CVE-2017-6353

Priority
Medium
Description
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly
restrict association peel-off operations during certain wait states, which
allows local users to cause a denial of service (invalid unlock and double
free) via a multithreaded application. NOTE: this vulnerability exists
because of an incorrect fix for CVE-2017-5986.
References
Bugs
Notes
 tyhicks> See marc.info link for a fix that is in the process of landing in
  Linus' tree.
 sbeattie> both CVE-2017-5986 and CVE-2017-6353 will be addressed at the
  same time.
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
linux-vegetahd:not-affected
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Patches:
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.10.0-19.21)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.13.0-117.164)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-75.96)
Ubuntu 17.04 (Zesty Zapus):not-affected (4.10.0-15.17)
Patches:
Introduced by 2dcab598484185dea7ec22219c76dcdd59e3cb90Fixed by dfcb9f4f99f1e9a49e43398a7bfbf56927544af1
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.4.0-75.96~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-19.21~16.04.1)
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1016.25)
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.10.0-1004.6)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1054.61)
Ubuntu 17.04 (Zesty Zapus):not-affected (4.10.0-1003.5)
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.4.0-1057.61)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1057.61)
Ubuntu 17.04 (Zesty Zapus):not-affected (4.4.0-1057.61)
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 17.04 (Zesty Zapus):not-affected
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-49.52~16.04.1)
Ubuntu 17.04 (Zesty Zapus):DNE
Package
linux-krillin:not-affected
Package
Upstream:released (4.11~rc1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 17.04 (Zesty Zapus):DNE
More Information

Updated: 2017-11-06 19:19:45 UTC (commit 13639)