CVE-2015-8830 (retired)

Priority
Description
Integer overflow in the aio_setup_single_vector function in fs/aio.c in the
Linux kernel 4.0 allows local users to cause a denial of service or
possibly have unspecified other impact via a large AIO iovec. NOTE: this
vulnerability exists because of a CVE-2012-6701 regression.
Ubuntu-Description
Ben Hawkes discovered that the Linux kernel's AIO interface allowed single
writes greater than 2GB, which could cause an integer overflow when writing
to certain filesystems, socket or device types. A local attacker could this
to cause a denial of service (system crash) or possibly execute arbitrary
code.
Notes
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
 jdstrand> linux-lts-saucy no longer receives official support
 jdstrand> linux-lts-quantal no longer receives official support
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Patches:
Introduced by 41ef4eb8eef8d06bc1399e7b00c940d771554711Fixed by 4c185ce06dca14f5cea192f5a2c981ef50663f2b
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
linux-krillin:not-affected
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1013.19)
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Package
Upstream:released (4.1~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
linux-vegetahd:not-affected
More Information

Updated: 2019-08-23 09:08:27 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)