Package "linux-cloud-tools-common"
Name: |
linux-cloud-tools-common
|
Description: |
Linux kernel version specific cloud tools for version 4.4.0
|
Latest version: |
4.4.0-28.47 |
Release: |
xenial (16.04) |
Level: |
base |
Repository: |
main |
Head package: |
linux |
Links
Download "linux-cloud-tools-common"
Other versions of "linux-cloud-tools-common" in Xenial
Changelog
linux (4.4.0-28.47) xenial; urgency=low
.
[ Luis Henriques ]
.
* Release Tracking Bug
- LP: #1595874
.
* Linux netfilter local privilege escalation issues (LP: #1595350)
- netfilter: x_tables: don't move to non-existent next rule
- netfilter: x_tables: validate targets of jumps
- netfilter: x_tables: add and use xt_check_entry_offsets
- netfilter: x_tables: kill check_entry helper
- netfilter: x_tables: assert minimum target size
- netfilter: x_tables: add compat version of xt_check_entry_offsets
- netfilter: x_tables: check standard target size too
- netfilter: x_tables: check for bogus target offset
- netfilter: x_tables: validate all offsets and sizes in a rule
- netfilter: x_tables: don't reject valid target size on some architectures
- netfilter: arp_tables: simplify translate_compat_table args
- netfilter: ip_tables: simplify translate_compat_table args
- netfilter: ip6_tables: simplify translate_compat_table args
- netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
- netfilter: x_tables: do compat validation via translate_table
- netfilter: x_tables: introduce and use xt_copy_counters_from_user
.
* Linux netfilter IPT_SO_SET_REPLACE memory corruption (LP: #1555338)
- netfilter: x_tables: validate e->target_offset early
- netfilter: x_tables: make sure e->next_offset covers remaining blob size
- netfilter: x_tables: fix unconditional helper
.
|
Source diff to previous version |
1595350 |
Linux netfilter local privilege escalation issues |
|
linux (4.4.0-210.242) xenial; urgency=medium
.
* xenial/linux: 4.4.0-210.242 -proposed tracker (LP: #1924644)
.
* setting extended attribute may cause memory leak (LP: #1924611)
- SAUCE: vfs_setxattr: free converted value if xattr_permission returns error
|
Source diff to previous version |
linux (4.4.0-208.240) xenial; urgency=medium
.
* xenial/linux: 4.4.0-208.240 -proposed tracker (LP: #1922069)
.
* linux ADT test failure with linux/4.4.0-207.239 -
ubuntu_qrt_kernel_security.test-kernel-security.py (LP: #1922200) //
CVE-2018-5953 // CVE-2018-5995 // CVE-2018-7754
- SAUCE: Revert "printk: hash addresses printed with %p"
.
* lxd 2.0.11-0ubuntu1~16.04.4 ADT test failure with linux 4.4.0-207.239
(LP: #1921969)
- SAUCE: Fix fuse regression in 4.4.0-207.239
.
|
Source diff to previous version |
1922200 |
linux ADT test failure with linux/4.4.0-207.239 - ubuntu_qrt_kernel_security.test-kernel-security.py |
1921969 |
lxd 2.0.11-0ubuntu1~16.04.4 ADT test failure with linux 4.4.0-207.239 |
CVE-2018-5953 |
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by re |
CVE-2018-5995 |
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by |
CVE-2018-7754 |
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address |
|
linux (4.4.0-207.239) xenial; urgency=medium
.
* xenial/linux: 4.4.0-207.239 -proposed tracker (LP: #1919558)
.
* Xenial update: v4.4.262 upstream stable release (LP: #1920221)
- uapi: nfnetlink_cthelper.h: fix userspace compilation error
- ath9k: fix transmitting to stations in dynamic SMPS mode
- net: Fix gro aggregation for udp encaps with zero csum
- can: skb: can_skb_set_owner(): fix ref counting if socket was closed before
setting skb ownership
- can: flexcan: assert FRZ bit in flexcan_chip_freeze()
- can: flexcan: enable RX FIFO after FRZ/HALT valid
- netfilter: x_tables: gpf inside xt_find_revision()
- cifs: return proper error code in statfs(2)
- floppy: fix lock_fdc() signal handling
- Revert "mm, slub: consider rest of partial list if acquire_slab() fails"
- futex: Change locking rules
- futex: Cure exit race
- futex: fix dead code in attach_to_pi_owner()
- net/mlx4_en: update moderation when config reset
- net: lapbether: Remove netif_start_queue / netif_stop_queue
- net: davicom: Fix regulator not turned off on failed probe
- net: davicom: Fix regulator not turned off on driver removal
- media: usbtv: Fix deadlock on suspend
- mmc: mxs-mmc: Fix a resource leak in an error handling path in
'mxs_mmc_probe()'
- mmc: mediatek: fix race condition between msdc_request_timeout and irq
- powerpc/perf: Record counter overflow always if SAMPLE_IP is unset
- PCI: xgene-msi: Fix race in installing chained irq handler
- s390/smp: __smp_rescan_cpus() - move cpumask away from stack
- scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling
- ALSA: hda/hdmi: Cancel pending works before suspend
- ALSA: hda: Avoid spurious unsol event handling during S3/S4
- ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar
- s390/dasd: fix hanging DASD driver unbind
- mmc: core: Fix partition switch time for eMMC
- scripts/recordmcount.{c,pl}: support -ffunction-sections .text.* section
names
- Goodix Fingerprint device is not a modem
- usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio
slot
- usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM
- xhci: Improve detection of device initiated wake signal.
- USB: serial: io_edgeport: fix memory leak in edge_startup
- USB: serial: ch341: add new Product ID
- USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter
- USB: serial: cp210x: add some more GE USB IDs
- usbip: fix stub_dev to check for stream socket
- usbip: fix vhci_hcd to check for stream socket
- usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
- staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan()
- staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()
- staging: rtl8712: unterminated string leads to read overflow
- staging: rtl8188eu: fix potential memory corruption in
rtw_check_beacon_data()
- staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd
- staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan
- staging: comedi: addi_apci_1032: Fix endian problem for COS sample
- staging: comedi: addi_apci_1500: Fix endian problem for command sample
- staging: comedi: adv_pci1710: Fix endian problem for AI command data
- staging: comedi: das6402: Fix endian problem for AI command data
- staging: comedi: das800: Fix endian problem for AI command data
- staging: comedi: dmm32at: Fix endian problem for AI command data
- staging: comedi: me4000: Fix endian problem for AI command data
- staging: comedi: pcl711: Fix endian problem for AI command data
- staging: comedi: pcl818: Fix endian problem for AI command data
- NFSv4.2: fix return value of _nfs4_get_security_label()
- block: rsxx: fix error return code of rsxx_pci_probe()
- alpha: add $(src)/ rather than $(obj)/ to make source file path
- alpha: merge build rules of division routines
- alpha: make short build log available for division routines
- alpha: Package string routines together
- alpha: move exports to actual definitions
- alpha: get rid of tail-zeroing in __copy_user()
- alpha: switch __copy_user() and __do_clean_user() to normal calling
conventions
- powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
- media: hdpvr: Fix an error handling path in hdpvr_probe()
- KVM: arm64: Fix exclusive limit for IPA size
- xen/events: reset affinity of 2-level event when tearing it down
- xen/events: don't unmask an event channel when an eoi is pending
- xen/events: avoid handling the same event on two cpus at the same time
- Linux 4.4.262
.
* Xenial update: v4.4.261 upstream stable release (LP: #1920218)
- futex: fix irq self-deadlock and satisfy assertion
- futex: fix spin_lock() / spin_unlock_irq() imbalance
- ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits
- rsxx: Return -EFAULT if copy_to_user() fails
- dm table: fix iterate_devices based device capability checks
- platform/x86: acer-wmi: Add new force_caps module parameter
- PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
- Linux 4.4.261
.
* CVE-2019-19061
- iio: imu: adis16400: fix memory leak
.
* CVE-2018-5953 // CVE-2018-5995 // CVE-2018-7754
- printk: hash addresses printed with %p
.
* CVE-2017-5967
- time: Remove CONFIG_TIMER_STATS
- [Config] Dropped CONFIG_TIMER_STATS
.
* CVE-2019-16232
- libertas: fix a potential NULL pointer dereference
.
* CVE-2015-1350
- xfs: Propagate dentry down to inode_change_ok()
- fuse: Propagate dentry down to inode_change_ok()
- fs: Give dentry to inode_change_ok() inste
|
Source diff to previous version |
1920221 |
Xenial update: v4.4.262 upstream stable release |
1920218 |
Xenial update: v4.4.261 upstream stable release |
1772675 |
i40e PF reset due to incorrect MDD event |
1918184 |
Xenial update: v4.4.260 upstream stable release |
1918182 |
Xenial update: v4.4.259 upstream stable release |
1916661 |
Xenial update: v4.4.258 upstream stable release |
1916660 |
Xenial update: v4.4.257 upstream stable release |
1916657 |
Xenial update: v4.4.256 upstream stable release |
1916656 |
Xenial update: v4.4.255 upstream stable release |
CVE-2019-19061 |
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cau |
CVE-2018-5953 |
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by re |
CVE-2018-5995 |
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by |
CVE-2018-7754 |
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address |
CVE-2017-5967 |
The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distingu |
CVE-2019-16232 |
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer |
CVE-2015-1350 |
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended pri |
CVE-2018-13095 |
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occu |
CVE-2019-16231 |
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. |
|
linux (4.4.0-206.238) xenial; urgency=medium
.
* xenial/linux: 4.4.0-206.238 -proposed tracker (LP: #1919242)
.
* CVE-2021-27365
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
- scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
- scsi: iscsi: Verify lengths on passthrough PDUs
.
* CVE-2021-27363 // CVE-2021-27364
- scsi: iscsi: Restrict sessions and handles to admin capabilities
|
CVE-2021-27365 |
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and c |
CVE-2021-27363 |
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structu |
CVE-2021-27364 |
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileg |
|
About
-
Send Feedback to @ubuntu_updates