Description
Linux distributions that have not patched their long-term kernels with
https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86
(committed on April 14, 2015). This kernel vulnerability was fixed in April
2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to
Linux 3.10.77 in May 2015), but it was not recognized as a security threat.
With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down
address allocation strategy, load_elf_binary() will attempt to map a PIE
binary into an address range immediately below mm->mmap_base.
Unfortunately, load_elf_ binary() does not take account of the need to
allocate sufficient space for the entire binary which means that, while the
first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD
segment(s) end up being mapped above mm->mmap_base into the are that is
supposed to be the "gap" between the stack and the binary.
Notes
sbeattie> fixed upstream in 4.1, so xenial and newer had it
sbeattie> went through stable, trusty had it in 3.13.0-56.93,
precise in 3.2.0-91.129, vivid in 3.19.0-19.19
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | not-affected
(4.4.0-9019.20)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | not-affected
(4.4.0-1003.3)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
linux-krillin: | ignored
(was needed now end-of-life)
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Patches:
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | released
(3.13.0-57.95~precise1)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(was needs-triage now end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | not-affected
(4.4.0-13.29~14.04.1)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | not-affected
(4.4.0-1012.12)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.1~rc1)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
linux-vegetahd: | ignored
(was needed now end-of-life)
|
Updated: 2019-01-23 00:15:00 UTC (commit 32e4618100c016795c616c3c1ad13175e868c3d3)