← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2016-7917

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2016-7917
1
 
PublicDateAtUSN: 2016-11-16
2
 
Candidate: CVE-2016-7917
3
 
PublicDate: 2016-11-16
4
 
References:
5
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7917
6
 
 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241
7
 
 http://source.android.com/security/bulletin/2016-11-01.html
8
 
 https://github.com/torvalds/linux/commit/c58d6c93680f28ac58984af61d0a7ebf4319c241
9
 
 https://usn.ubuntu.com/usn/usn-3312-1
10
 
 https://usn.ubuntu.com/usn/usn-3312-2
11
 
Description:
12
 
 The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux
13
 
 kernel before 4.5 does not check whether a batch message's length field is
14
 
 large enough, which allows local users to obtain sensitive information from
15
 
 kernel memory or cause a denial of service (infinite loop or out-of-bounds
16
 
 read) by leveraging the CAP_NET_ADMIN capability.
17
 
Ubuntu-Description:
18
 
 It was discovered that the netfilter netlink implementation in the Linux
19
 
 kernel did not properly validate batch messages. A local attacker with the
20
 
 CAP_NET_ADMIN capability could use this to expose sensitive information or
21
 
 cause a denial of service.
22
 
Notes:
23
 
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
24
 
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
25
 
 jdstrand> linux-lts-saucy no longer receives official support
26
 
 jdstrand> linux-lts-quantal no longer receives official support
27
 
 sbeattie> requires CAP_NET_ADMIN to exploit
28
 
Bugs:
29
 
Priority: low
30
 
Discovered-by:
31
 
Assigned-to:
32
 
 
33
 
Patches_linux:
34
 
 break-fix: 9ea2aa8b7dba9e99544c4187cc298face254569f c58d6c93680f28ac58984af61d0a7ebf4319c241
35
 
upstream_linux: released (4.5~rc6)
36
 
precise_linux: not-affected
37
 
precise/esm_linux: not-affected
38
 
trusty_linux: not-affected
39
 
vivid/ubuntu-core_linux: ignored (was needed ESM criteria)
40
 
vivid/stable-phone-overlay_linux: DNE
41
 
xenial_linux: released (4.4.0-79.100)
42
 
yakkety_linux: not-affected (4.8.0-11.12)
43
 
zesty_linux: not-affected (4.8.0-22.24)
44
 
artful_linux: not-affected (4.10.0-19.21)
45
 
devel_linux: not-affected (4.13.0-16.19)
46
 
 
47
 
Patches_linux-ti-omap4:
48
 
upstream_linux-ti-omap4: released (4.5~rc6)
49
 
precise_linux-ti-omap4: not-affected
50
 
precise/esm_linux-ti-omap4: DNE (precise was not-affected)
51
 
trusty_linux-ti-omap4: DNE
52
 
vivid/ubuntu-core_linux-ti-omap4: DNE
53
 
vivid/stable-phone-overlay_linux-ti-omap4: DNE
54
 
xenial_linux-ti-omap4: DNE
55
 
yakkety_linux-ti-omap4: DNE
56
 
zesty_linux-ti-omap4: DNE
57
 
artful_linux-ti-omap4: DNE
58
 
devel_linux-ti-omap4: DNE
59
 
 
60
 
Patches_linux-linaro-omap:
61
 
upstream_linux-linaro-omap: released (4.5~rc6)
62
 
precise_linux-linaro-omap: ignored (abandoned)
63
 
precise/esm_linux-linaro-omap: DNE (precise was ignored [abandoned])
64
 
trusty_linux-linaro-omap: DNE
65
 
vivid/ubuntu-core_linux-linaro-omap: DNE
66
 
vivid/stable-phone-overlay_linux-linaro-omap: DNE
67
 
xenial_linux-linaro-omap: DNE
68
 
yakkety_linux-linaro-omap: DNE
69
 
zesty_linux-linaro-omap: DNE
70
 
artful_linux-linaro-omap: DNE
71
 
devel_linux-linaro-omap: DNE
72
 
 
73
 
Patches_linux-linaro-shared:
74
 
upstream_linux-linaro-shared: released (4.5~rc6)
75
 
precise_linux-linaro-shared: ignored (abandoned)
76
 
precise/esm_linux-linaro-shared: DNE (precise was ignored [abandoned])
77
 
trusty_linux-linaro-shared: DNE
78
 
vivid/ubuntu-core_linux-linaro-shared: DNE
79
 
vivid/stable-phone-overlay_linux-linaro-shared: DNE
80
 
xenial_linux-linaro-shared: DNE
81
 
yakkety_linux-linaro-shared: DNE
82
 
zesty_linux-linaro-shared: DNE
83
 
artful_linux-linaro-shared: DNE
84
 
devel_linux-linaro-shared: DNE
85
 
 
86
 
Patches_linux-linaro-vexpress:
87
 
upstream_linux-linaro-vexpress: released (4.5~rc6)
88
 
precise_linux-linaro-vexpress: ignored (abandoned)
89
 
precise/esm_linux-linaro-vexpress: DNE (precise was ignored [abandoned])
90
 
trusty_linux-linaro-vexpress: DNE
91
 
vivid/ubuntu-core_linux-linaro-vexpress: DNE
92
 
vivid/stable-phone-overlay_linux-linaro-vexpress: DNE
93
 
xenial_linux-linaro-vexpress: DNE
94
 
yakkety_linux-linaro-vexpress: DNE
95
 
zesty_linux-linaro-vexpress: DNE
96
 
artful_linux-linaro-vexpress: DNE
97
 
devel_linux-linaro-vexpress: DNE
98
 
 
99
 
Patches_linux-qcm-msm:
100
 
upstream_linux-qcm-msm: released (4.5~rc6)
101
 
precise_linux-qcm-msm: ignored (abandoned)
102
 
precise/esm_linux-qcm-msm: DNE (precise was ignored [abandoned])
103
 
trusty_linux-qcm-msm: DNE
104
 
vivid/ubuntu-core_linux-qcm-msm: DNE
105
 
vivid/stable-phone-overlay_linux-qcm-msm: DNE
106
 
xenial_linux-qcm-msm: DNE
107
 
yakkety_linux-qcm-msm: DNE
108
 
zesty_linux-qcm-msm: DNE
109
 
artful_linux-qcm-msm: DNE
110
 
devel_linux-qcm-msm: DNE
111
 
 
112
 
Tags_linux-armadaxp: not-ue
113
 
Patches_linux-armadaxp:
114
 
upstream_linux-armadaxp: released (4.5~rc6)
115
 
precise_linux-armadaxp: not-affected
116
 
precise/esm_linux-armadaxp: DNE (precise was not-affected)
117
 
trusty_linux-armadaxp: DNE
118
 
vivid/ubuntu-core_linux-armadaxp: DNE
119
 
vivid/stable-phone-overlay_linux-armadaxp: DNE
120
 
xenial_linux-armadaxp: DNE
121
 
yakkety_linux-armadaxp: DNE
122
 
zesty_linux-armadaxp: DNE
123
 
artful_linux-armadaxp: DNE
124
 
devel_linux-armadaxp: DNE
125
 
 
126
 
Tags_linux-lts-quantal: not-ue
127
 
Patches_linux-lts-quantal: DNE
128
 
upstream_linux-lts-quantal: released (4.5~rc6)
129
 
precise_linux-lts-quantal: ignored (end-of-life)
130
 
precise/esm_linux-lts-quantal: DNE (precise was ignored [end-of-life])
131
 
trusty_linux-lts-quantal: DNE
132
 
vivid/ubuntu-core_linux-lts-quantal: DNE
133
 
vivid/stable-phone-overlay_linux-lts-quantal: DNE
134
 
xenial_linux-lts-quantal: DNE
135
 
yakkety_linux-lts-quantal: DNE
136
 
zesty_linux-lts-quantal: DNE
137
 
artful_linux-lts-quantal: DNE
138
 
devel_linux-lts-quantal: DNE
139
 
 
140
 
Patches_linux-lts-raring:
141
 
upstream_linux-lts-raring: released (4.5~rc6)
142
 
precise_linux-lts-raring: ignored (end-of-life)
143
 
precise/esm_linux-lts-raring: DNE (precise was ignored [end-of-life])
144
 
trusty_linux-lts-raring: DNE
145
 
vivid/ubuntu-core_linux-lts-raring: DNE
146
 
vivid/stable-phone-overlay_linux-lts-raring: DNE
147
 
xenial_linux-lts-raring: DNE
148
 
yakkety_linux-lts-raring: DNE
149
 
zesty_linux-lts-raring: DNE
150
 
artful_linux-lts-raring: DNE
151
 
devel_linux-lts-raring: DNE
152
 
 
153
 
Tags_linux-lts-saucy: not-ue
154
 
Patches_linux-lts-saucy:
155
 
upstream_linux-lts-saucy: released (4.5~rc6)
156
 
precise_linux-lts-saucy: ignored (end-of-life)
157
 
precise/esm_linux-lts-saucy: DNE (precise was ignored [end-of-life])
158
 
trusty_linux-lts-saucy: DNE
159
 
vivid/ubuntu-core_linux-lts-saucy: DNE
160
 
vivid/stable-phone-overlay_linux-lts-saucy: DNE
161
 
xenial_linux-lts-saucy: DNE
162
 
yakkety_linux-lts-saucy: DNE
163
 
zesty_linux-lts-saucy: DNE
164
 
artful_linux-lts-saucy: DNE
165
 
devel_linux-lts-saucy: DNE
166
 
 
167
 
Patches_linux-lts-trusty:
168
 
upstream_linux-lts-trusty: released (4.5~rc6)
169
 
precise_linux-lts-trusty: not-affected
170
 
precise/esm_linux-lts-trusty: not-affected
171
 
trusty_linux-lts-trusty: DNE
172
 
vivid/ubuntu-core_linux-lts-trusty: DNE
173
 
vivid/stable-phone-overlay_linux-lts-trusty: DNE
174
 
xenial_linux-lts-trusty: DNE
175
 
yakkety_linux-lts-trusty: DNE
176
 
zesty_linux-lts-trusty: DNE
177
 
artful_linux-lts-trusty: DNE
178
 
devel_linux-lts-trusty: DNE
179
 
 
180
 
Patches_linux-goldfish:
181
 
upstream_linux-goldfish: released (4.5~rc6)
182
 
precise_linux-goldfish: DNE
183
 
precise/esm_linux-goldfish: DNE
184
 
trusty_linux-goldfish: ignored
185
 
vivid/ubuntu-core_linux-goldfish: DNE
186
 
vivid/stable-phone-overlay_linux-goldfish: DNE
187
 
xenial_linux-goldfish: not-affected
188
 
yakkety_linux-goldfish: not-affected
189
 
zesty_linux-goldfish: not-affected
190
 
artful_linux-goldfish: DNE
191
 
devel_linux-goldfish: DNE
192
 
 
193
 
Patches_linux-grouper:
194
 
upstream_linux-grouper: released (4.5~rc6)
195
 
precise_linux-grouper: DNE
196
 
precise/esm_linux-grouper: DNE
197
 
trusty_linux-grouper: ignored
198
 
vivid/ubuntu-core_linux-grouper: DNE
199
 
vivid/stable-phone-overlay_linux-grouper: DNE
200
 
xenial_linux-grouper: DNE
201
 
yakkety_linux-grouper: DNE
202
 
zesty_linux-grouper: DNE
203
 
artful_linux-grouper: DNE
204
 
devel_linux-grouper: DNE
205
 
 
206
 
Patches_linux-maguro:
207
 
upstream_linux-maguro: released (4.5~rc6)
208
 
precise_linux-maguro: DNE
209
 
precise/esm_linux-maguro: DNE
210
 
trusty_linux-maguro: ignored
211
 
vivid/ubuntu-core_linux-maguro: DNE
212
 
vivid/stable-phone-overlay_linux-maguro: DNE
213
 
xenial_linux-maguro: DNE
214
 
yakkety_linux-maguro: DNE
215
 
zesty_linux-maguro: DNE
216
 
artful_linux-maguro: DNE
217
 
devel_linux-maguro: DNE
218
 
 
219
 
Patches_linux-mako:
220
 
upstream_linux-mako: released (4.5~rc6)
221
 
precise_linux-mako: DNE
222
 
precise/esm_linux-mako: DNE
223
 
trusty_linux-mako: ignored
224
 
vivid/ubuntu-core_linux-mako: DNE
225
 
vivid/stable-phone-overlay_linux-mako: not-affected
226
 
xenial_linux-mako: not-affected
227
 
yakkety_linux-mako: not-affected
228
 
zesty_linux-mako: DNE
229
 
artful_linux-mako: DNE
230
 
devel_linux-mako: DNE
231
 
 
232
 
Patches_linux-manta:
233
 
upstream_linux-manta: released (4.5~rc6)
234
 
precise_linux-manta: DNE
235
 
precise/esm_linux-manta: DNE
236
 
trusty_linux-manta: ignored
237
 
vivid/ubuntu-core_linux-manta: DNE
238
 
vivid/stable-phone-overlay_linux-manta: DNE
239
 
xenial_linux-manta: DNE
240
 
yakkety_linux-manta: DNE
241
 
zesty_linux-manta: DNE
242
 
artful_linux-manta: DNE
243
 
devel_linux-manta: DNE
244
 
 
245
 
Patches_linux-flo:
246
 
upstream_linux-flo: released (4.5~rc6)
247
 
precise_linux-flo: DNE
248
 
precise/esm_linux-flo: DNE
249
 
trusty_linux-flo: ignored
250
 
vivid/ubuntu-core_linux-flo: DNE
251
 
vivid/stable-phone-overlay_linux-flo: not-affected
252
 
xenial_linux-flo: not-affected
253
 
yakkety_linux-flo: not-affected
254
 
zesty_linux-flo: DNE
255
 
artful_linux-flo: DNE
256
 
devel_linux-flo: DNE
257
 
 
258
 
Patches_linux-raspi2:
259
 
upstream_linux-raspi2: released (4.5~rc6)
260
 
precise_linux-raspi2: DNE
261
 
precise/esm_linux-raspi2: DNE
262
 
trusty_linux-raspi2: DNE
263
 
vivid/ubuntu-core_linux-raspi2: ignored (was pending now end-of-life)
264
 
vivid/stable-phone-overlay_linux-raspi2: DNE
265
 
xenial_linux-raspi2: released (4.4.0-1057.64)
266
 
yakkety_linux-raspi2: not-affected (4.8.0-1012.14)
267
 
zesty_linux-raspi2: not-affected (4.8.0-1013.15)
268
 
artful_linux-raspi2: not-affected (4.10.0-1004.6)
269
 
devel_linux-raspi2: not-affected (4.13.0-1005.5)
270
 
 
271
 
Patches_linux-lts-utopic:
272
 
upstream_linux-lts-utopic: released (4.5~rc6)
273
 
precise_linux-lts-utopic: DNE
274
 
precise/esm_linux-lts-utopic: DNE
275
 
trusty_linux-lts-utopic: ignored (end-of-life)
276
 
vivid/ubuntu-core_linux-lts-utopic: DNE
277
 
vivid/stable-phone-overlay_linux-lts-utopic: DNE
278
 
xenial_linux-lts-utopic: DNE
279
 
yakkety_linux-lts-utopic: DNE
280
 
zesty_linux-lts-utopic: DNE
281
 
artful_linux-lts-utopic: DNE
282
 
devel_linux-lts-utopic: DNE
283
 
 
284
 
Patches_linux-lts-vivid:
285
 
upstream_linux-lts-vivid: released (4.5~rc6)
286
 
precise_linux-lts-vivid: DNE
287
 
precise/esm_linux-lts-vivid: DNE
288
 
trusty_linux-lts-vivid: ignored (was needed now end-of-life)
289
 
vivid/ubuntu-core_linux-lts-vivid: DNE
290
 
vivid/stable-phone-overlay_linux-lts-vivid: DNE
291
 
xenial_linux-lts-vivid: DNE
292
 
yakkety_linux-lts-vivid: DNE
293
 
zesty_linux-lts-vivid: DNE
294
 
artful_linux-lts-vivid: DNE
295
 
devel_linux-lts-vivid: DNE
296
 
 
297
 
Patches_linux-lts-wily:
298
 
upstream_linux-lts-wily: released (4.5~rc6)
299
 
precise_linux-lts-wily: DNE
300
 
precise/esm_linux-lts-wily: DNE
301
 
trusty_linux-lts-wily: ignored (end-of-life)
302
 
vivid/ubuntu-core_linux-lts-wily: DNE
303
 
vivid/stable-phone-overlay_linux-lts-wily: DNE
304
 
xenial_linux-lts-wily: DNE
305
 
yakkety_linux-lts-wily: DNE
306
 
zesty_linux-lts-wily: DNE
307
 
artful_linux-lts-wily: DNE
308
 
devel_linux-lts-wily: DNE
309
 
 
310
 
Patches_linux-krillin:
311
 
product_linux-krillin: not-affected
312
 
 
313
 
Patches_linux-vegetahd:
314
 
product_linux-vegetahd: not-affected
315
 
 
316
 
Patches_linux-lts-xenial:
317
 
upstream_linux-lts-xenial: released (4.5~rc6)
318
 
precise_linux-lts-xenial: DNE
319
 
precise/esm_linux-lts-xenial: DNE
320
 
trusty_linux-lts-xenial: released (4.4.0-79.100~14.04.1)
321
 
vivid/ubuntu-core_linux-lts-xenial: DNE
322
 
vivid/stable-phone-overlay_linux-lts-xenial: DNE
323
 
xenial_linux-lts-xenial: DNE
324
 
yakkety_linux-lts-xenial: DNE
325
 
zesty_linux-lts-xenial: DNE
326
 
artful_linux-lts-xenial: DNE
327
 
devel_linux-lts-xenial: DNE
328
 
 
329
 
Patches_linux-snapdragon:
330
 
upstream_linux-snapdragon: released (4.5~rc6)
331
 
precise_linux-snapdragon: DNE
332
 
precise/esm_linux-snapdragon: DNE
333
 
trusty_linux-snapdragon: DNE
334
 
vivid/ubuntu-core_linux-snapdragon: DNE
335
 
vivid/stable-phone-overlay_linux-snapdragon: DNE
336
 
xenial_linux-snapdragon: released (4.4.0-1059.63)
337
 
yakkety_linux-snapdragon: released (4.4.0-1059.63)
338
 
zesty_linux-snapdragon: released (4.4.0-1059.63)
339
 
artful_linux-snapdragon: not-affected (4.4.0-1059.63)
340
 
devel_linux-snapdragon: not-affected (4.4.0-1077.82)
341
 
 
342
 
Patches_linux-aws:
343
 
upstream_linux-aws: released (4.5~rc6)
344
 
precise_linux-aws: DNE
345
 
precise/esm_linux-aws: DNE
346
 
trusty_linux-aws: not-affected (4.4.0-1002.2)
347
 
vivid/ubuntu-core_linux-aws: DNE
348
 
vivid/stable-phone-overlay_linux-aws: DNE
349
 
xenial_linux-aws: released (4.4.0-1018.27)
350
 
yakkety_linux-aws: DNE
351
 
zesty_linux-aws: DNE
352
 
artful_linux-aws: DNE
353
 
devel_linux-aws: DNE
354
 
 
355
 
Patches_linux-hwe-edge:
356
 
upstream_linux-hwe-edge: released (4.5~rc6)
357
 
precise_linux-hwe-edge: DNE
358
 
precise/esm_linux-hwe-edge: DNE
359
 
trusty_linux-hwe-edge: DNE
360
 
vivid/ubuntu-core_linux-hwe-edge: DNE
361
 
vivid/stable-phone-overlay_linux-hwe-edge: DNE
362
 
xenial_linux-hwe-edge: not-affected (4.8.0-28.30~16.04.1)
363
 
yakkety_linux-hwe-edge: DNE
364
 
zesty_linux-hwe-edge: DNE
365
 
artful_linux-hwe-edge: DNE
366
 
devel_linux-hwe-edge: DNE
367
 
 
368
 
Patches_linux-hwe:
369
 
upstream_linux-hwe: released (4.5~rc6)
370
 
precise_linux-hwe: DNE
371
 
precise/esm_linux-hwe: DNE
372
 
trusty_linux-hwe: DNE
373
 
vivid/ubuntu-core_linux-hwe: DNE
374
 
vivid/stable-phone-overlay_linux-hwe: DNE
375
 
xenial_linux-hwe: not-affected (4.8.0-36.36~16.04.1)
376
 
yakkety_linux-hwe: DNE
377
 
zesty_linux-hwe: DNE
378
 
artful_linux-hwe: DNE
379
 
devel_linux-hwe: DNE
380
 
 
381
 
Patches_linux-gke:
382
 
upstream_linux-gke: released (4.5~rc6)
383
 
precise_linux-gke: DNE
384
 
precise/esm_linux-gke: DNE
385
 
trusty_linux-gke: DNE
386
 
vivid/ubuntu-core_linux-gke: DNE
387
 
vivid/stable-phone-overlay_linux-gke: DNE
388
 
xenial_linux-gke: released (4.4.0-1014.14)
389
 
yakkety_linux-gke: DNE
390
 
zesty_linux-gke: DNE
391
 
artful_linux-gke: DNE
392
 
devel_linux-gke: DNE
393
 
 
394
 
Patches_linux-azure:
395
 
upstream_linux-azure: released (4.5~rc6)
396
 
precise/esm_linux-azure: DNE
397
 
trusty_linux-azure: DNE
398
 
vivid/ubuntu-core_linux-azure: DNE
399
 
vivid/stable-phone-overlay_linux-azure: DNE
400
 
xenial_linux-azure: not-affected (4.11.0-1009.9)
401
 
yakkety_linux-azure: DNE
402
 
zesty_linux-azure: DNE
403
 
artful_linux-azure: DNE
404
 
devel_linux-azure: DNE
405
 
 
406
 
 
407
 
Patches_linux-gcp:
408
 
upstream_linux-gcp: released (4.5~rc6)
409
 
precise/esm_linux-gcp: DNE
410
 
trusty_linux-gcp: DNE
411
 
vivid/ubuntu-core_linux-gcp: DNE
412
 
xenial_linux-gcp: not-affected (4.10.0-1004.4)
413
 
yakkety_linux-gcp: DNE
414
 
zesty_linux-gcp: DNE
415
 
artful_linux-gcp: DNE
416
 
devel_linux-gcp: DNE
417
 
 
418
 
Patches_linux-kvm:
419
 
upstream_linux-kvm: released (4.5~rc6)
420
 
precise/esm_linux-kvm: DNE
421
 
trusty_linux-kvm: DNE
422
 
vivid/ubuntu-core_linux-kvm: DNE
423
 
xenial_linux-kvm: not-affected (4.4.0-1004.9)
424
 
zesty_linux-kvm: DNE
425
 
artful_linux-kvm: DNE
426
 
devel_linux-kvm: DNE
427
 
 
428
 
Patches_linux-euclid:
429
 
upstream_linux-euclid: released (4.5~rc6)
430
 
precise/esm_linux-euclid: DNE
431
 
trusty_linux-euclid: DNE
432
 
vivid/ubuntu-core_linux-euclid: DNE
433
 
xenial_linux-euclid: ignored (was needed ESM criteria)
434
 
zesty_linux-euclid: DNE
435
 
artful_linux-euclid: DNE
436
 
devel_linux-euclid: DNE
437
 
 
438
 
Patches_linux-oem:
439
 
upstream_linux-oem: released (4.5~rc6)
440
 
precise/esm_linux-oem: DNE
441
 
trusty_linux-oem: DNE
442
 
xenial_linux-oem: not-affected (4.13.0-1008.9)
443
 
zesty_linux-oem: DNE
444
 
artful_linux-oem: DNE
445
 
devel_linux-oem: DNE