CVE-2014-2851 (retired)

Priority
Description
Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the
Linux kernel through 3.14.1 allows local users to cause a denial of service
(use-after-free and system crash) or possibly gain privileges via a crafted
application that leverages an improperly managed reference counter.
Ubuntu-Description
A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
Notes
 jdstrand> android kernels (goldfish, grouper, maguro, mako and manta) are not
  supported on the Ubuntu Touch 13.10 preview kernels
 tyhicks> android init writes a valid group range to
  /proc/sys/net/ipv4/ping_group_range which results in all unprivileged users
  being allowed to open restricted ICMP sockets and trigger this bug
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-63.95)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Patches:
Introduced by c319b4d76b9e583a5d88d6bf190e079c4e43213dFixed by b04c46190219a4f845e46a459e3102137b7f6cac
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1633.47])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.4.0-5.22)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:not-affected (1.0)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.5.0-51.76~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.8.0-41.60~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.11.0-22.38~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-27.50~precise1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.4.0-7.40)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1013.19)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1446.65])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:not-affected (1.0)
More Information

Updated: 2019-09-19 15:48:56 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)