CVE-2016-2117 (retired)

Priority
Description
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the
Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which
allows remote attackers to obtain sensitive information from kernel memory
by reading packet data.
Ubuntu-Description
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux
kernel incorrectly enables scatter/gather I/O. A remote attacker could use
this to obtain potentially sensitive information from kernel memory.
Notes
tyhicksThe atl2 ethernet driver is the only driver that discloses memory to
ethernet in the default configuration
jdstrandandroid kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-24.43)
Patches:
Introduced by
ec5f061564238892005257c83565a0b58ec79295
Fixed by
f43bfaeddc79effbf3d0fcb53ca477cca66f3db8
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:not-affected
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1012.16)
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1015.18)
Package
Upstream:released (4.6~rc5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:not-affected
More Information

Updated: 2019-10-09 07:55:34 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)