Description
net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does
not require the CAP_NET_ADMIN capability for new, get, and del operations,
which allows local users to bypass intended access restrictions because the
nfnl_cthelper_list data structure is shared across all net namespaces.
Ubuntu-Description
It was discovered that the netfilter component of the Linux did not
properly restrict access to the connection tracking helpers list. A local
attacker could use this to bypass intended access restrictions.
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(was needed ESM criteria)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(was needed now end-of-life)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
linux-krillin: | not-affected
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Patches:
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | released
(3.13.0-144.193~precise1)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(was needs-triage now end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | released
(4.4.0-119.143~14.04.1)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(4.4.0-1088.93)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Package
linux-vegetahd: | not-affected
|
Updated: 2019-01-23 00:15:27 UTC (commit 32e4618100c016795c616c3c1ad13175e868c3d3)