CVE-2016-5728 (retired)

Priority
Description
Race condition in the vop_ioctl function in
drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel
before 4.6.1 allows local users to obtain sensitive information from kernel
memory or cause a denial of service (memory corruption and system crash) by
changing a certain header, aka a "double fetch" vulnerability.
Ubuntu-Description
Pengfei Wang discovered a race condition in the MIC VOP driver in the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash) or obtain potentially sensitive information from kernel
memory.
Notes
jdstrandandroid kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-36.55)
Patches:
Introduced by
f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5
Fixed by
9bf292bfca94694a721449e3fd752493856710f6
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:not-affected
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1021.27)
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1024.27)
Package
Upstream:released (4.7~rc1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:not-affected
More Information

Updated: 2019-10-09 07:56:56 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)