CVE-2014-0077

Priority
Medium
Description
drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable
buffers are disabled, does not properly validate packet lengths, which
allows guest OS users to cause a denial of service (memory corruption and
host OS crash) or possibly gain privileges on the host OS via crafted
packets, related to the handle_rx and get_rx_bufs functions.
Ubuntu-Description
A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS.
References
Bugs
Notes
 jdstrand> android kernels (goldfish, grouper, maguro, mako and manta) are not
  supported on the Ubuntu Touch 13.10 preview kernels
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.13.0-27.50~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.2.0-18.22~14.04.1)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
linux-vegetahd:needed
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.5.0-51.76~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Patches:
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-63.95)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.13.0-27.50)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:not-affected (3.16.0-23.31)
Ubuntu 15.10 (Wily Werewolf):not-affected (3.19.0-15.15)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Ubuntu 16.10 (Yakkety Yak):not-affected (4.4.0-21.37)
Patches:
Introduced by 8dd014adfea6f173c1ef6378f7e5e7924866c923Fixed by d8316f3991d207fe32881a9ac20241be8fa2bad0
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-1446.65)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.8.0-41.60~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-1633.47)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.4.0-13.29~14.04.1)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.11.0-22.38~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):needed
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.19.0-18.18~14.04.1)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:released (4.2.0-1014.21)
Ubuntu 15.10 (Wily Werewolf):not-affected (4.2.0-1008.12)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1014.21)
Ubuntu 16.10 (Yakkety Yak):not-affected (4.2.0-1014.21)
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 16.10 (Yakkety Yak):not-affected
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 16.10 (Yakkety Yak):needed
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.16.0-25.33~14.04.2)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 16.10 (Yakkety Yak):needed
Package
linux-krillin:needed
Package
Upstream:released (3.14)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 16.10 (Yakkety Yak):needed
More Information

Updated: 2016-05-06 17:15:00 UTC (commit 10999)