← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2016-3134

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2016-3134
1
 
PublicDateAtUSN: 2016-03-09
2
 
Candidate: CVE-2016-3134
3
 
PublicDate: 2016-04-27
4
 
References:
5
 
 https://code.google.com/p/google-security-research/issues/detail?id=758
6
 
 http://marc.info/?l=netfilter-devel&m=145757134822741&w=2 (proposed fix)
7
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3134
8
 
 http://www.openwall.com/lists/oss-security/2016/03/14/1
9
 
 https://usn.ubuntu.com/usn/usn-2931-1
10
 
 https://usn.ubuntu.com/usn/usn-2932-1
11
 
 https://usn.ubuntu.com/usn/usn-2930-1
12
 
 https://usn.ubuntu.com/usn/usn-2930-2
13
 
 https://usn.ubuntu.com/usn/usn-2929-2
14
 
 https://usn.ubuntu.com/usn/usn-2929-1
15
 
 https://usn.ubuntu.com/usn/usn-2930-3
16
 
 https://usn.ubuntu.com/usn/usn-3049-1
17
 
 https://usn.ubuntu.com/usn/usn-3050-1
18
 
Description:
19
 
 The netfilter subsystem in the Linux kernel through 4.5.2 does not validate
20
 
 certain offset fields, which allows local users to gain privileges or cause
21
 
 a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE
22
 
 setsockopt call.
23
 
Ubuntu-Description:
24
 
 Ben Hawkes discovered that the Linux netfilter implementation did not
25
 
 correctly perform validation when handling IPT_SO_SET_REPLACE events. A
26
 
 local unprivileged attacker could use this to cause a denial of service
27
 
 (system crash) or possibly execute arbitrary code with administrative
28
 
 privileges.
29
 
Notes:
30
 
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
31
 
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
32
 
 jdstrand> linux-lts-saucy no longer receives official support
33
 
 jdstrand> linux-lts-quantal no longer receives official support
34
 
Bugs:
35
 
 https://launchpad.net/bugs/1555338
36
 
Priority: high
37
 
Discovered-by: Ben Hawkes
38
 
Assigned-to: 
39
 
 
40
 
Patches_linux:
41
 
 break-fix: - 54d83fc74aa9ec72794373cb47432c5f7fb1a309
42
 
 break-fix: - bdf533de6968e9686df777dc178486f600c6e617
43
 
 break-fix: - 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
44
 
upstream_linux: released (4.6~rc2)
45
 
precise_linux: released (3.2.0-107.148)
46
 
precise/esm_linux: released (3.2.0-107.148)
47
 
trusty_linux: released (3.13.0-91.138)
48
 
vivid/ubuntu-core_linux: released (3.19.0-64.72)
49
 
vivid/stable-phone-overlay_linux: DNE
50
 
wily_linux: released (4.2.0-41.48)
51
 
xenial_linux: released (4.4.0-28.47)
52
 
yakkety_linux: not-affected (4.4.0-28.47)
53
 
zesty_linux: not-affected (4.8.0-22.24)
54
 
devel_linux: not-affected (4.10.0-19.21)
55
 
Priority_linux_precise: low
56
 
Priority_linux_precise/esm: low
57
 
 
58
 
Patches_linux-ti-omap4:
59
 
upstream_linux-ti-omap4: released (4.6~rc2)
60
 
precise_linux-ti-omap4: released (3.2.0-1485.112)
61
 
precise/esm_linux-ti-omap4: DNE (precise was released [3.2.0-1485.112])
62
 
trusty_linux-ti-omap4: DNE
63
 
vivid/ubuntu-core_linux-ti-omap4: DNE
64
 
vivid/stable-phone-overlay_linux-ti-omap4: DNE
65
 
wily_linux-ti-omap4: DNE
66
 
xenial_linux-ti-omap4: DNE
67
 
yakkety_linux-ti-omap4: DNE
68
 
zesty_linux-ti-omap4: DNE
69
 
devel_linux-ti-omap4: DNE
70
 
 
71
 
Patches_linux-linaro-omap:
72
 
upstream_linux-linaro-omap: released (4.6~rc2)
73
 
precise_linux-linaro-omap: ignored (abandoned)
74
 
precise/esm_linux-linaro-omap: DNE (precise was ignored [abandoned])
75
 
trusty_linux-linaro-omap: DNE
76
 
vivid/ubuntu-core_linux-linaro-omap: DNE
77
 
vivid/stable-phone-overlay_linux-linaro-omap: DNE
78
 
wily_linux-linaro-omap: DNE
79
 
xenial_linux-linaro-omap: DNE
80
 
yakkety_linux-linaro-omap: DNE
81
 
zesty_linux-linaro-omap: DNE
82
 
devel_linux-linaro-omap: DNE
83
 
 
84
 
Patches_linux-linaro-shared:
85
 
upstream_linux-linaro-shared: released (4.6~rc2)
86
 
precise_linux-linaro-shared: ignored (abandoned)
87
 
precise/esm_linux-linaro-shared: DNE (precise was ignored [abandoned])
88
 
trusty_linux-linaro-shared: DNE
89
 
vivid/ubuntu-core_linux-linaro-shared: DNE
90
 
vivid/stable-phone-overlay_linux-linaro-shared: DNE
91
 
wily_linux-linaro-shared: DNE
92
 
xenial_linux-linaro-shared: DNE
93
 
yakkety_linux-linaro-shared: DNE
94
 
zesty_linux-linaro-shared: DNE
95
 
devel_linux-linaro-shared: DNE
96
 
 
97
 
Patches_linux-linaro-vexpress:
98
 
upstream_linux-linaro-vexpress: released (4.6~rc2)
99
 
precise_linux-linaro-vexpress: ignored (abandoned)
100
 
precise/esm_linux-linaro-vexpress: DNE (precise was ignored [abandoned])
101
 
trusty_linux-linaro-vexpress: DNE
102
 
vivid/ubuntu-core_linux-linaro-vexpress: DNE
103
 
vivid/stable-phone-overlay_linux-linaro-vexpress: DNE
104
 
wily_linux-linaro-vexpress: DNE
105
 
xenial_linux-linaro-vexpress: DNE
106
 
yakkety_linux-linaro-vexpress: DNE
107
 
zesty_linux-linaro-vexpress: DNE
108
 
devel_linux-linaro-vexpress: DNE
109
 
 
110
 
Patches_linux-qcm-msm:
111
 
upstream_linux-qcm-msm: released (4.6~rc2)
112
 
precise_linux-qcm-msm: ignored (abandoned)
113
 
precise/esm_linux-qcm-msm: DNE (precise was ignored [abandoned])
114
 
trusty_linux-qcm-msm: DNE
115
 
vivid/ubuntu-core_linux-qcm-msm: DNE
116
 
vivid/stable-phone-overlay_linux-qcm-msm: DNE
117
 
wily_linux-qcm-msm: DNE
118
 
xenial_linux-qcm-msm: DNE
119
 
yakkety_linux-qcm-msm: DNE
120
 
zesty_linux-qcm-msm: DNE
121
 
devel_linux-qcm-msm: DNE
122
 
 
123
 
Tags_linux-armadaxp: not-ue
124
 
Patches_linux-armadaxp:
125
 
upstream_linux-armadaxp: released (4.6~rc2)
126
 
precise_linux-armadaxp: released (3.2.0-1670.96)
127
 
precise/esm_linux-armadaxp: DNE (precise was released [3.2.0-1670.96])
128
 
trusty_linux-armadaxp: DNE
129
 
vivid/ubuntu-core_linux-armadaxp: DNE
130
 
vivid/stable-phone-overlay_linux-armadaxp: DNE
131
 
wily_linux-armadaxp: DNE
132
 
xenial_linux-armadaxp: DNE
133
 
yakkety_linux-armadaxp: DNE
134
 
zesty_linux-armadaxp: DNE
135
 
devel_linux-armadaxp: DNE
136
 
 
137
 
Tags_linux-lts-quantal: not-ue
138
 
Patches_linux-lts-quantal: DNE
139
 
upstream_linux-lts-quantal: released (4.6~rc2)
140
 
precise_linux-lts-quantal: ignored (end-of-life)
141
 
precise/esm_linux-lts-quantal: DNE (precise was ignored [end-of-life])
142
 
trusty_linux-lts-quantal: DNE
143
 
vivid/ubuntu-core_linux-lts-quantal: DNE
144
 
vivid/stable-phone-overlay_linux-lts-quantal: DNE
145
 
wily_linux-lts-quantal: DNE
146
 
xenial_linux-lts-quantal: DNE
147
 
yakkety_linux-lts-quantal: DNE
148
 
zesty_linux-lts-quantal: DNE
149
 
devel_linux-lts-quantal: DNE
150
 
 
151
 
Patches_linux-lts-raring:
152
 
upstream_linux-lts-raring: released (4.6~rc2)
153
 
precise_linux-lts-raring: ignored (end-of-life)
154
 
precise/esm_linux-lts-raring: DNE (precise was ignored [end-of-life])
155
 
trusty_linux-lts-raring: DNE
156
 
vivid/ubuntu-core_linux-lts-raring: DNE
157
 
vivid/stable-phone-overlay_linux-lts-raring: DNE
158
 
wily_linux-lts-raring: DNE
159
 
xenial_linux-lts-raring: DNE
160
 
yakkety_linux-lts-raring: DNE
161
 
zesty_linux-lts-raring: DNE
162
 
devel_linux-lts-raring: DNE
163
 
 
164
 
Tags_linux-lts-saucy: not-ue
165
 
Patches_linux-lts-saucy:
166
 
upstream_linux-lts-saucy: released (4.6~rc2)
167
 
precise_linux-lts-saucy: ignored (end-of-life)
168
 
precise/esm_linux-lts-saucy: DNE (precise was ignored [end-of-life])
169
 
trusty_linux-lts-saucy: DNE
170
 
vivid/ubuntu-core_linux-lts-saucy: DNE
171
 
vivid/stable-phone-overlay_linux-lts-saucy: DNE
172
 
wily_linux-lts-saucy: DNE
173
 
xenial_linux-lts-saucy: DNE
174
 
yakkety_linux-lts-saucy: DNE
175
 
zesty_linux-lts-saucy: DNE
176
 
devel_linux-lts-saucy: DNE
177
 
 
178
 
Patches_linux-lts-trusty:
179
 
upstream_linux-lts-trusty: released (4.6~rc2)
180
 
precise_linux-lts-trusty: released (3.13.0-91.138~precise1)
181
 
precise/esm_linux-lts-trusty: released (3.13.0-91.138~precise1)
182
 
trusty_linux-lts-trusty: DNE
183
 
vivid/ubuntu-core_linux-lts-trusty: DNE
184
 
vivid/stable-phone-overlay_linux-lts-trusty: DNE
185
 
wily_linux-lts-trusty: DNE
186
 
xenial_linux-lts-trusty: DNE
187
 
yakkety_linux-lts-trusty: DNE
188
 
zesty_linux-lts-trusty: DNE
189
 
devel_linux-lts-trusty: DNE
190
 
 
191
 
Patches_linux-goldfish:
192
 
upstream_linux-goldfish: released (4.6~rc2)
193
 
precise_linux-goldfish: DNE
194
 
precise/esm_linux-goldfish: DNE
195
 
trusty_linux-goldfish: ignored
196
 
vivid/ubuntu-core_linux-goldfish: DNE
197
 
vivid/stable-phone-overlay_linux-goldfish: DNE
198
 
wily_linux-goldfish: ignored (reached end-of-life)
199
 
xenial_linux-goldfish: ignored (abandoned)
200
 
yakkety_linux-goldfish: ignored (abandoned)
201
 
zesty_linux-goldfish: ignored (abandoned)
202
 
devel_linux-goldfish: DNE
203
 
 
204
 
Patches_linux-grouper:
205
 
upstream_linux-grouper: released (4.6~rc2)
206
 
precise_linux-grouper: DNE
207
 
precise/esm_linux-grouper: DNE
208
 
trusty_linux-grouper: ignored
209
 
vivid/ubuntu-core_linux-grouper: DNE
210
 
vivid/stable-phone-overlay_linux-grouper: DNE
211
 
wily_linux-grouper: DNE
212
 
xenial_linux-grouper: DNE
213
 
yakkety_linux-grouper: DNE
214
 
zesty_linux-grouper: DNE
215
 
devel_linux-grouper: DNE
216
 
 
217
 
Patches_linux-maguro:
218
 
upstream_linux-maguro: released (4.6~rc2)
219
 
precise_linux-maguro: DNE
220
 
precise/esm_linux-maguro: DNE
221
 
trusty_linux-maguro: ignored
222
 
vivid/ubuntu-core_linux-maguro: DNE
223
 
vivid/stable-phone-overlay_linux-maguro: DNE
224
 
wily_linux-maguro: DNE
225
 
xenial_linux-maguro: DNE
226
 
yakkety_linux-maguro: DNE
227
 
zesty_linux-maguro: DNE
228
 
devel_linux-maguro: DNE
229
 
 
230
 
Patches_linux-mako:
231
 
upstream_linux-mako: released (4.6~rc2)
232
 
precise_linux-mako: DNE
233
 
precise/esm_linux-mako: DNE
234
 
trusty_linux-mako: ignored
235
 
vivid/ubuntu-core_linux-mako: DNE
236
 
vivid/stable-phone-overlay_linux-mako: ignored (abandoned)
237
 
wily_linux-mako: ignored (reached end-of-life)
238
 
xenial_linux-mako: ignored (abandoned)
239
 
yakkety_linux-mako: ignored (abandoned)
240
 
zesty_linux-mako: DNE
241
 
devel_linux-mako: DNE
242
 
 
243
 
Patches_linux-manta:
244
 
upstream_linux-manta: released (4.6~rc2)
245
 
precise_linux-manta: DNE
246
 
precise/esm_linux-manta: DNE
247
 
trusty_linux-manta: ignored
248
 
vivid/ubuntu-core_linux-manta: DNE
249
 
vivid/stable-phone-overlay_linux-manta: DNE
250
 
wily_linux-manta: ignored (reached end-of-life)
251
 
xenial_linux-manta: DNE
252
 
yakkety_linux-manta: DNE
253
 
zesty_linux-manta: DNE
254
 
devel_linux-manta: DNE
255
 
 
256
 
Patches_linux-flo:
257
 
upstream_linux-flo: released (4.6~rc2)
258
 
precise_linux-flo: DNE
259
 
precise/esm_linux-flo: DNE
260
 
trusty_linux-flo: ignored
261
 
vivid/ubuntu-core_linux-flo: DNE
262
 
vivid/stable-phone-overlay_linux-flo: ignored (abandoned)
263
 
wily_linux-flo: ignored (reached end-of-life)
264
 
xenial_linux-flo: ignored (abandoned)
265
 
yakkety_linux-flo: ignored (abandoned)
266
 
zesty_linux-flo: DNE
267
 
devel_linux-flo: DNE
268
 
 
269
 
Patches_linux-raspi2:
270
 
upstream_linux-raspi2: released (4.6~rc2)
271
 
precise_linux-raspi2: DNE
272
 
precise/esm_linux-raspi2: DNE
273
 
trusty_linux-raspi2: DNE
274
 
vivid/ubuntu-core_linux-raspi2: ignored (was pending now end-of-life)
275
 
vivid/stable-phone-overlay_linux-raspi2: DNE
276
 
wily_linux-raspi2: released (4.2.0-1033.43)
277
 
xenial_linux-raspi2: released (4.4.0-1016.22)
278
 
yakkety_linux-raspi2: not-affected (4.4.0-1016.22)
279
 
zesty_linux-raspi2: not-affected (4.8.0-1013.15)
280
 
devel_linux-raspi2: not-affected (4.10.0-1004.6)
281
 
 
282
 
Patches_linux-lts-utopic:
283
 
upstream_linux-lts-utopic: released (4.6~rc2)
284
 
precise_linux-lts-utopic: DNE
285
 
precise/esm_linux-lts-utopic: DNE
286
 
trusty_linux-lts-utopic: released (3.16.0-76.98~14.04.1)
287
 
vivid/ubuntu-core_linux-lts-utopic: DNE
288
 
vivid/stable-phone-overlay_linux-lts-utopic: DNE
289
 
wily_linux-lts-utopic: DNE
290
 
xenial_linux-lts-utopic: DNE
291
 
yakkety_linux-lts-utopic: DNE
292
 
zesty_linux-lts-utopic: DNE
293
 
devel_linux-lts-utopic: DNE
294
 
 
295
 
Patches_linux-lts-vivid:
296
 
upstream_linux-lts-vivid: released (4.6~rc2)
297
 
precise_linux-lts-vivid: DNE
298
 
precise/esm_linux-lts-vivid: DNE
299
 
trusty_linux-lts-vivid: released (3.19.0-64.72~14.04.1)
300
 
vivid/ubuntu-core_linux-lts-vivid: DNE
301
 
vivid/stable-phone-overlay_linux-lts-vivid: DNE
302
 
wily_linux-lts-vivid: DNE
303
 
xenial_linux-lts-vivid: DNE
304
 
yakkety_linux-lts-vivid: DNE
305
 
zesty_linux-lts-vivid: DNE
306
 
devel_linux-lts-vivid: DNE
307
 
 
308
 
Patches_linux-lts-wily:
309
 
upstream_linux-lts-wily: released (4.6~rc2)
310
 
precise_linux-lts-wily: DNE
311
 
precise/esm_linux-lts-wily: DNE
312
 
trusty_linux-lts-wily: released (4.2.0-41.48~14.04.1)
313
 
vivid/ubuntu-core_linux-lts-wily: DNE
314
 
vivid/stable-phone-overlay_linux-lts-wily: DNE
315
 
wily_linux-lts-wily: DNE
316
 
xenial_linux-lts-wily: DNE
317
 
yakkety_linux-lts-wily: DNE
318
 
zesty_linux-lts-wily: DNE
319
 
devel_linux-lts-wily: DNE
320
 
 
321
 
Patches_linux-krillin:
322
 
product_linux-krillin: ignored (was needed now end-of-life)
323
 
 
324
 
Patches_linux-vegetahd:
325
 
product_linux-vegetahd: ignored (was needed now end-of-life)
326
 
 
327
 
Patches_linux-lts-xenial:
328
 
upstream_linux-lts-xenial: released (4.6~rc2)
329
 
precise_linux-lts-xenial: DNE
330
 
precise/esm_linux-lts-xenial: DNE
331
 
trusty_linux-lts-xenial: released (4.4.0-28.47~14.04.1)
332
 
vivid/ubuntu-core_linux-lts-xenial: DNE
333
 
vivid/stable-phone-overlay_linux-lts-xenial: DNE
334
 
wily_linux-lts-xenial: DNE
335
 
xenial_linux-lts-xenial: DNE
336
 
yakkety_linux-lts-xenial: DNE
337
 
zesty_linux-lts-xenial: DNE
338
 
devel_linux-lts-xenial: DNE
339
 
 
340
 
Patches_linux-snapdragon:
341
 
upstream_linux-snapdragon: released (4.6~rc2)
342
 
precise_linux-snapdragon: DNE
343
 
precise/esm_linux-snapdragon: DNE
344
 
trusty_linux-snapdragon: DNE
345
 
vivid/ubuntu-core_linux-snapdragon: DNE
346
 
vivid/stable-phone-overlay_linux-snapdragon: DNE
347
 
wily_linux-snapdragon: DNE
348
 
xenial_linux-snapdragon: released (4.4.0-1019.22)
349
 
yakkety_linux-snapdragon: not-affected (4.4.0-1019.22)
350
 
zesty_linux-snapdragon: not-affected (4.4.0-1029.32)
351
 
devel_linux-snapdragon: not-affected (4.4.0-1050.54)
352
 
 
353
 
Patches_linux-aws:
354
 
upstream_linux-aws: released (4.6~rc2)
355
 
precise_linux-aws: DNE
356
 
precise/esm_linux-aws: DNE
357
 
trusty_linux-aws: not-affected (4.4.0-1002.2)
358
 
vivid/ubuntu-core_linux-aws: DNE
359
 
vivid/stable-phone-overlay_linux-aws: DNE
360
 
xenial_linux-aws: not-affected (4.4.0-1001.10)
361
 
yakkety_linux-aws: DNE
362
 
zesty_linux-aws: DNE
363
 
devel_linux-aws: DNE
364
 
 
365
 
Patches_linux-hwe-edge:
366
 
upstream_linux-hwe-edge: released (4.6~rc2)
367
 
precise_linux-hwe-edge: DNE
368
 
precise/esm_linux-hwe-edge: DNE
369
 
trusty_linux-hwe-edge: DNE
370
 
vivid/ubuntu-core_linux-hwe-edge: DNE
371
 
vivid/stable-phone-overlay_linux-hwe-edge: DNE
372
 
xenial_linux-hwe-edge: not-affected (4.8.0-28.30~16.04.1)
373
 
yakkety_linux-hwe-edge: DNE
374
 
zesty_linux-hwe-edge: DNE
375
 
devel_linux-hwe-edge: DNE
376
 
 
377
 
Patches_linux-hwe:
378
 
upstream_linux-hwe: released (4.6~rc2)
379
 
precise_linux-hwe: DNE
380
 
precise/esm_linux-hwe: DNE
381
 
trusty_linux-hwe: DNE
382
 
vivid/ubuntu-core_linux-hwe: DNE
383
 
vivid/stable-phone-overlay_linux-hwe: DNE
384
 
xenial_linux-hwe: not-affected (4.8.0-36.36~16.04.1)
385
 
yakkety_linux-hwe: DNE
386
 
zesty_linux-hwe: DNE
387
 
devel_linux-hwe: DNE
388
 
 
389
 
Patches_linux-gke:
390
 
upstream_linux-gke: released (4.6~rc2)
391
 
precise_linux-gke: DNE
392
 
precise/esm_linux-gke: DNE
393
 
trusty_linux-gke: DNE
394
 
vivid/ubuntu-core_linux-gke: DNE
395
 
vivid/stable-phone-overlay_linux-gke: DNE
396
 
xenial_linux-gke: not-affected (4.4.0-1003.3)
397
 
yakkety_linux-gke: DNE
398
 
zesty_linux-gke: DNE
399
 
devel_linux-gke: DNE