[Bug 1527374] Re: CVE-2015-8709
** No longer affects: lxc (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
** Description changed: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." + + Break-Fix: - local-2015-8709 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
** No longer affects: linux-lts-trusty (Ubuntu) ** Changed in: linux-lts-quantal (Ubuntu) Importance: Undecided => Medium ** Changed in: linux-lts-quantal (Ubuntu) Status: Confirmed => Won't Fix ** Changed in: linux-lts-raring (Ubuntu) Importance: Undecided => Medium ** Changed in: linux-lts-raring (Ubuntu) Status: Confirmed => Won't Fix ** Changed in: linux-lts-saucy (Ubuntu) Importance: Undecided => Medium ** Changed in: linux-lts-saucy (Ubuntu) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
** Branch linked: lp:~ubuntu-branches/ubuntu/trusty/linux-lts-wily /trusty-security ** Branch linked: lp:~ubuntu-branches/ubuntu/trusty/linux-lts-wily /trusty-proposed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
** Branch linked: lp:ubuntu/trusty-security/linux-lts-vivid ** Branch linked: lp:ubuntu/trusty-proposed/linux-lts-vivid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
** Description changed: - A kernel bug in user namespaces allows root in a container to ptrace - host-root-owned tasks during a window of opportunity during lxc-attach / - 'lxc exec', before they drop privilege by doing setuid to the container - root uid. + ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 + mishandles uid and gid mappings, which allows local users to gain + privileges by establishing a user namespace, waiting for a root process + to enter that namespace with an unsafe uid or gid, and then using the + ptrace system call. NOTE: the vendor states "there is no kernel bug + here." -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
This bug was fixed in the package linux - 4.3.0-6.17 --- linux (4.3.0-6.17) xenial; urgency=low [ Tim Gardner ] * Release Tracking Bug - LP: #1532958 [ Eric Dumazet ] * SAUCE: (noup) net: fix IP early demux races - LP: #1526946 [ Guilherme G. Piccoli ] * SAUCE: powerpc/eeh: Validate arch in eeh_add_device_early() - LP: #1486180 [ Hui Wang ] * [Config] CONFIG_I2C_DESIGNWARE_BAYTRAIL=y, CONFIG_IOSF_MBI=y - LP: #1527096 [ Jann Horn ] * ptrace: being capable wrt a process requires mapped uids/gids - LP: #1527374 [ Serge Hallyn ] * SAUCE: add a sysctl to disable unprivileged user namespace unsharing [ Tim Gardner ] * [Config] CONFIG_ZONE_DEVICE=y for amd64 * [Config] CONFIG_VIRTIO_BLK=y, CONFIG_VIRTIO_NET=y for s390 - LP: #1532886 [ Upstream Kernel Changes ] * rhashtable: Fix walker list corruption - LP: #1526811 * rhashtable: Kill harmless RCU warning in rhashtable_walk_init - LP: #1526811 * ovl: fix permission checking for setattr - LP: #1528904 - CVE-2015-8660 -- Tim Gardner Thu, 17 Dec 2015 05:34:47 -0700 ** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8660 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
** Tags added: kernel-cve-tracking-bug -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-lts-saucy (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-manta (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-mako (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-lts-trusty (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-lts-quantal (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-lts-raring (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxc (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-ti-omap4 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-flo (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-goldfish (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-armadaxp (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1527374] Re: CVE-2015-8709
** Summary changed: - privilege escalation on attach through ptrace + CVE-2015-8709 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs