CVE-2017-2671 in Ubuntu

CVE-2017-2671

Priority

Description

The ping_unhash function in net/ipv4/ping.c in the Linux kernel through
4.10.8 is too late in obtaining a certain lock and consequently cannot
ensure that disconnect function calls are safe, which allows local users to
cause a denial of service (panic) by leveraging access to the protocol
value of IPPROTO_ICMP in a socket system call.

Ubuntu-Description

Daniel Jiang discovered that a race condition existed in the ipv4 ping
socket implementation in the Linux kernel. A local privileged attacker
could use this to cause a denial of service (system crash).

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2671
http://www.openwall.com/lists/oss-security/2017/03/24/6
http://openwall.com/lists/oss-security/2017/04/04/8
https://github.com/danieljiang0415/android_kernel_crash_poc
https://twitter.com/danieljiang0415/status/845116665184497664
https://usn.ubuntu.com/usn/usn-3314-1
https://usn.ubuntu.com/usn/usn-3312-1
https://usn.ubuntu.com/usn/usn-3312-2
https://usn.ubuntu.com/usn/usn-3361-1
https://usn.ubuntu.com/usn/usn-3754-1

Notes

tyhicks

Ubuntu doesn't enable unprivileged ping sockets by default

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	ignored (was needed ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):	released (3.13.0-157.207)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-79.100)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.13.0-16.19)

Patches:

Introduced by

c319b4d76b9e583a5d88d6bf190e079c4e43213d

Fixed by

43a6684519ab0a6c52024b5e25322476cabad893

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1018.27)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1001.1)

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	not-affected (4.15.0-1023.24~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1002.2)

Package

Source: linux-azure-edge (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.15.0-1002.2)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.18.0-1003.3~18.04.1)

Package

Source: linux-euclid (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (was needed ESM criteria)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-flo (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.10.0-1004.4)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1001.1)

Package

Source: linux-gke (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1014.14)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-goldfish (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-grouper (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.10.0-27.30~16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.10.0-27.30~16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.18.0-8.9~18.04.1)

Product

Source tree: https://github.com/bq/aquaris-E4.5

linux-krillin:

ignored (was needed now end-of-life)

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1004.9)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1002.2)

Package

Source: linux-linaro-omap (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-linaro-shared (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-linaro-vexpress (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Patches:

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-lts-saucy (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

This package is not directly supported by the Ubuntu Security Team

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	ignored (was needed ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-lts-utopic (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [out of standard support])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-lts-vivid (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [was needed now end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-lts-wily (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored [out of standard support])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	released (4.4.0-79.100~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-maguro (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-mako (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-manta (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-oem (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.13.0-1008.9)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.15.0-1002.3)

Package

Source: linux-qcm-msm (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1057.64)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (4.13.0-1005.5)

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1059.63)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (4.11~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE

Product

Source tree: https://github.com/bq/aquaris-E5

linux-vegetahd:

ignored (was needed now end-of-life)

More Information

Updated: 2020-03-18 22:49:26 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)