** Tags added: kernel-cve-tracking-bug ** No longer affects: linux-armadaxp (Ubuntu)
** No longer affects: linux-ec2 (Ubuntu) ** No longer affects: linux-ec2 (Ubuntu Lucid) ** No longer affects: linux-lowlatency (Ubuntu Precise) ** No longer affects: linux-lowlatency (Ubuntu Saucy) ** No longer affects: linux-lowlatency (Ubuntu) ** No longer affects: linux-lts-quantal (Ubuntu Precise) ** No longer affects: linux-lts-quantal (Ubuntu) ** No longer affects: linux-lts-raring (Ubuntu Precise) ** No longer affects: linux-lts-raring (Ubuntu) ** No longer affects: linux-lts-saucy (Ubuntu Precise) ** No longer affects: linux-lts-saucy (Ubuntu) ** No longer affects: linux-lts-trusty (Ubuntu) ** No longer affects: linux-lts-trusty (Ubuntu Precise) ** Changed in: linux (Ubuntu Precise) Importance: Undecided => High ** Changed in: linux (Ubuntu Saucy) Importance: Undecided => High ** Changed in: linux (Ubuntu Trusty) Importance: Undecided => High ** Changed in: linux (Ubuntu Lucid) Importance: Undecided => High ** Changed in: linux (Ubuntu Utopic) Importance: Undecided => High ** Description changed: - This CVE has an embargo of July 8 - - Don't allow ptrace to set RIP to a value that couldn't happen by ordinary control flow. There are CPU bugs^Wfeatures that can have - interesting effects if RIP is non-canonical. + interesting effects if RIP is non-canonical. I didn't make the + corresponding x86_32 change, since x86_32 has no concept of canonical + addresses. putreg32 doesn't need this fix: value is only 32 bits, so it + can't be non-canonical. - I didn't make the corresponding x86_32 change, since x86_32 has no - concept of canonical addresses. - - putreg32 doesn't need this fix: value is only 32 bits, so it can't - be non-canonical. - - Fixes CVE-2014-4699. There are arguably still bugs here, but this - fixes the major issue. + Break-Fix: 427abfa28afedffadfca9dd8b067eb6d36bac53f + b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a ** No longer affects: linux-ti-omap4 (Ubuntu) ** No longer affects: linux-mvl-dove (Ubuntu) ** No longer affects: linux-lts-saucy (Ubuntu) ** No longer affects: linux-lts-raring (Ubuntu) ** No longer affects: linux-lts-quantal (Ubuntu) ** No longer affects: linux-fsl-imx51 (Ubuntu) ** No longer affects: linux-ec2 (Ubuntu) ** No longer affects: linux-armadaxp (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1337339 Title: x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1337339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs