Description
The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the
Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not
restrict observations of Netlink messages to a single net namespace, which
allows local users to obtain sensitive information by leveraging the
CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink
activity on the system.
Ubuntu-Description
It was discovered that the netlink subsystem in the Linux kernel did not
properly restrict observations of netlink messages to the appropriate net
namespace. A local attacker could use this to expose sensitive information
(kernel netlink traffic).
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
This package is not directly supported by the Ubuntu Security Team
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(was needs-triage ESM criteria)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(abandoned)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(was needed now end-of-life)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | not-affected
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Product
linux-krillin: | not-affected
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(end-of-life)
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
This package is not directly supported by the Ubuntu Security Team
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | released
(3.13.0-149.199~precise1)
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [out of standard support])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [was needs-triage now end-of-life])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [out of standard support])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | released
(4.4.0-119.143~14.04.1)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(abandoned)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Package
Upstream: | released
(4.15~rc4)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Product
linux-vegetahd: | not-affected
|
Updated: 2019-12-05 18:48:30 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)