CVE-2019-13272

Priority
Description
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c
mishandles the recording of the credentials of a process that wants to
create a ptrace relationship, which allows local users to obtain root
access by leveraging certain scenarios with a parent-child process
relationship, where a parent drops privileges and calls execve (potentially
allowing control by an attacker). One contributing factor is an object
lifetime issue (which can also cause a panic). Another contributing factor
is incorrect marking of a ptrace relationship as privileged, which is
exploitable through (for example) Polkit's pkexec helper with
PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in
some environments.
Ubuntu-Description
Jann Horn discovered that the ptrace implementation in the Linux kernel did
not properly record credentials in some situations. A local attacker could
use this to cause a denial of service (system crash) or possibly gain
administrative privileges.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.0.0-12.20)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (3.11.0-12.19)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-159.187)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-58.64)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-25.26)
Ubuntu 19.10 (Eoan):not-affected (5.2.0-8.9)
Patches:
Introduced by 64b875f7ac8a5d60a4e191479299e931ee949b67Fixed by 6994eefb0053799d2e07cd140df6c2ea106c41ee
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1090.101)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1046.48)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1013.15)
Ubuntu 19.10 (Eoan):needed
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1046.48~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1055.60)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1014.14~18.04.1)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1014.14)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1014.14)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1055.60)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1014.14~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1040.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1040.42)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1013.13)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1013.13)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1040.42)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1040.42)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1013.13~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-58.64~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-25.26~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-58.64~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.2.0-10.11~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1054.61)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1042.42)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1013.14)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1013.14)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.13.0-24.46~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1050.57)
Ubuntu 19.04 (Disco Dingo):released (4.15.0-1050.57)
Ubuntu 19.10 (Eoan):released (4.15.0-1050.57)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1021.23~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1021.23)
Ubuntu 19.04 (Disco Dingo):pending
Ubuntu 19.10 (Eoan):pending
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1118.127)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1043.46)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1014.14)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1014.14)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1122.128)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1060.66)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1018.19)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1018.19)
More Information

Updated: 2019-08-20 18:14:43 UTC (commit 22c312e6d724c8e28e425b5349ca56ada895b260)