CVE-2016-1237

Priority
Description
nfsd in the Linux kernel through 4.6.3 allows local users to bypass
intended file-permission restrictions by setting a POSIX ACL, related to
nfs2acl.c, nfs3acl.c, and nfs4acl.c.
Ubuntu-Description
A missing permission check when settings ACLs was discovered in nfsd. A
local user could exploit this flaw to gain access to any file by setting an
ACL.
Notes
mdeslauralso needs 485e71e8fb6356c08c7fc6bcce4bf02c9a9a663f
jdstrandandroid kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-36.55)
Patches:
Introduced by
4ac7249ea5a0ceef9f8269f63f33cc873c3fac61
Fixed by
485e71e8fb6356c08c7fc6bcce4bf02c9a9a663f
Introduced by
4ac7249ea5a0ceef9f8269f63f33cc873c3fac61
Fixed by
999653786df6954a31044528ac3f7a5dadca08f4
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:not-affected
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [out of standard support])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [3.19.0-66.74~14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [out of standard support])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):released (4.4.0-36.55~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1021.27)
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1024.27)
Package
Upstream:released (4.7~rc5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:not-affected
More Information

Updated: 2020-03-18 22:43:26 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)