CVE-2016-8655 in Ubuntu

CVE-2016-8655

Priority

High

Description

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12
allows local users to gain privileges or cause a denial of service
(use-after-free) by leveraging the CAP_NET_RAW capability to change a
socket version, related to the packet_set_ring and packet_setsockopt
functions.

Ubuntu-Description

Philip Pettersson discovered a race condition in the af_packet
implementation in the Linux kernel. A local unprivileged attacker could use
this to cause a denial of service (system crash) or run arbitrary code with
administrative privileges.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655
http://marc.info/?l=linux-netdev&m=148054660230570&w=2
https://usn.ubuntu.com/usn/usn-3151-3
https://usn.ubuntu.com/usn/usn-3151-2
https://usn.ubuntu.com/usn/usn-3151-1
https://usn.ubuntu.com/usn/usn-3151-4
https://usn.ubuntu.com/usn/usn-3149-1
https://usn.ubuntu.com/usn/usn-3149-2
https://usn.ubuntu.com/usn/usn-3150-2
https://usn.ubuntu.com/usn/usn-3150-1
https://usn.ubuntu.com/usn/usn-3152-1
https://usn.ubuntu.com/usn/usn-3152-2

Bugs

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1646318

Notes

jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
jdstrand> linux-lts-saucy no longer receives official support
jdstrand> linux-lts-quantal no longer receives official support

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	released (3.13.0-105.152~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-wily (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source tree: https://github.com/bq/aquaris-E5

linux-vegetahd:

needed

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Patches:

Package

Source: linux-gke (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1003.3)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	released (3.2.0-118.161)
Ubuntu 14.04 LTS (Trusty Tahr):	released (3.13.0-105.152)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-53.74)
Ubuntu 17.04 (Zesty Zapus):	not-affected (4.8.0-30.32)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.10.0-19.21)

Patches:

Introduced by f6fb8f100b807378fda19e83e5ac6828b638603a

Fixed by 84ac7260236a49c79eede91617700174c2c19b0c

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was released [3.2.0-1496.123])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was released [3.2.0-1680.107])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-linaro-shared (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-maguro (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	released (4.4.0-53.74~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-saucy (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.8.0-30.32~16.04.1)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-manta (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-grouper (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-linaro-vexpress (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-qcm-msm (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-vivid (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	released (3.19.0-77.85~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1001.10)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1034.41)
Ubuntu 17.04 (Zesty Zapus):	not-affected (4.8.0-1020.23)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.10.0-1004.6)

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1039.43)
Ubuntu 17.04 (Zesty Zapus):	not-affected (4.4.0-1039.43)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.4.0-1050.54)

Package

Source: linux-mako (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-linaro-omap (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-utopic (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-goldfish (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	ignored (abandoned)
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.8.0-36.36~16.04.1)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source tree: https://github.com/bq/aquaris-E4.5

linux-krillin:

needed

Package

Source: linux-flo (LP Ubuntu Debian)

Upstream:	released (4.9~rc8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

More Information

Updated: 2017-12-15 20:35:27 UTC (commit 13913)