CVE-2016-4997

Priority
Description
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt
implementations in the netfilter subsystem in the Linux kernel before 4.6.3
allow local users to gain privileges or cause a denial of service (memory
corruption) by leveraging in-container root access to provide a crafted
offset value that triggers an unintended decrement.
Ubuntu-Description
Jesse Hertz and Tim Newsham discovered that the Linux netfilter
implementation did not correctly perform validation when handling 32 bit
compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local
unprivileged attacker could use this to cause a denial of service (system
crash) or execute arbitrary code with administrative privileges.
Notes
jdstrandandroid kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support
sbeattiepriority is negligible on precise's 3.2 kernels, as user
namespaces are a privileged operation there.
For xenial and linux-lts-xenial on trusty, this can be
mitigated against by setting the kernel.unprivileged_userns_clone
sysctl to 0 to disable userns support. When we fix the netfilter issue
we will also add this sysctl to all other supported kernels to allow
disabling unprivileged user namespaces. Disabling user namespace may
impact chromium-browser, lxc, lxd, docker, and other tools.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-128.173)
Ubuntu 14.04 ESM (Trusty Tahr):released (3.13.0-91.138)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-28.47)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-16.19)
Patches:
Introduced by
2722971cbe831117686039d5c334f2c0f560be13
Fixed by
ce683e5f9d045e5d67d1312a42b359cb2ab2a13c
Introduced by
2722971cbe831117686039d5c334f2c0f560be13
Fixed by
6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
Introduced by
2722971cbe831117686039d5c334f2c0f560be13
Fixed by
bdf533de6968e9686df777dc178486f600c6e617
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.15.0-1023.24~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-9019.20)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.10.0-1004.4)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Product
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1004.9)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-91.138~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [3.16.0-76.98~14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [3.19.0-64.72~14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [4.2.0-41.48~14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.4.0-28.47~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.13.0-1008.9)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1016.22)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-1005.5)
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1019.22)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.4.0-1077.82)
Package
Upstream:released (4.7~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Product
linux-vegetahd:ignored (was needed now end-of-life)
More Information

Updated: 2019-12-05 18:45:25 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)