CVE-2014-4699

Priority
High
Description
The Linux kernel before 3.15.4 on Intel processors does not properly
restrict use of a non-canonical value for the saved RIP address in the case
of a system call that does not use IRET, which allows local users to
leverage a race condition and gain privileges, or cause a denial of service
(double fault), via a crafted application that makes ptrace and fork system
calls.
Ubuntu-Description
Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on
x86_64 processors. An attacker could exploit this flaw to cause a denial of
service (System Crash) or potential gain administrative privileges.
References
Bugs
Notes
 jdstrand> android kernels (goldfish, grouper, maguro, mako and manta) are not
  supported on the Ubuntu Touch 13.10 preview kernels
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.04 preview kernels
 jj> begin sha1 is not actual commit that broke it just first kernel (2.6.17)
 jj> as reported by Andy Lutomirski
 jj> x86_64 only. Likely intel only
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.13.0-30.55)
Ubuntu Core 15.04:not-affected (3.16.0-23.31)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Patches:
Introduced by 427abfa28afedffadfca9dd8b067eb6d36bac53fFixed by b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.4.0-6.29)
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.19.0-18.18~14.04.1)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:released (4.2.0-1014.21)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1014.21)
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.4.0-5.34)
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.16.0-25.33~14.04.2)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.4.0-4.23)
Package
Upstream:released (3.16~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.4.0-3.15)
More Information

Updated: 2017-08-11 23:52:18 UTC (commit 13081)