CVE-2020-10942 in Ubuntu

CVE-2020-10942

Priority

Description

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c
lacks validation of an sk_family field, which might allow attackers to
trigger kernel stack corruption via crafted system calls.

Ubuntu-Description

It was discovered that the vhost net driver in the Linux kernel contained a
stack buffer overflow. A local attacker with the ability to perform ioctl()
calls on /dev/vhost-net could use this to cause a denial of service (system
crash).

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10942
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.8
https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64
https://lkml.org/lkml/2020/2/15/125
https://ubuntu.com/security/notices/USN-4342-1
https://ubuntu.com/security/notices/USN-4344-1
https://ubuntu.com/security/notices/USN-4345-1
https://ubuntu.com/security/notices/USN-4364-1

Notes

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-99.100)
Ubuntu 20.04 LTS:	not-affected (5.4.0-18.22)
Ubuntu 16.04 ESM:	released (4.4.0-179.209)
Ubuntu 14.04 ESM:	ignored (was needed ESM criteria)

Patches:

Introduced by

3a4d5c94e959359ece6d6b55045c3f046677f55c

Fixed by

42d84c8490f9f0931786f1623191fcab397c3d64

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1066.70)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	released (4.4.0-1107.118)
Ubuntu 14.04 ESM:	released (4.4.0-1067.71)

Patches:

Package

Source: linux-aws-5.0 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-5.3 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.3.0-1017.18~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-hwe (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	released (4.15.0-1066.70~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	ignored (was needed now end-of-life)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1006.6)
Ubuntu 16.04 ESM:	released (4.15.0-1082.92~16.04.1)
Ubuntu 14.04 ESM:	ignored (was needed ESM criteria)

Patches:

Package

Source: linux-azure-4.15 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1082.92)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-5.3 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.3.0-1020.21~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-edge (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	ignored (was needed now end-of-life)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	released (4.15.0-1061.65)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-4.15 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1071.81)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-5.3 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.3.0-1018.19~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-edge (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-4.15 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1058.61)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.0 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.0.0-1035.36)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.3 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.3.0-1018.19~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.3.0-51.44~18.04.2)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	released (4.15.0-99.100~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	ignored (was needs-triage now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1059.60)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1004.4)
Ubuntu 16.04 ESM:	released (4.4.0-1071.78)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	released (4.4.0-179.209~14.04.1)

Patches:

Package

Source: linux-oem (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1080.90)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-5.6 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.6.0-1007.7)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-osp1 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.0.0-1050.55)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1038.42)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	released (4.15.0-1038.42~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.0 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	ignored (was needed now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.3 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.3.0-1016.18~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.4.0-1007.7)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1061.65)
Ubuntu 20.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2-5.3 (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (5.3.0-1023.25~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-riscv (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.4.0-24.28)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (5.6~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1077.84)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

More Information

Updated: 2022-04-13 14:04:16 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)