CVE-2015-8709 in Ubuntu

CVE-2015-8709

Priority

Description

** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles
uid and gid mappings, which allows local users to gain privileges by
establishing a user namespace, waiting for a root process to enter that
namespace with an unsafe uid or gid, and then using the ptrace system call.
NOTE: the vendor states "there is no kernel bug here."

Ubuntu-Description

Jann Horn discovered a ptrace issue with user namespaces in the Linux
kernel. The namespace owner could potentially exploit this flaw by ptracing
a root owned process entering the user namespace to elevate its privileges
and potentially gain access outside of the namespace.
(http://bugs.launchpad.net/bugs/1527374, CVE-2015-8709)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8709
https://lkml.org/lkml/2015/12/12/259
https://usn.ubuntu.com/usn/usn-2847-1
https://usn.ubuntu.com/usn/usn-2848-1
https://usn.ubuntu.com/usn/usn-2849-1
https://usn.ubuntu.com/usn/usn-2850-1
https://usn.ubuntu.com/usn/usn-2851-1
https://usn.ubuntu.com/usn/usn-2852-1
https://usn.ubuntu.com/usn/usn-2853-1
https://usn.ubuntu.com/usn/usn-2854-1
http://www.openwall.com/lists/oss-security/2015/12/31/5

Bugs

https://launchpad.net/bugs/1527374

Notes

sbeattie

published fix has been reverted and replaced by upstream
commit. Published kernels are not vulnerable to this, the status is
tracking the state of the replaced commit coming through the trees.

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	not-affected (no userns support)
Ubuntu 14.04 ESM (Trusty Tahr):	released (3.13.0-103.150)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-51.72)

Patches:

Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by

bfedb589252c01fa505ac9f6f2a3d5d68d707ef4

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1001.10)

Package

Source: linux-flo (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)

Package

Source: linux-fsl-imx51 (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-gke (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1003.3)

Package

Source: linux-goldfish (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)

Package

Source: linux-grouper (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.8.0-36.36~16.04.1)

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.8.0-36.36~16.04.1)

Product

Source tree: https://github.com/bq/aquaris-E4.5

linux-krillin:

ignored (was needed now end-of-life)

Package

Source: linux-linaro-omap (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-linaro-shared (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-linaro-vexpress (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Patches:

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-saucy (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	released (3.13.0-103.150~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-utopic (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was released [3.16.0-57.77~14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-vivid (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was released [3.19.0-75.83~14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-wily (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was released [4.2.0-22.27~14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	released (4.4.0-51.72~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-maguro (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-mako (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)

Package

Source: linux-manta (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-qcm-msm (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1038.45)

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1042.46)

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (4.10~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was not-affected [no userns support])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Product

Source tree: https://github.com/bq/aquaris-E5

linux-vegetahd:

ignored (was needed now end-of-life)

More Information

Updated: 2019-12-05 18:43:24 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)