CVE-2014-0038
Publication date 30 January 2014
Last updated 24 July 2024
Ubuntu priority
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
From the Ubuntu Security Team
Pageexec reported a bug in the Linux kernel’s recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrator privileges.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 13.10 saucy |
Fixed 3.11.0-15.25
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
linux-armadaxp | 13.10 saucy | Not in release |
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid | Not in release | |
linux-ec2 | 13.10 saucy | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid |
Not affected
|
|
linux-fsl-imx51 | 13.10 saucy | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Ignored end of life | |
linux-goldfish | 13.10 saucy |
Not affected
|
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Not in release | |
linux-grouper | 13.10 saucy |
Not affected
|
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Not in release | |
linux-linaro-omap | 13.10 saucy | Not in release |
12.10 quantal | Ignored end of life | |
12.04 LTS precise | Ignored end of life | |
10.04 LTS lucid | Not in release | |
linux-linaro-shared | 13.10 saucy | Not in release |
12.10 quantal | Ignored end of life | |
12.04 LTS precise | Ignored end of life | |
10.04 LTS lucid | Not in release | |
linux-linaro-vexpress | 13.10 saucy | Not in release |
12.10 quantal | Ignored end of life | |
12.04 LTS precise | Ignored end of life | |
10.04 LTS lucid | Not in release | |
linux-lts-quantal | 13.10 saucy | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid | Not in release | |
linux-lts-raring | 13.10 saucy | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise |
Fixed 3.8.0-35.52~precise1
|
|
10.04 LTS lucid | Not in release | |
linux-lts-saucy | 13.10 saucy | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise |
Fixed 3.11.0-15.25~precise1
|
|
10.04 LTS lucid | Not in release | |
linux-maguro | 13.10 saucy |
Not affected
|
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Not in release | |
linux-mako | 13.10 saucy |
Not affected
|
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Not in release | |
linux-manta | 13.10 saucy |
Not affected
|
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Not in release | |
linux-mvl-dove | 13.10 saucy | Not in release |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Ignored end of life | |
linux-qcm-msm | 13.10 saucy | Not in release |
12.10 quantal | Ignored end of life | |
12.04 LTS precise | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
linux-ti-omap4 | 13.10 saucy |
Not affected
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid | Not in release |
Notes
References
Related Ubuntu Security Notices (USN)
- USN-2095-1
- Linux kernel (Saucy HWE) vulnerability
- 31 January 2014
- USN-2096-1
- Linux kernel vulnerability
- 31 January 2014
- USN-2094-1
- Linux kernel (Raring HWE) vulnerability
- 31 January 2014