CVE-2017-17449

Priority
Medium
Description
The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the
Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not
restrict observations of Netlink messages to a single net namespace, which
allows local users to obtain sensitive information by leveraging the
CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink
activity on the system.
Ubuntu-Description
It was discovered that the netlink subsystem in the Linux kernel did not
properly restrict observations of netlink messages to the appropriate net
namespace. A local attacker could use this to expose sensitive information
(kernel netlink traffic).
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17449
https://lkml.org/lkml/2017/12/5/950
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=93c647643b48f0131f02e45da3bd367d80443291
https://usn.ubuntu.com/usn/usn-3619-1
https://usn.ubuntu.com/usn/usn-3619-2
Package
Source: linux-lts-trusty (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-lts-wily (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-kvm (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1020.25)
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Package
Source tree: https://github.com/bq/aquaris-E5
linux-vegetahd:not-affected
Package
Source: linux-lts-quantal (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Patches:
Package
Source: linux-gke (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed now end-of-life)
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needs-triage ESM criteria)
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-119.143)
Ubuntu 17.10 (Artful Aardvark):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-10.11)
Patches:
Introduced by bcbde0d449eda7afa8f63280b165c8300dbd00e2Fixed by 93c647643b48f0131f02e45da3bd367d80443291
Package
Source: linux-ti-omap4 (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-lts-raring (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-armadaxp (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-linaro-shared (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-maguro (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-lts-xenial (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4.4.0-119.143~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-lts-saucy (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-gcp (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):needed
Package
Source: linux-hwe-edge (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-15.16~16.04.1)
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-manta (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-azure (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Package
Source: linux-grouper (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-linaro-vexpress (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-qcm-msm (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-lts-vivid (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needs-triage now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-aws (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4.4.0-1016.16)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1054.63)
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Package
Source: linux-raspi2 (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1086.94)
Ubuntu 17.10 (Artful Aardvark):needed
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1006.7)
Package
Source: linux-snapdragon (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1088.93)
Ubuntu 17.10 (Artful Aardvark):released (4.4.0-1088.93)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-oem (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1001.2)
Package
Source: linux-mako (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-linaro-omap (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-euclid (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage ESM criteria)
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-lts-utopic (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-goldfish (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source: linux-hwe (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Source tree: https://github.com/bq/aquaris-E4.5
linux-krillin:not-affected
Package
Source: linux-flo (LP Ubuntu Debian)
Upstream:released (4.15~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
More Information

Updated: 2018-04-16 18:14:23 UTC (commit 14567)