CVE-2019-11815

Priority
Description
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux
kernel before 5.0.8. There is a race condition leading to a use-after-free,
related to net namespace cleanup.
Ubuntu-Description
It was discovered that a race condition leading to a use-after-free existed
in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux
kernel. The RDS protocol is blacklisted by default in Ubuntu. If enabled, a
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.
Notes
sarnoldI haven't yet seen evidence to support allegations that this is
remotely exploitable. Blacklisting rds.ko module is probably sufficient
to prevent the vulnerable code from loading. The default configuration of
the kmod package has included RDS in /etc/modprobe.d/blacklist-rare-network.conf
since 14.04 LTS. I'm dropping priority as a result.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.0.0-12.20)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (3.11.0-12.19)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-150.176)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-55.60)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-16.17)
Patches:
Introduced by
467fa15356acfb7b2efa38839c3e76caa4e6e0ea
Fixed by
cb66ddd156203daefb8d71158036b27b0e2caf63
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.4.0-1045.48)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1084.94)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1047.49)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1007.7)
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1047.49~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1051.56)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.18.0-1025.27~18.04.1)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1008.8)
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1051.56)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.18.0-1025.27~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1037.39~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1037.39)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1007.7)
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1037.39)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1037.39)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1011.11~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-55.60~16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-23.24~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-55.60~16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-16.17~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1047.53)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1039.39)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1007.7)
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.13.0-24.46~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.4.0-150.176~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1050.57)
Ubuntu 19.10 (Eoan Ermine):released (4.15.0-1050.57)
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1018.20~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1018.20)
Ubuntu 19.10 (Eoan Ermine):not-affected (4.15.0-1018.20)
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1110.118)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1041.44)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1009.9)
Package
Upstream:released (5.1~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1114.119)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1058.64)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1013.13)
More Information

Updated: 2020-03-18 22:53:53 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)