CVE-2016-2187

Priority
Low
Description
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel
through 4.5.2 allows physically proximate attackers to cause a denial of
service (NULL pointer dereference and system crash) via a crafted endpoints
value in a USB device descriptor.
Ubuntu-Description
Ralf Spenneberg discovered that the Linux kernel's GTCO digitizer USB
device driver did not properly validate endpoint descriptors. An attacker
with physical access could use this to cause a denial of service (system
crash).
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2187
https://bugzilla.redhat.com/show_bug.cgi?id=1317017
https://usn.ubuntu.com/usn/usn-2989-1
https://usn.ubuntu.com/usn/usn-2996-1
https://usn.ubuntu.com/usn/usn-2997-1
https://usn.ubuntu.com/usn/usn-2998-1
https://usn.ubuntu.com/usn/usn-3000-1
https://usn.ubuntu.com/usn/usn-3001-1
https://usn.ubuntu.com/usn/usn-3002-1
https://usn.ubuntu.com/usn/usn-3003-1
https://usn.ubuntu.com/usn/usn-3004-1
https://usn.ubuntu.com/usn/usn-3005-1
https://usn.ubuntu.com/usn/usn-3006-1
https://usn.ubuntu.com/usn/usn-3007-1
Bugs
https://launchpad.net/bugs/1575706
Notes
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
 jdstrand> linux-lts-saucy no longer receives official support
 jdstrand> linux-lts-quantal no longer receives official support
Package
Source: linux-lts-trusty (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-88.135~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-lts-wily (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4.2.0-38.45~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source tree: https://github.com/bq/aquaris-E5
linux-vegetahd:ignored (was needed now end-of-life)
Package
Source: linux-lts-quantal (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Package
Source: linux-gke (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-104.145)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.13.0-87.133)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-24.43)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 162f98dea487206d9ab79fc12ed64700667a894d
Package
Source: linux-ti-omap4 (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1482.109])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-lts-raring (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-armadaxp (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1667.92])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-linaro-shared (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-maguro (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-lts-xenial (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4.4.0-24.43~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-lts-saucy (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-hwe-edge (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Source: linux-manta (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-grouper (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-linaro-vexpress (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-qcm-msm (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-lts-vivid (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (3.19.0-61.69~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-aws (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Source: linux-raspi2 (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1012.16)
Package
Source: linux-snapdragon (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1015.18)
Package
Source: linux-mako (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Source: linux-linaro-omap (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-lts-utopic (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (3.16.0-73.95~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: linux-goldfish (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Source: linux-hwe (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Source tree: https://github.com/bq/aquaris-E4.5
linux-krillin:ignored (was needed now end-of-life)
Package
Source: linux-flo (LP Ubuntu Debian)
Upstream:released (4.6~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
More Information

Updated: 2018-09-26 07:08:37 UTC (commit 2c85db1cbbe986be0a0659e41e8f961058e5adca)