CVE-2015-0777

Published: 5 April 2015

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors.

Notes

Author	Note
jdstrand	android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support

Author

Note

jdstrand

android kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support

Priority

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	lucid	Not vulnerable (code not present)
	precise	Not vulnerable (code not present)
	trusty	Not vulnerable (code not present)
	upstream	Not vulnerable (code not present)
	utopic	Not vulnerable (code not present)
	Patches: Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Fixed by -
linux-2.6 Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-armadaxp Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Not vulnerable (code not present)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
	This package is not directly supported by the Ubuntu Security Team
linux-ec2 Launchpad, Ubuntu, Debian	lucid	Not vulnerable (code not present)
	precise	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-flo Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was ignored)
	upstream	Not vulnerable (code not present)
	utopic	Not vulnerable (code not present)
linux-fsl-imx51 Launchpad, Ubuntu, Debian	lucid	Ignored (end of life)
	precise	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-goldfish Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was ignored)
	upstream	Not vulnerable (code not present)
	utopic	Not vulnerable (code not present)
linux-grouper Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was ignored)
	upstream	Not vulnerable (code not present)
	utopic	Not vulnerable (code not present)
linux-linaro-omap Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Ignored (end of life)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-linaro-shared Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Ignored (end of life)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-linaro-vexpress Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Ignored (end of life)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-lts-quantal Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Not vulnerable (code not present)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
	This package is not directly supported by the Ubuntu Security Team
linux-lts-raring Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Not vulnerable (code not present)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-lts-saucy Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Not vulnerable (code not present)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
	This package is not directly supported by the Ubuntu Security Team
linux-lts-trusty Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Not vulnerable (code not present)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-lts-utopic Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was not-affected [code not present])
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-maguro Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was ignored)
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-mako Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was ignored)
	upstream	Not vulnerable (code not present)
	utopic	Not vulnerable (code not present)
linux-manta Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was ignored)
	upstream	Not vulnerable (code not present)
	utopic	Not vulnerable (code not present)
linux-mvl-dove Launchpad, Ubuntu, Debian	lucid	Ignored (end of life)
	precise	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-qcm-msm Launchpad, Ubuntu, Debian	lucid	Ignored (end of life)
	precise	Ignored (end of life)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist
linux-ti-omap4 Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Not vulnerable (code not present)
	trusty	Does not exist
	upstream	Not vulnerable (code not present)
	utopic	Does not exist

References

Bugs

https://launchpad.net/bugs/1441100

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›