[ubuntu/trusty-proposed] linux 3.13.0-138.187 (Accepted)
Łukasz Zemczak
lukasz.zemczak at canonical.com
Fri Dec 15 09:02:11 UTC 2017
linux (3.13.0-138.187) trusty; urgency=low
* linux: 3.13.0-138.187 -proposed tracker (LP: #1737911)
* CVE-2017-12190
- fix unbalanced page refcounting in bio_map_user_iov
- more bio_map_user_iov() leak fixes
* CVE-2017-15274
- KEYS: fix dereferencing NULL payload with nonzero length
* CVE-2017-14140
- Sanitize 'move_pages()' permission checks
* CVE-2017-15115
- sctp: do not peel off an assoc from one netns to another one
* CVE-2017-14489
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
nlmsg properly
* CVE-2017-12153
- nl80211: check for the required netlink attributes presence
* CVE-2017-16525
- USB: serial: console: fix use-after-free after failed setup
- USB: serial: console: fix use-after-free on disconnect
* CVE-2017-7542
- ipv6: avoid overflow of offset in ip6_find_1stfragopt
- ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
* CVE-2017-15102
- usb: misc: legousbtower: Fix NULL pointer deference
* CVE-2017-12192
- KEYS: prevent KEYCTL_READ on negative key
* CVE-2017-14156
- video: fbdev: aty: do not leak uninitialized padding in clk to userspace
* CVE-2017-5669
- ipc/shm: Fix shmat mmap nil-page protection
* CVE-2017-0750
- f2fs: do more integrity verification for superblock
* CVE-2017-7889
- mm: Tighten x86 /dev/mem with zeroing reads
* CVE-2017-8824
- dccp: CVE-2017-8824: use-after-free in DCCP code
Date: 2017-12-13 14:21:12.777337+00:00
Changed-By: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Signed-By: Łukasz Zemczak <lukasz.zemczak at canonical.com>
https://launchpad.net/ubuntu/+source/linux/3.13.0-138.187
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list