CVE-2016-1237 (retired)

Priority
Description
nfsd in the Linux kernel through 4.6.3 allows local users to bypass
intended file-permission restrictions by setting a POSIX ACL, related to
nfs2acl.c, nfs3acl.c, and nfs4acl.c.
Ubuntu-Description
A missing permission check when settings ACLs was discovered in nfsd. A
local user could exploit this flaw to gain access to any file by setting an
ACL.
Notes
mdeslauralso needs 485e71e8fb6356c08c7fc6bcce4bf02c9a9a663f
jdstrandandroid kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:not-affected
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1021.27)
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1024.27)
Package
Upstream:released (4.7~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:not-affected
More Information

Updated: 2019-10-09 07:55:11 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)