CVE-2014-3144 (retired)

Priority
Description
The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension
implementations in the sk_run_filter function in net/core/filter.c in the
Linux kernel through 3.14.3 do not check whether a certain length value is
sufficiently large, which allows local users to cause a denial of service
(integer underflow and system crash) via crafted BPF instructions. NOTE:
the affected code was moved to the __skb_get_nlattr and
__skb_get_nlattr_nest functions before the vulnerability was announced.
Ubuntu-Description
A bounds check error was discovered in the socket filter subsystem of the
Linux kernel. A local user could exploit this flaw to cause a denial of
service (system crash) via crafted BPF instructions.
Notes
jdstrandandroid kernels (goldfish, grouper, maguro, mako and manta) are not
supported on the Ubuntu Touch 13.10 preview kernels
android kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.04 preview kernels
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-65.98)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Patches:
Introduced by
4738c1db1593687713869fa69e733eebc7b0d6d8
Fixed by
05ab8f2647e4221cbdb3856dd7d32bd5407316b3
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1635.50])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.5.0-52.78~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.8.0-44.66~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.11.0-24.41~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-32.57~precise1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1013.19)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Package
Upstream:released (3.15~rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1450.69])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:ignored (was needed now end-of-life)
More Information

Updated: 2019-10-09 07:50:15 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)