Description
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux
kernel through 4.19.13. The CAN frame modification rules allow bitwise
logical operations that can be also applied to the can_dlc field. Because
of a missing check, the CAN drivers may write arbitrary content beyond the
data registers in the CAN controller's I/O memory when processing can-gw
manipulated outgoing frames. This is related to cgw_csum_xor_rel. An
unprivileged user can trigger a system crash (general protection fault).
Notes
tyhicks> The original CVE description that states that an unprivileged user
can trigger a system crash is incorrect. Only the root user, from the init
namespace, can trigger the system crash. Therefore, we'll prioritize this
issue as negligible.
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | needed
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(was needs-triage ESM criteria)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | needed
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(end-of-life)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | ignored
(was needs-triage ESM criteria)
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | needed
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | needed
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Updated: 2019-02-06 19:14:23 UTC (commit 1f07506ddf942ddd276eb6afefc37d0cc6711749)