CVE-2016-4558 (retired)

Priority
Description
The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference
counts, which allows local users to cause a denial of service
(use-after-free) or possibly have unspecified other impact via a crafted
application on (1) a system with more than 32 Gb of memory, related to the
program reference count or (2) a 1 Tb system, related to the map reference
count.
Ubuntu-Description
Jann Horn discovered that the extended Berkeley Packet Filter (eBPF)
implementation in the Linux kernel could overflow reference counters on
systems with more than 32GB of physical ram and with RLIMIT_MEMLOCK set to
infinite. A local unprivileged attacker could use to create a use-after-
free situation, causing a denial of service (system crash) or possibly gain
administrative privileges.
Notes
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
 jdstrand> linux-lts-saucy no longer receives official support
 jdstrand> linux-lts-quantal no longer receives official support
 sbeattie> made exploitable by unpriv bpf
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-24.43)
Patches:
Introduced by 1be7f75d1668d6296b80bf35dcf6762393530afcFixed by 92117d8443bc5afacc8d5ba82e541946310f106e
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:not-affected
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1012.16)
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1015.18)
Package
Upstream:released (4.6~rc7)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:not-affected
More Information

Updated: 2019-09-19 15:58:21 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)