CVE-2016-2550 (retired)

Priority
Description
The Linux kernel before 4.5 allows local users to bypass file-descriptor
limits and cause a denial of service (memory consumption) by leveraging
incorrect tracking of descriptor ownership and sending each descriptor over
a UNIX socket before closing it. NOTE: this vulnerability exists because of
an incorrect fix for CVE-2013-4312.
Ubuntu-Description
David Herrmann discovered that the Linux kernel incorrectly accounted file
descriptors to the original opener for in-flight file descriptors sent over
a unix domain socket. A local attacker could use this to cause a denial of
service (resource exhaustion).
Notes
jdstrandandroid kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-11.26)
Patches:
Introduced by
712f4aad406bb1ed67f3f98d04c044191f0ff593
Fixed by
415e3d3e90ce9e18727e8843ae343eda5a58fad6
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:not-affected
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1004.5)
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Package
Upstream:released (4.5~rc4)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:not-affected
More Information

Updated: 2019-10-09 07:55:49 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)