CVE-2016-9604 in Ubuntu

CVE-2016-9604

Priority

Medium

Description

Keyrings whose name begin with a '.' are special internal keyrings and so
userspace isn't allowed to create keyrings by this name to prevent
shadowing. However, the patch that added the guard didn't fix
KEYCTL_JOIN_SESSION_KEYRING. Not only can that create dot-named keyrings,
it can also subscribe to them as a session keyring if they grant SEARCH
permission to the user.
This, for example, allows a root process to set .builtin_trusted_keys as
its session keyring, at which point it has full access because now the
possessor permissions are added. This permits root to add extra public
keys, thereby bypassing module verification.

Ubuntu-Description

It was discovered that the keyring implementation in the Linux kernel in
some situations did not prevent special internal keyrings from being joined
by userspace keyrings. A privileged local attacker could use this to bypass
module verification.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9604
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee8f844e3c5a73b999edf733df1c529d6503ec2f
http://www.ubuntu.com/usn/usn-3314-1
http://www.ubuntu.com/usn/usn-3312-1
http://www.ubuntu.com/usn/usn-3312-2
http://www.ubuntu.com/usn/usn-3361-1
http://www.ubuntu.com/usn/usn-3422-1
http://www.ubuntu.com/usn/usn-3422-2

Notes

jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
jdstrand> linux-lts-saucy no longer receives official support
jdstrand> linux-lts-quantal no longer receives official support

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	released (3.13.0-132.181~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-lts-wily (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (end-of-life)
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1004.9)
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source tree: https://github.com/bq/aquaris-E5

linux-vegetahd:

needed

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Patches:

Package

Source: linux-gke (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1014.14)
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.10.0-22.24)
Ubuntu 12.04 ESM (Precise Pangolin):	ignored (was needed ESM criteria)
Ubuntu 14.04 LTS (Trusty Tahr):	released (3.13.0-132.181)
Ubuntu Core 15.04:	ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-79.100)
Ubuntu 17.04 (Zesty Zapus):	released (4.10.0-22.24)

Patches:

Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by ee8f844e3c5a73b999edf733df1c529d6503ec2f

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-linaro-shared (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-maguro (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	released (4.4.0-79.100~14.04.1)
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-lts-saucy (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.10.0-1004.4)
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.10.0-22.24~16.04.1)
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-manta (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.11.0-1009.9)
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-grouper (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-linaro-vexpress (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-qcm-msm (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-lts-vivid (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (was needed now end-of-life)
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	pending (4.4.0-1001.1)
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1018.27)
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.10.0-1006.8)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1057.64)
Ubuntu 17.04 (Zesty Zapus):	released (4.10.0-1006.8)

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.4.0-1059.63)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1059.63)
Ubuntu 17.04 (Zesty Zapus):	released (4.4.0-1059.63)

Package

Source: linux-mako (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-linaro-omap (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-euclid (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	needed
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-lts-utopic (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (end-of-life)
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source: linux-goldfish (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	ignored (abandoned)

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.10.0-27.30~16.04.2)
Ubuntu 17.04 (Zesty Zapus):	DNE

Package

Source tree: https://github.com/bq/aquaris-E4.5

linux-krillin:

needed

Package

Source: linux-flo (LP Ubuntu Debian)

Upstream:	released (4.11~rc8)
Ubuntu 17.10 (Artful Aardvark):	DNE
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu Core 15.04:	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	DNE

More Information

Updated: 2017-09-21 20:14:24 UTC (commit 13377)