[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
** Changed in: linux (Ubuntu Xenial) Status: Incomplete => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: Fix Committed Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
Mitre assigned CVE-2015-8709 for this issue. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8709 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8550 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8551 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8552 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8553 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: Incomplete Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Incomplete Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
** No longer affects: lxd (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: Incomplete Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Incomplete Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
This bug was fixed in the package linux-lts-vivid - 3.19.0-42.48~14.04.1 --- linux-lts-vivid (3.19.0-42.48~14.04.1) trusty; urgency=low [ Kamal Mostafa ] * Release Tracking Bug - LP: #1527519 [ Jann Horn ] * ptrace: being capable wrt a process requires mapped uids/gids - LP: #1527374 linux (3.19.0-42.47) vivid; urgency=low [ Upstream Kernel Changes ] * xen: Add RING_COPY_REQUEST() - CVE-2015-8550 * xen-netback: don't use last request to determine minimum Tx credit - CVE-2015-8550 * xen-netback: use RING_COPY_REQUEST() throughout - CVE-2015-8550 * xen-blkback: only read request operation from shared ring once - CVE-2015-8550 * xen-blkback: read from indirect descriptors only once - CVE-2015-8550 * xen-scsiback: safely copy requests - CVE-2015-8550 * xen/pciback: Save xen_pci_op commands before processing it - CVE-2015-8550 * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI or MSI-X enabled - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Do not install an IRQ handler for MSI interrupts. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 -- Luis Henriques Fri, 18 Dec 2015 09:59:09 + ** Changed in: linux-lts-vivid (Ubuntu) Status: New => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8550 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8551 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8552 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8553 ** Changed in: linux-lts-vivid (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: Incomplete Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in lxd package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Incomplete Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
This bug was fixed in the package linux-lts-vivid - 3.19.0-42.48~14.04.1 --- linux-lts-vivid (3.19.0-42.48~14.04.1) trusty; urgency=low [ Kamal Mostafa ] * Release Tracking Bug - LP: #1527519 [ Jann Horn ] * ptrace: being capable wrt a process requires mapped uids/gids - LP: #1527374 linux (3.19.0-42.47) vivid; urgency=low [ Upstream Kernel Changes ] * xen: Add RING_COPY_REQUEST() - CVE-2015-8550 * xen-netback: don't use last request to determine minimum Tx credit - CVE-2015-8550 * xen-netback: use RING_COPY_REQUEST() throughout - CVE-2015-8550 * xen-blkback: only read request operation from shared ring once - CVE-2015-8550 * xen-blkback: read from indirect descriptors only once - CVE-2015-8550 * xen-scsiback: safely copy requests - CVE-2015-8550 * xen/pciback: Save xen_pci_op commands before processing it - CVE-2015-8550 * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI or MSI-X enabled - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Do not install an IRQ handler for MSI interrupts. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 -- Luis Henriques Fri, 18 Dec 2015 09:59:09 + ** Changed in: linux-lts-wily (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: Incomplete Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in lxd package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Incomplete Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
This bug was fixed in the package linux-lts-wily - 4.2.0-22.27~14.04.1 --- linux-lts-wily (4.2.0-22.27~14.04.1) trusty; urgency=low [ Kamal Mostafa ] * Release Tracking Bug - LP: #1527538 [ Jann Horn ] * ptrace: being capable wrt a process requires mapped uids/gids - LP: #1527374 linux (4.2.0-22.26) wily; urgency=low [ Upstream Kernel Changes ] * xen: Add RING_COPY_REQUEST() - CVE-2015-8550 * xen-netback: don't use last request to determine minimum Tx credit - CVE-2015-8550 * xen-netback: use RING_COPY_REQUEST() throughout - CVE-2015-8550 * xen-blkback: only read request operation from shared ring once - CVE-2015-8550 * xen-blkback: read from indirect descriptors only once - CVE-2015-8550 * xen-scsiback: safely copy requests - CVE-2015-8550 * xen/pciback: Save xen_pci_op commands before processing it - CVE-2015-8550 * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI or MSI-X enabled - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Do not install an IRQ handler for MSI interrupts. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 -- Luis Henriques Fri, 18 Dec 2015 10:27:07 + ** Changed in: linux-lts-wily (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: Incomplete Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in lxd package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Incomplete Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
This bug was fixed in the package linux-lts-wily - 4.2.0-22.27~14.04.1 --- linux-lts-wily (4.2.0-22.27~14.04.1) trusty; urgency=low [ Kamal Mostafa ] * Release Tracking Bug - LP: #1527538 [ Jann Horn ] * ptrace: being capable wrt a process requires mapped uids/gids - LP: #1527374 linux (4.2.0-22.26) wily; urgency=low [ Upstream Kernel Changes ] * xen: Add RING_COPY_REQUEST() - CVE-2015-8550 * xen-netback: don't use last request to determine minimum Tx credit - CVE-2015-8550 * xen-netback: use RING_COPY_REQUEST() throughout - CVE-2015-8550 * xen-blkback: only read request operation from shared ring once - CVE-2015-8550 * xen-blkback: read from indirect descriptors only once - CVE-2015-8550 * xen-scsiback: safely copy requests - CVE-2015-8550 * xen/pciback: Save xen_pci_op commands before processing it - CVE-2015-8550 * xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI or MSI-X enabled - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Do not install an IRQ handler for MSI interrupts. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 * xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set. - CVE-2015-8551, CVE-2015-8552, CVE-2015-8553 -- Luis Henriques Fri, 18 Dec 2015 10:27:07 + -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: Incomplete Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in lxd package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Incomplete Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: New Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: New Status in linux-lts-wily package in Ubuntu: New Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in lxd package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: New Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1527374] Re: privilege escalation on attach through ptrace
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: privilege escalation on attach through ptrace Status in linux package in Ubuntu: New Status in linux-armadaxp package in Ubuntu: New Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: New Status in linux-lts-raring package in Ubuntu: New Status in linux-lts-saucy package in Ubuntu: New Status in linux-lts-trusty package in Ubuntu: New Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: New Status in linux-lts-wily package in Ubuntu: New Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-ti-omap4 package in Ubuntu: New Status in lxc package in Ubuntu: New Status in lxd package in Ubuntu: New Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: New Bug description: A kernel bug in user namespaces allows root in a container to ptrace host-root-owned tasks during a window of opportunity during lxc-attach / 'lxc exec', before they drop privilege by doing setuid to the container root uid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
