PublicDateAtUSN: 2018-06-26
Candidate: CVE-2018-1000204
PublicDate: 2018-06-26 14:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000204
 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a45b599ad808c3c982fdcdc12b0b8611c2f92824
 https://ubuntu.com/security/notices/USN-3696-1
 https://ubuntu.com/security/notices/USN-3696-2
 https://ubuntu.com/security/notices/USN-3752-1
 https://ubuntu.com/security/notices/USN-3752-2
 https://ubuntu.com/security/notices/USN-3754-1
 https://ubuntu.com/security/notices/USN-3752-3
Description:
 ** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles an
 SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty
 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the
 userspace. This has been fixed upstream in
 https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824
 already. The problem has limited scope, as users don't usually have
 permissions to access SCSI devices. On the other hand, e.g. the Nero user
 manual suggests doing `chmod o+r+w /dev/sg*` to make the devices
 accessible. NOTE: third parties dispute the relevance of this report,
 noting that the requirement for an attacker to have both the CAP_SYS_ADMIN
 and CAP_SYS_RAWIO capabilities makes it "virtually impossible to exploit."
Ubuntu-Description:
 It was discovered that an information leak existed in the generic SCSI
 driver in the Linux kernel. A local attacker could use this to expose
 sensitive information (kernel memory).
Notes:
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N [5.3 MEDIUM]

Patches_linux:
 break-fix: - a45b599ad808c3c982fdcdc12b0b8611c2f92824
upstream_linux: released (4.17~rc7)
precise/esm_linux: ignored (was needed ESM criteria)
trusty_linux: released (3.13.0-157.207)
trusty/esm_linux: released (3.13.0-157.207)
xenial_linux: released (4.4.0-130.156)
esm-infra/xenial_linux: released (4.4.0-130.156)
artful_linux: ignored (reached end-of-life)
bionic_linux: released (4.15.0-33.36)
cosmic_linux: not-affected (4.17.0-6.7)
devel_linux: not-affected (4.18.0-10.11)

Patches_linux-lts-trusty:
upstream_linux-lts-trusty: released (4.17~rc7)
precise/esm_linux-lts-trusty: ignored (was needed ESM criteria)
trusty_linux-lts-trusty: DNE
trusty/esm_linux-lts-trusty: DNE
xenial_linux-lts-trusty: DNE
artful_linux-lts-trusty: DNE
bionic_linux-lts-trusty: DNE
cosmic_linux-lts-trusty: DNE
devel_linux-lts-trusty: DNE

Patches_linux-goldfish:
upstream_linux-goldfish: released (4.17~rc7)
precise/esm_linux-goldfish: DNE
trusty_linux-goldfish: ignored (abandoned)
trusty/esm_linux-goldfish: DNE (trusty was ignored [abandoned])
xenial_linux-goldfish: ignored (was needs-triage now end-of-life)
artful_linux-goldfish: DNE
bionic_linux-goldfish: DNE
cosmic_linux-goldfish: DNE
devel_linux-goldfish: DNE

Patches_linux-grouper:
upstream_linux-grouper: released (4.17~rc7)
precise/esm_linux-grouper: DNE
trusty_linux-grouper: ignored (abandoned)
trusty/esm_linux-grouper: DNE (trusty was ignored [abandoned])
xenial_linux-grouper: DNE
artful_linux-grouper: DNE
bionic_linux-grouper: DNE
cosmic_linux-grouper: DNE
devel_linux-grouper: DNE

Patches_linux-maguro:
upstream_linux-maguro: released (4.17~rc7)
precise/esm_linux-maguro: DNE
trusty_linux-maguro: ignored (abandoned)
trusty/esm_linux-maguro: DNE (trusty was ignored [abandoned])
xenial_linux-maguro: DNE
artful_linux-maguro: DNE
bionic_linux-maguro: DNE
cosmic_linux-maguro: DNE
devel_linux-maguro: DNE

Patches_linux-mako:
upstream_linux-mako: released (4.17~rc7)
precise/esm_linux-mako: DNE
trusty_linux-mako: ignored (abandoned)
trusty/esm_linux-mako: DNE (trusty was ignored [abandoned])
xenial_linux-mako: ignored (abandoned)
artful_linux-mako: DNE
bionic_linux-mako: DNE
cosmic_linux-mako: DNE
devel_linux-mako: DNE

Patches_linux-manta:
upstream_linux-manta: released (4.17~rc7)
precise/esm_linux-manta: DNE
trusty_linux-manta: ignored (abandoned)
trusty/esm_linux-manta: DNE (trusty was ignored [abandoned])
xenial_linux-manta: DNE
artful_linux-manta: DNE
bionic_linux-manta: DNE
cosmic_linux-manta: DNE
devel_linux-manta: DNE

Patches_linux-flo:
upstream_linux-flo: released (4.17~rc7)
precise/esm_linux-flo: DNE
trusty_linux-flo: ignored (abandoned)
trusty/esm_linux-flo: DNE (trusty was ignored [abandoned])
xenial_linux-flo: ignored (abandoned)
artful_linux-flo: DNE
bionic_linux-flo: DNE
cosmic_linux-flo: DNE
devel_linux-flo: DNE

Patches_linux-raspi2:
upstream_linux-raspi2: released (4.17~rc7)
precise/esm_linux-raspi2: DNE
trusty_linux-raspi2: DNE
trusty/esm_linux-raspi2: DNE
xenial_linux-raspi2: released (4.4.0-1092.100)
artful_linux-raspi2: ignored (reached end-of-life)
bionic_linux-raspi2: released (4.15.0-1021.23)
cosmic_linux-raspi2: not-affected (4.15.0-1021.23)
devel_linux-raspi2: not-affected (4.18.0-1005.7)

Patches_linux-lts-utopic:
upstream_linux-lts-utopic: released (4.17~rc7)
precise/esm_linux-lts-utopic: DNE
trusty_linux-lts-utopic: ignored (out of standard support)
trusty/esm_linux-lts-utopic: DNE (trusty was ignored [out of standard support])
xenial_linux-lts-utopic: DNE
artful_linux-lts-utopic: DNE
bionic_linux-lts-utopic: DNE
cosmic_linux-lts-utopic: DNE
devel_linux-lts-utopic: DNE

Patches_linux-lts-vivid:
upstream_linux-lts-vivid: released (4.17~rc7)
precise/esm_linux-lts-vivid: DNE
trusty_linux-lts-vivid: ignored (out of standard support)
trusty/esm_linux-lts-vivid: DNE (trusty was ignored [out of standard support])
xenial_linux-lts-vivid: DNE
artful_linux-lts-vivid: DNE
bionic_linux-lts-vivid: DNE
cosmic_linux-lts-vivid: DNE
devel_linux-lts-vivid: DNE

Patches_linux-lts-wily:
upstream_linux-lts-wily: released (4.17~rc7)
precise/esm_linux-lts-wily: DNE
trusty_linux-lts-wily: ignored (out of standard support)
trusty/esm_linux-lts-wily: DNE (trusty was ignored [out of standard support])
xenial_linux-lts-wily: DNE
artful_linux-lts-wily: DNE
bionic_linux-lts-wily: DNE
cosmic_linux-lts-wily: DNE
devel_linux-lts-wily: DNE

Patches_linux-lts-xenial:
upstream_linux-lts-xenial: released (4.17~rc7)
precise/esm_linux-lts-xenial: DNE
trusty_linux-lts-xenial: released (4.4.0-130.156~14.04.1)
trusty/esm_linux-lts-xenial: released (4.4.0-130.156~14.04.1)
xenial_linux-lts-xenial: DNE
artful_linux-lts-xenial: DNE
bionic_linux-lts-xenial: DNE
cosmic_linux-lts-xenial: DNE
devel_linux-lts-xenial: DNE

Patches_linux-snapdragon:
upstream_linux-snapdragon: released (4.17~rc7)
precise/esm_linux-snapdragon: DNE
trusty_linux-snapdragon: DNE
trusty/esm_linux-snapdragon: DNE
xenial_linux-snapdragon: released (4.4.0-1095.100)
artful_linux-snapdragon: released (4.4.0-1095.100)
bionic_linux-snapdragon: not-affected
cosmic_linux-snapdragon: DNE
devel_linux-snapdragon: DNE

Patches_linux-aws:
upstream_linux-aws: released (4.17~rc7)
precise/esm_linux-aws: DNE
trusty_linux-aws: released (4.4.0-1024.25)
trusty/esm_linux-aws: released (4.4.0-1024.25)
xenial_linux-aws: released (4.4.0-1062.71)
esm-infra/xenial_linux-aws: released (4.4.0-1062.71)
artful_linux-aws: DNE
bionic_linux-aws: released (4.15.0-1020.20)
cosmic_linux-aws: not-affected (4.15.0-1020.20)
devel_linux-aws: not-affected (4.18.0-1002.3)

Patches_linux-hwe:
upstream_linux-hwe: released (4.17~rc7)
precise/esm_linux-hwe: DNE
trusty_linux-hwe: DNE
trusty/esm_linux-hwe: DNE
xenial_linux-hwe: released (4.15.0-33.36~16.04.1)
esm-infra/xenial_linux-hwe: released (4.15.0-33.36~16.04.1)
artful_linux-hwe: DNE
bionic_linux-hwe: not-affected
cosmic_linux-hwe: DNE
devel_linux-hwe: DNE

Patches_linux-hwe-edge:
upstream_linux-hwe-edge: released (4.17~rc7)
precise/esm_linux-hwe-edge: DNE
trusty_linux-hwe-edge: DNE
trusty/esm_linux-hwe-edge: DNE
xenial_linux-hwe-edge: released (4.15.0-33.36~16.04.1)
esm-infra/xenial_linux-hwe-edge: released (4.15.0-33.36~16.04.1)
artful_linux-hwe-edge: DNE
bionic_linux-hwe-edge: not-affected (4.18.0-11.12~18.04.1)
cosmic_linux-hwe-edge: DNE
devel_linux-hwe-edge: DNE

Patches_linux-gke:
upstream_linux-gke: released (4.17~rc7)
precise/esm_linux-gke: DNE
trusty_linux-gke: DNE
trusty/esm_linux-gke: DNE
xenial_linux-gke: ignored (was needs-triage now end-of-life)
artful_linux-gke: DNE
bionic_linux-gke: DNE
cosmic_linux-gke: DNE
devel_linux-gke: DNE

Patches_linux-azure:
upstream_linux-azure: released (4.17~rc7)
precise/esm_linux-azure: DNE
trusty_linux-azure: not-affected (4.15.0-1023.24~14.04.1)
trusty/esm_linux-azure: not-affected (4.15.0-1023.24~14.04.1)
xenial_linux-azure: released (4.15.0-1022.22~16.04.1)
esm-infra/xenial_linux-azure: released (4.15.0-1022.22~16.04.1)
artful_linux-azure: DNE
bionic_linux-azure: released (4.15.0-1022.23)
cosmic_linux-azure: not-affected (4.18.0-1003.3)
devel_linux-azure: not-affected (4.18.0-1003.3)

Patches_linux-azure-edge:
upstream_linux-azure-edge: released (4.17~rc7)
precise/esm_linux-azure-edge: DNE
trusty_linux-azure-edge: DNE
trusty/esm_linux-azure-edge: DNE
xenial_linux-azure-edge: released (4.15.0-1022.23)
artful_linux-azure-edge: DNE
bionic_linux-azure-edge: not-affected (4.18.0-1003.3~18.04.1)
cosmic_linux-azure-edge: DNE
devel_linux-azure-edge: DNE

Patches_linux-gcp:
upstream_linux-gcp: released (4.17~rc7)
precise/esm_linux-gcp: DNE
trusty_linux-gcp: DNE
trusty/esm_linux-gcp: DNE
xenial_linux-gcp: released (4.15.0-1018.19~16.04.2)
esm-infra/xenial_linux-gcp: released (4.15.0-1018.19~16.04.2)
artful_linux-gcp: DNE
bionic_linux-gcp: released (4.15.0-1018.19)
cosmic_linux-gcp: not-affected (4.15.0-1018.19)
devel_linux-gcp: not-affected (4.18.0-1002.3)

Patches_linux-kvm:
upstream_linux-kvm: released (4.17~rc7)
precise/esm_linux-kvm: DNE
trusty_linux-kvm: DNE
trusty/esm_linux-kvm: DNE
xenial_linux-kvm: released (4.4.0-1029.34)
esm-infra/xenial_linux-kvm: released (4.4.0-1029.34)
artful_linux-kvm: DNE
bionic_linux-kvm: released (4.15.0-1020.20)
cosmic_linux-kvm: not-affected (4.15.0-1020.20)
devel_linux-kvm: not-affected (4.18.0-1003.3)

Patches_linux-euclid:
upstream_linux-euclid: released (4.17~rc7)
precise/esm_linux-euclid: DNE
trusty_linux-euclid: DNE
trusty/esm_linux-euclid: DNE
xenial_linux-euclid: ignored (was needed ESM criteria)
artful_linux-euclid: DNE
bionic_linux-euclid: DNE
cosmic_linux-euclid: DNE
devel_linux-euclid: DNE

Patches_linux-oem:
upstream_linux-oem: released (4.17~rc7)
precise/esm_linux-oem: DNE
trusty_linux-oem: DNE
trusty/esm_linux-oem: DNE
xenial_linux-oem: ignored (was needed now end-of-life)
artful_linux-oem: DNE
bionic_linux-oem: released (4.15.0-1017.20)
cosmic_linux-oem: not-affected (4.15.0-1017.20)
devel_linux-oem: not-affected (4.15.0-1021.24)