CVE-2017-6074 in Ubuntu

CVE-2017-6074

Priority

High

Description

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel
through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the
LISTEN state, which allows local users to obtain root privileges or cause a
denial of service (double free) via an application that makes an
IPV6_RECVPKTINFO setsockopt system call.

Ubuntu-Description

Andrey Konovalov discovered a use-after-free vulnerability in the DCCP
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly gain administrative
privileges.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6074
https://patchwork.ozlabs.org/patch/728808/
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6074
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4
https://usn.ubuntu.com/usn/usn-3206-1
https://usn.ubuntu.com/usn/usn-3207-1
https://usn.ubuntu.com/usn/usn-3207-2
https://usn.ubuntu.com/usn/usn-3208-1
https://usn.ubuntu.com/usn/usn-3208-2
https://usn.ubuntu.com/usn/usn-3209-1
http://www.openwall.com/lists/oss-security/2017/02/26/2

Bugs

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1665935

Notes

sbeattie> MITIGATION: blacklist the dccp ipv[46] autoloading aliases by
adding the following lines to /etc/modprobe.d/blacklist-dccp.conf:
alias net-pf-2-proto-0-type-6 off
alias net-pf-2-proto-33-type-6 off
alias net-pf-10-proto-0-type-6 off
alias net-pf-10-proto-33-type-6 off

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	released (3.13.0-110.157~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-wily (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source tree: https://github.com/bq/aquaris-E5

linux-vegetahd:

needed

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Patches:

Package

Source: linux-gke (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1003.3)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	released (3.2.0-123.166)
Ubuntu 14.04 LTS (Trusty Tahr):	released (3.13.0-110.157)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-64.85)
Ubuntu 17.04 (Zesty Zapus):	not-affected (4.10.0-9.11)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.10.0-19.21)

Patches:

Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was released [3.2.0-1501.128])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was released [3.2.0-1684.111])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-linaro-shared (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-maguro (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	released (4.4.0-64.85~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-saucy (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [end-of-life])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.10.0-14.16~16.04.1)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-manta (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-grouper (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-linaro-vexpress (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-qcm-msm (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-vivid (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1004.13)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1044.51)
Ubuntu 17.04 (Zesty Zapus):	not-affected (4.8.0-1026.29)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.10.0-1004.6)

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.4.0-1048.52)
Ubuntu 17.04 (Zesty Zapus):	not-affected (4.4.0-1048.52)
Ubuntu 17.10 (Artful Aardvark):	not-affected (4.4.0-1050.54)

Package

Source: linux-mako (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-linaro-omap (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-lts-utopic (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-goldfish (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	ignored (abandoned)
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (4.8.0-39.42~16.04.1)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

Package

Source tree: https://github.com/bq/aquaris-E4.5

linux-krillin:

needed

Package

Source: linux-flo (LP Ubuntu Debian)

Upstream:	released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)
Ubuntu 17.04 (Zesty Zapus):	DNE
Ubuntu 17.10 (Artful Aardvark):	DNE

More Information

Updated: 2017-12-15 20:35:53 UTC (commit 13913)