CVE-2016-7913 in Ubuntu

CVE-2016-7913

Priority

Description

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in
the Linux kernel before 4.6 allows local users to gain privileges or cause
a denial of service (use-after-free) via vectors involving omission of the
firmware name from a certain data structure.

Ubuntu-Description

It was discovered that a use-after-free vulnerability existed in the device
driver for XCeive xc2028/xc3028 tuners in the Linux kernel. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7913
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18
http://source.android.com/security/bulletin/2016-11-01.html
https://github.com/torvalds/linux/commit/8dfbcc4351a0b6d2f2d77f367552f48ffefafe18
https://usn.ubuntu.com/usn/usn-3312-1
https://usn.ubuntu.com/usn/usn-3312-2
https://usn.ubuntu.com/usn/usn-3798-1
https://usn.ubuntu.com/usn/usn-3798-2

Notes

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	ignored (was needed ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):	released (3.13.0-161.211)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-83.106)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.13.0-16.19)
Ubuntu 19.04 (Disco Dingo):	not-affected (4.15.0-20.21)

Patches:

Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by

8dfbcc4351a0b6d2f2d77f367552f48ffefafe18

Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by

210bd104c6acd31c3c6b8b075b3f12d4a9f6b60d

Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by

22a1e7783e173ab3d86018eb590107d68df46c11

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1022.31)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1001.1)
Ubuntu 19.04 (Disco Dingo):	not-affected (4.15.0-1007.7)

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	not-affected (4.15.0-1023.24~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1002.2)
Ubuntu 19.04 (Disco Dingo):	not-affected (4.15.0-1009.9)

Package

Source: linux-azure-edge (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.15.0-1002.2)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.18.0-1003.3~18.04.1)
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-euclid (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (was needed ESM criteria)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-flo (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.10.0-1004.4)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1001.1)
Ubuntu 19.04 (Disco Dingo):	not-affected (4.15.0-1006.6)

Package

Source: linux-gke (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1014.14)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-goldfish (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-grouper (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.8.0-39.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.8.0-39.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.18.0-8.9~18.04.1)
Ubuntu 19.04 (Disco Dingo):	DNE

Product

Source tree: https://github.com/bq/aquaris-E4.5

linux-krillin:

ignored (was needed now end-of-life)

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1004.9)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1002.2)
Ubuntu 19.04 (Disco Dingo):	not-affected (4.15.0-1008.8)

Package

Source: linux-linaro-omap (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-linaro-shared (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-linaro-vexpress (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Patches:

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-lts-saucy (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	released (3.13.0-161.211~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-lts-utopic (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [out of standard support])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-lts-vivid (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [was needed now end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-lts-wily (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [out of standard support])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	released (4.4.0-83.106~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-maguro (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-mako (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-manta (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-oem (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.13.0-1008.9)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1002.3)
Ubuntu 19.04 (Disco Dingo):	not-affected (4.15.0-1004.5)

Package

Source: linux-qcm-msm (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1061.69)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.13.0-1005.5)
Ubuntu 19.04 (Disco Dingo):	not-affected (4.15.0-1010.11)

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1063.68)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected
Ubuntu 19.04 (Disco Dingo):	DNE

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (4.9~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.04 (Disco Dingo):	DNE

Product

Source tree: https://github.com/bq/aquaris-E5

linux-vegetahd:

ignored (was needed now end-of-life)

More Information

Updated: 2019-12-05 18:46:22 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)