CVE-2016-2550

Priority
Medium
Description
The Linux kernel before 4.5 allows local users to bypass file-descriptor
limits and cause a denial of service (memory consumption) by leveraging
incorrect tracking of descriptor ownership and sending each descriptor over
a UNIX socket before closing it. NOTE: this vulnerability exists because of
an incorrect fix for CVE-2013-4312.
Ubuntu-Description
David Herrmann discovered that the Linux kernel incorrectly accounted file
descriptors to the original opener for in-flight file descriptors sent over
a unix domain socket. A local attacker could use this to cause a denial of
service (resource exhaustion).
References
Bugs
Notes
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
 jdstrand> linux-lts-saucy no longer receives official support
 jdstrand> linux-lts-quantal no longer receives official support
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):released (4.2.0-35.40~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
linux-vegetahd:not-affected
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Patches:
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.13.0-85.129)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-11.26)
Ubuntu 17.04 (Zesty Zapus):not-affected (4.8.0-22.24)
Patches:
Introduced by 712f4aad406bb1ed67f3f98d04c044191f0ff593Fixed by 415e3d3e90ce9e18727e8843ae343eda5a58fad6
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.4.0-13.29~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-28.30~16.04.1)
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.19.0-58.64~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1004.5)
Ubuntu 17.04 (Zesty Zapus):not-affected (4.8.0-1013.15)
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Ubuntu 17.04 (Zesty Zapus):not-affected (4.4.0-1029.32)
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 17.04 (Zesty Zapus):not-affected
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.16.0-69.89~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 17.04 (Zesty Zapus):not-affected
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Ubuntu 17.04 (Zesty Zapus):DNE
Package
linux-krillin:not-affected
Package
Upstream:released (4.5~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 17.04 (Zesty Zapus):not-affected
More Information

Updated: 2017-11-06 19:18:35 UTC (commit 13639)