTRAIL=y, CONFIG_IOSF_MBI=y - LP: #1527096 [ Jann Horn ] * ptrace: being capable wrt a process requires mapped uids/gids - LP: #1527374 [ Serge Hallyn ] * SAUCE: add a sysctl to disable unprivileged user namespace unsharing [ Tim Gardner ] * [Config] CONFIG_ZONE_DEVICE=y for amd64 * [Config] CONFIG_VIRTIO_BLK=y, CONFIG_VIRTIO_NET=y for s390 - LP: #1532886 [ Upstream Kernel Changes ] * rhashtable: Fix walker list corruption - LP: #1526811 * rhashtable: Kill harmless RCU warning in rhashtable_walk_init - LP: #1526811 * ovl: fix permission checking for setattr - LP: #1528904 - CVE-2015-8660 -- Tim Gardner Thu, 17 Dec 2015 05:34:47 -0700 ** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8660 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
** Tags added: kernel-cve-tracking-bug -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxc (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-flo (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-ti-omap4 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-armadaxp (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-manta (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-goldfish (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-mako (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-lts-trusty (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-lts-saucy (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-lts-quantal (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-lts-raring (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Confirmed Status in linux-lts-raring package in Ubuntu: Confirmed Status in linux-lts-saucy package in Ubuntu: Confirmed Status in linux-lts-trusty package in Ubuntu: Confirmed Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1527374] Re: CVE-2015-8709
** Summary changed: - privilege escalation on attach through ptrace + CVE-2015-8709 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp