CVE-2014-0038

Priority
Critical
Description
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before
3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain
privileges via a recvmmsg system call with a crafted timeout pointer
parameter.
Ubuntu-Description
Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges.
References
Bugs
Notes
jj> x32 abi enabled kernels only: CONFIG_X86_X32 && ld can build x32
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (x32 only)
Ubuntu 12.10 (Quantal Quetzal):not-affected (x32 only)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (x32 only)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):not-affected (x32 only)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (x32 only)
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 12.10 (Quantal Quetzal):ignored (abandoned)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 12.10 (Quantal Quetzal):ignored (abandoned)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.14~rc1)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (abandoned)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 12.10 (Quantal Quetzal):ignored (abandoned)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):not-affected (x32 only)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (x32 only)
Package
Upstream:released (3.14~rc1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (CONFIG_X86_X32 is not set)
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Patches:
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):not-affected (x32 only)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (x32 only)
Package
Upstream:released (3.14~rc1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.11.0-15.25~precise1)
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.14~rc1)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected (CONFIG_X86_X32 is not set)
Ubuntu 13.10 (Saucy Salamander):released (3.11.0-15.25)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.13.0-7.26)
Patches:
Introduced by ee4fa23c4bfcc635d077a9633d405610de45bc70Fixed by 2def2ef2ae5f3990aabdbe8a755911902707d268
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):not-affected (x32 only)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (x32 only)
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (x32 only)
Ubuntu 12.10 (Quantal Quetzal):not-affected (x32 only)
Ubuntu 13.10 (Saucy Salamander):not-affected (x32 only)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 12.10 (Quantal Quetzal):ignored (abandoned)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life, does not affect buildd)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.14~rc1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.8.0-35.52~precise1)
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected (x32 only)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):not-affected (x32 only)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (x32 only)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-02-14 14:14:55 UTC (commit 7751)