[ubuntu/trusty-security] linux 3.13.0-161.211 (Accepted)

Steve Langasek steve.langasek at canonical.com
Mon Oct 22 15:58:33 UTC 2018

linux (3.13.0-161.211) trusty; urgency=medium

  * linux: 3.13.0-161.211 -proposed tracker (LP: #1795595)

  * CVE-2017-0794
    - scsi: sg: protect accesses to 'reserved' page array
    - scsi: sg: reset 'res_in_use' after unlinking reserved array
    - scsi: sg: recheck MMAP_IO request length with lock held

  * CVE-2017-15299
    - KEYS: don't let add_key() update an uninstantiated key

  * CVE-2015-8539
    - KEYS: Fix handling of stored error in a negatively instantiated user key

  * CVE-2018-7566
    - ALSA: seq: Fix racy pool initializations
    - ALSA: seq: More protection for concurrent write and ioctl races

  * CVE-2018-1000004. // CVE-2018-7566
    - ALSA: seq: Don't allow resizing pool in use

  * CVE-2018-1000004
    - ALSA: seq: Make ioctls race-free

  * CVE-2017-18216
    - ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent

  * CVE-2016-7913
    - tuner-xc2028: Don't try to sleep twice
    - xc2028: avoid use after free
    - xc2028: unlock on error in xc2028_set_config()
    - xc2028: Fix use-after-free bug properly

  * The VM hang happens because of pending interrupts not reinjected when
    migrating the VM several times (LP: #1791286)
    - KVM: ioapic: merge ioapic_deliver into ioapic_service
    - KVM: ioapic: clear IRR for edge-triggered interrupts at delivery
    - KVM: ioapic: extract body of kvm_ioapic_set_irq
    - KVM: ioapic: reinject pending interrupts on KVM_SET_IRQCHIP

  * CVE-2018-5390
    - SAUCE: tcp: Correct the backport of the CVE-2018-5390 fix

  * CVE-2018-9518
    - NFC: llcp: Limit size of SDP URI

  * Improvements to the kernel source package preparation (LP: #1793461)
    - [Packaging] startnewrelease: add support for backport kernels

Date: 2018-10-03 14:49:17.545021+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Steve Langasek <steve.langasek at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list