CVE-2017-8824 (retired)

Priority
Description
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel
through 4.14.3 allows local users to gain privileges or cause a denial of
service (use-after-free) via an AF_UNSPEC connect system call during the
DCCP_LISTEN state.
Ubuntu-Description
Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code.
Notes
 sbeattie> MITIGATION: blacklist the dccp ipv[46] autoloading aliases by
  adding the following lines to /etc/modprobe.d/blacklist-dccp.conf:
  alias net-pf-2-proto-0-type-6 off
  alias net-pf-2-proto-33-type-6 off
  alias net-pf-10-proto-0-type-6 off
  alias net-pf-10-proto-33-type-6 off
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-116.140)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-10.11)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-20.21)
Patches:
Introduced by 7c657876b63cb1d8a2ec06f8fc6c37bb8412e66cFixed by 69c64866ce072dea1d1e59a0d61e0f66c0dffb76
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1052.61)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1007.7)
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-1011.14)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1009.9)
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed ESM criteria)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-1011.15)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1006.6)
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-36.40~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-36.40~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.18.0-8.9~18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1019.24)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1008.8)
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Patches:
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-142.191~precise1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-1021.23)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.3)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1004.5)
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1085.93)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1006.7)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1010.11)
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1087.92)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
Upstream:released (4.15~rc3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Package
linux-vegetahd:ignored (was needed now end-of-life)
More Information

Updated: 2019-05-15 21:15:21 UTC (commit 7fd02d9ec802bf69909e9bf11160eb7c4f65c010)