Ubuntu
linux package

s390/mm: four page table levels vs. fork

Bug #1556141 reported by bugproxy on 2016-03-11

This bug affects 1 person

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	Medium	Tim Gardner
Xenial	Fix Released	Medium	Tim Gardner
linux-armadaxp (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-flo (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-goldfish (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-lts-quantal (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-lts-raring (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-lts-saucy (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-lts-trusty (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-lts-utopic (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-lts-vivid (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-lts-wily (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-lts-xenial (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Fix Released	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-mako (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-manta (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-raspi2 (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-snapdragon (Ubuntu)	Invalid	Undecided	Unassigned
Xenial	Invalid	Medium	Unassigned
linux-ti-omap4 (Ubuntu)
Precise	Invalid	Medium	Unassigned
Trusty	Invalid	Medium	Unassigned
Wily	Invalid	Medium	Unassigned
Xenial	Invalid	Medium	Unassigned

Bug Description

== Comment: #0 - Hendrik Brueckner <email address hidden> - 2016-03-11 08:30:57 ==
Please backport:

http://git.kernel.org/cgit/linux/kernel/git/s390/linux.git/commit/?h=for-linus&id=3446c13b268af86391d06611327006b059b8bab1

s390/mm: four page table levels vs. fork
The fork of a process with four page table levels is broken since
git commit 6252d702c5311ce9 "[S390] dynamic page tables."

All new mm contexts are created with three page table levels and
an asce limit of 4TB. If the parent has four levels dup_mmap will
add vmas to the new context which are outside of the asce limit.
The subsequent call to copy_page_range will walk the three level
page table structure of the new process with non-zero pgd and pud
indexes. This leads to memory clobbers as the pgd_index *and* the
pud_index is added to the mm->pgd pointer without a pgd_deref
in between.

The init_new_context() function is selecting the number of page
table levels for a new context. The function is used by mm_init()
which in turn is called by dup_mm() and mm_alloc(). These two are
used by fork() and exec(). The init_new_context() function can
distinguish the two cases by looking at mm->context.asce_limit,
for fork() the mm struct has been copied and the number of page
table levels may not change. For exec() the mm_alloc() function
set the new mm structure to zero, in this case a three-level page
table is created as the temporary stack space is located at
STACK_TOP_MAX = 4TB.

This fixes CVE-2016-2143.

Reported-by: Marcin Ko?cielnicki <koriakin@0x04.net>
Reviewed-by: Heiko Carstens <email address hidden>
Cc: <email address hidden>
Signed-off-by: Martin Schwidefsky <email address hidden>

Tags:

Related branches

lp:ubuntu/trusty-proposed/linux-lts-xenial

CVE References

2016-2143

bugproxy (bugproxy) on 2016-03-11

tags:	added: architecture-s39064 bugnameltc-138862 severity-critical targetmilestone-inin1604
Changed in ubuntu:
assignee:	nobody → Skipper Bug Screeners (skipper-screen-team)

Gary Gaydos (gmgaydos) on 2016-03-11

affects:

ubuntu → linux (Ubuntu)

Tim Gardner (timg-tpi) on 2016-03-11

Changed in linux (Ubuntu Xenial):
assignee:	Skipper Bug Screeners (skipper-screen-team) → Tim Gardner (timg-tpi)
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-03-15:

Download full text (7.0 KiB)

This bug was fixed in the package linux - 4.4.0-13.29

---------------
linux (4.4.0-13.29) xenial; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
- LP: #1556247

* s390/mm: four page table levels vs. fork (LP: #1556141)
- s390/mm: four page table levels vs. fork

  * [Hyper-V] network performance patches for Xenial 16.04 (LP: #1556037)
    - hv_netvsc: use skb_get_hash() instead of a homegrown implementation
    - hv_netvsc: cleanup netdev feature flags for netvsc

  * fails to boot on megaraid (LP: #1552903)
    - SAUCE: (noup) megaraid_sas: Don't issue kill adapter for MFI controllers in
      case of PD list DCMD failure

* ALSA: hda - add codec support for Kabylake display audio codec (LP: #1556002)
- ALSA: hda - add codec support for Kabylake display audio codec

  * Backport upstream bugfixes to ubuntu-16.04 (LP: #1555765)
    - cpufreq: powernv: Free 'chips' on module exit
    - cpufreq: powernv: Hot-plug safe the kworker thread
    - cpufreq: powernv: Remove cpu_to_chip_id() from hot-path
    - cpufreq: powernv/tracing: Add powernv_throttle tracepoint
    - cpufreq: powernv: Replace pr_info with trace print for throttle event
    - SAUCE: (noup) cpufreq: powernv: Fix bugs in powernv_cpufreq_{init/exit}

* Linux netfilter IPT_SO_SET_REPLACE memory corruption (LP: #1555338)
- SAUCE: [nf,v2] netfilter: x_tables: don't rely on well-behaving userspace

* integer overflow in xt_alloc_table_info (LP: #1555353)
- SAUCE: (noup) netfilter: x_tables: check for size overflow

  * linux: auto-generate the reconstruct information from the git tag (LP: #1555543)
    - [Packaging] reconstruct -- automatically reconstruct against base tag
    - [Config] reconstruct -- update to autoreconstruct output
    - [Packaging] reconstruct -- update when inserting final changes

This bug was fixed in the package linux - 4.4.0-13.29

---------------
linux (4.4.0-13.29) xenial; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #1556247

* s390/mm: four page table levels vs. fork (LP: #1556141)
    - s390/mm: four page table levels vs. fork

* fails to boot on megaraid (LP: #1552903)
    - SAUCE: (noup) megaraid_sas: Don't issue kill adapter for MFI controllers in
      case of PD list DCMD failure

* ALSA: hda - add codec support for Kabylake display audio codec (LP: #1556002)
    - ALSA: hda - add codec support for Kabylake display audio codec

* Linux netfilter IPT_SO_SET_REPLACE memory corruption (LP: #1555338)
    - SAUCE: [nf,v2] netfilter: x_tables: don't rely on well-behaving userspace

* integer overflow in xt_alloc_table_info (LP: #1555353)
    - SAUCE: (noup) netfilter: x_tables: check for size overflow

* Xenial update to v4.4.5 stable release (LP: #1555640)
    - use ->d_seq to get coherency between ->d_inode and ->d_flags
    - drivers: sh: Restore legacy clock domain on SuperH platforms
    - Btrfs: fix deadlock running delayed iputs at transaction commit time
    - btrfs: Fix no_space in write and rm loop
    - btrfs: async-thread: Fix a use-after-free error for trace
    - block: Initialize max_dev_sectors to 0
    - PCI: keystone: Fix MSI code that retrieves struct pcie_port pointer
    - parisc: Fix ptrace syscall number and return value modification
    - mips/kvm: fix ioctl error handling
    - kvm: x86: Update tsc multiplier on change.
    - fbcon: set a default value to blink interval
    - cifs: fix out-of-bounds access in lease parsing
    - CIFS: Fix SMB2+ interim response processing for read requests
    - Fix cifs_uniqueid_to_ino_t() function for s390x
    - vfio: fix ioctl error handling
    - KVM: x86: fix root cause for missed hardware breakpoints
    - arm/arm64: KVM: Fix ioctl error handling
    - iommu/amd: Apply workaround for ATS write permission check
    - iommu/amd: Fix boot warning when device 00:00.0 is not iommu covered
    - iommu/vt-d: Use BUS_NOTIFY_REMOVED_DEVICE in hotplug path
    - target: Fix WRITE_SAME/DISCARD conversion to linux 512b sectors
    - drm/ast: Fix incorrect register check for DRAM width
    - drm/radeon/pm: update current crtc info after setting the powerstate
    - drm/amdgpu/pm: update current crtc info after setting the powerstate
    - drm/amdgpu: apply gfx_v8 fixes to gfx_v7 as well
    - drm/amdgpu/gfx8: specify which engine to wait before vm flush
    - drm/amdgpu: return from atombios_dp_get_dpcd only when error
    - libata: fix HDIO_GET_32BIT ioctl
    - libata: Align ata_device's id on a cacheline
    - block: bio: introduce helpers to get the 1st and last bvec
    - writeback: flush inode cgroup wb switches instead of pinning super_block
    - Adding Intel Lewisburg device IDs for SATA
    - arm64: vmemmap: use virtual projection of linear region
    - PM / sleep / x86: Fix crash on graph trace through x86 suspend
    - ata: ahci: don't mark HotPlugCapable Ports as external/removable
    - tracing: Do not have 'comm' filter override event 'comm' field
    - pata-rb532-cf: get rid of the irq_to_gpio() call
    - Btrfs: fix loading of orphan roots leading to BUG_ON
    - Revert "jffs2: Fix lock acquisition order bug in jffs2_write_begin"
    - jffs2: Fix page lock / f->sem deadlock
    - Fix directory hardlinks from deleted directories
    - dmaengine: pxa_dma: fix cyclic transfers
    - adv7604: fix tx 5v detect regression
    - ALSA: usb-audio: Add a quirk for Plantronics DA45
    - ALSA: ctl: Fix ioctls for X32 ABI
    - ALSA: hda - Fix mic issues on Acer Aspire E1-472
    - ALSA: rawmidi: Fix ioctls X32 ABI
    - ALSA: timer: Fix ioctls for X32 ABI
    - ALSA: pcm: Fix ioctls for X32 ABI
    - ALSA: seq: oss: Don't drain at closing a client
    - ALSA: hdspm: Fix wrong boolean ctl value accesses
    - ALSA: hdsp: Fix wrong boolean ctl value accesses
    - ALSA: hdspm: Fix zero-division
    - ALSA: timer: Fix broken compat timer user status ioctl
    - usb: chipidea: otg: change workqueue ci_otg as freezable
    - USB: cp210x: Add ID for Parrot NMEA GPS Flight Recorder
    - USB: qcserial: add Dell Wireless 5809e Gobi 4G HSPA+ (rev3)
    - USB: qcserial: add Sierra Wireless EM74xx device ID
    - USB: serial: option: add support for Telit LE922 PID 0x1045
    - USB: serial: option: add support for Quectel UC20
    - MIPS: scache: Fix scache init with invalid line size.
    - MIPS: traps: Fix SIGFPE information leak from `do_ov' and `do_trap_or_bp'
    - ubi: Fix out of bounds write in volume update code
    - i2c: brcmstb: allocate correct amount of memory for regmap
    - thermal: cpu_cooling: fix out of bounds access in time_in_idle
    - block: check virt boundary in bio_will_gap()
    - block: get the 1st and last bvec via helpers
    - drm/i915: more virtual south bridge detection
    - drm/i915: refine qemu south bridge detection
    - modules: fix longstanding /proc/kallsyms vs module insertion race.
    - drm/amdgpu: fix topaz/tonga gmc assignment in 4.4 stable
    - Linux 4.4.5

* QEMU: causes vCPU steal time overflow on live migration (LP: #1494350)
    - x86/mm: Fix slow_virt_to_phys() for X86_PAE again

* TPM2.0 trusted keys fixes (LP: #1398274)
    - tpm_tis: further simplify calculation of ordinal duration
    - tpm_tis: Use devm_free_irq not free_irq
    - tpm_tis: Ensure interrupts are disabled when the driver starts
    - tpm: rework tpm_get_timeouts()
    - tpm_tis: Get rid of the duplicate IRQ probing code
    - tpm_tis: Refactor the interrupt setup
    - tpm_tis: Tighten IRQ auto-probing
    - tpm_ibmvtpm: properly handle interrupted packet receptions

* linux: review all versioned depends/conflicts/replaces/breaks for validility (LP: #1555033)
    - [Config] control.stub.in -- review versioned Build-Depends:
    - [Config] control.stub.in -- review versioned
      Depends/Breaks/Conflicts/Replaces
    - [Config] flavour-control.stub -- review versioned Breaks/Conflicts/Replaces
    - [Config] x86 vars.* -- review versioned Breaks/Conflicts/Replaces

-- Tim Gardner <tim.gardner@canonical.com>  Wed, 09 Mar 2016 05:11:51 -0700

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Steve Beattie (sbeattie) on 2016-03-17

tags:	added: kernel-cve-skip-description
Changed in linux-lts-trusty (Ubuntu Precise):
importance:	Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-trusty (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-wily (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-wily (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-wily (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-wily (Ubuntu Trusty):
importance:	Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-quantal (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux (Ubuntu Precise):
importance:	Undecided → Medium
Changed in linux (Ubuntu Wily):
importance:	Undecided → Medium
Changed in linux (Ubuntu Xenial):
importance:	Undecided → Medium
Changed in linux (Ubuntu Trusty):
importance:	Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Precise):
importance:	Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-ti-omap4 (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium

Steve Beattie (sbeattie) on 2016-03-17

Changed in linux-lts-raring (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-raring (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-raring (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-raring (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-armadaxp (Ubuntu Precise):
importance:	Undecided → Medium
Changed in linux-armadaxp (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-armadaxp (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-armadaxp (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-xenial (Ubuntu Trusty):
importance:	Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-saucy (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-manta (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-manta (Ubuntu Wily):
importance:	Undecided → Medium
Changed in linux-manta (Ubuntu Xenial):
importance:	Undecided → Medium
Changed in linux-manta (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-vivid (Ubuntu Trusty):
importance:	Undecided → Medium
Changed in linux-raspi2 (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-raspi2 (Ubuntu Wily):
importance:	Undecided → Medium
Changed in linux-raspi2 (Ubuntu Xenial):
importance:	Undecided → Medium
Changed in linux-raspi2 (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-mako (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-mako (Ubuntu Wily):
importance:	Undecided → Medium
Changed in linux-mako (Ubuntu Xenial):
importance:	Undecided → Medium
Changed in linux-mako (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Wily):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-lts-utopic (Ubuntu Trusty):
importance:	Undecided → Medium
Changed in linux-goldfish (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-goldfish (Ubuntu Wily):
importance:	Undecided → Medium
Changed in linux-goldfish (Ubuntu Xenial):
importance:	Undecided → Medium
Changed in linux-goldfish (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-flo (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux-flo (Ubuntu Wily):
importance:	Undecided → Medium
Changed in linux-flo (Ubuntu Xenial):
importance:	Undecided → Medium
Changed in linux-flo (Ubuntu Trusty):
status:	New → Invalid
importance:	Undecided → Medium
Changed in linux (Ubuntu Xenial):
status:	Fix Released → New

Dimitri John Ledkov (xnox) on 2016-03-17

no longer affects:	linux (Ubuntu Precise)
no longer affects:	linux (Ubuntu Trusty)
no longer affects:	linux (Ubuntu Wily)
no longer affects:	linux-armadaxp (Ubuntu)
no longer affects:	linux-flo (Ubuntu)
no longer affects:	linux-goldfish (Ubuntu)
no longer affects:	linux-lts-quantal (Ubuntu)
no longer affects:	linux-lts-raring (Ubuntu)
no longer affects:	linux-lts-saucy (Ubuntu)
no longer affects:	linux-lts-trusty (Ubuntu)
no longer affects:	linux-lts-utopic (Ubuntu)
no longer affects:	linux-lts-vivid (Ubuntu)
no longer affects:	linux-lts-wily (Ubuntu)
no longer affects:	linux-lts-xenial (Ubuntu)
no longer affects:	linux-mako (Ubuntu)
no longer affects:	linux-manta (Ubuntu)
no longer affects:	linux-raspi2 (Ubuntu)
no longer affects:	linux-ti-omap4 (Ubuntu)
Changed in linux-armadaxp (Ubuntu Precise):
status:	New → Invalid
Changed in linux-goldfish (Ubuntu Wily):
status:	New → Invalid
Changed in linux-goldfish (Ubuntu Xenial):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Precise):
status:	New → Invalid
Changed in linux-raspi2 (Ubuntu Xenial):
status:	New → Invalid
Changed in linux-raspi2 (Ubuntu Wily):
status:	New → Invalid

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2016-03-18:

This is s390x architecture specific. s390x architecture is only present in Xenial and nowhere else. And only in generic flavour. No Security update is needed in any other kernel flavour, nor in any other release series.

Revision history for this message

Steve Beattie (sbeattie) wrote on 2016-03-18:

Correcting status damage caused by sync script.

Changed in linux (Ubuntu Xenial):
status:	New → Fix Released

Steve Beattie (sbeattie) on 2016-03-18

Changed in linux-lts-trusty (Ubuntu Precise):
status:	New → Invalid
Changed in linux-lts-wily (Ubuntu Trusty):
status:	New → Invalid
Changed in linux-lts-xenial (Ubuntu Trusty):
status:	New → Invalid
Changed in linux-manta (Ubuntu Wily):
status:	New → Invalid
Changed in linux-manta (Ubuntu Xenial):
status:	New → Invalid
Changed in linux-lts-vivid (Ubuntu Trusty):
status:	New → Invalid
Changed in linux-mako (Ubuntu Wily):
status:	New → Invalid
Changed in linux-mako (Ubuntu Xenial):
status:	New → Invalid
Changed in linux-lts-utopic (Ubuntu Trusty):
status:	New → Invalid
Changed in linux-flo (Ubuntu Wily):
status:	New → Invalid
Changed in linux-flo (Ubuntu Xenial):
status:	New → Invalid

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-03-28:

This bug was fixed in the package linux-lts-xenial - 4.4.0-14.30~14.04.2

---------------
linux-lts-xenial (4.4.0-14.30~14.04.2) trusty; urgency=low

* Release Tracking Bug (LP: #1558247)

* Current 4.4 kernel won't boot on powerpc (LP: #1557130)
- powerpc: Fix dedotify for binutils >= 2.26

* ZFS: send fails to transmit some holes [corruption] (LP: #1557151)
- Illumos 6370 - ZFS send fails to transmit some holes

  * Request to cherry-pick uvcvideo patch for Xenial kernel support of RealSense
    camera (LP: #1557138)
    - UVC: Add support for ds4 depth camera

* use after free of task_struct->numa_faults in task_numa_find_cpu (LP: #1527643)
- sched/numa: Fix use-after-free bug in the task_numa_compare

  * overlay fs regression: chmod fails with "Operation not permitted" on chowned
    files (LP: #1555997)
    - ovl: copy new uid/gid into overlayfs runtime inode

* Miscellaneous Ubuntu changes
- SAUCE: Dump stack when X.509 certificates cannot be loaded

-- Brad Figg <email address hidden> Thu, 17 Mar 2016 09:18:22 -0700

Changed in linux-lts-xenial (Ubuntu Trusty):
status:	Invalid → Fix Released

Steve Beattie (sbeattie) on 2016-05-06

Changed in linux-snapdragon (Ubuntu Xenial):
status:	New → Invalid
importance:	Undecided → Medium

Dimitri John Ledkov (xnox) on 2016-05-20

Changed in linux-snapdragon (Ubuntu):
status:	New → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

s390/mm: four page table levels vs. fork

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package