CVE-2020-12656 in Ubuntu

CVE-2020-12656

Priority

Description

** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in
the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks
certain domain_release calls, leading to a memory leak. Note: This was
disputed with the assertion that the issue does not grant any access not
already available. It is a problem that on unloading a specific kernel
module some memory is leaked, but loading kernel modules is a privileged
operation. A user could also write a kernel module to consume any amount of
memory they like and load that replicating the effect of this bug.

Ubuntu-Description

It was discovered that the Kerberos SUNRPC GSS implementation in the Linux
kernel did not properly deallocate memory on module unload. A local
privileged attacker could possibly use this to cause a denial of service
(memory exhaustion).

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12656
https://bugzilla.kernel.org/show_bug.cgi?id=206651
https://ubuntu.com/security/notices/USN-4483-1
https://ubuntu.com/security/notices/USN-4485-1

Notes

sbeattie

upstream generally treats module unload as an unsafe
operation, which may explain a lack of progress in addressing the
issue.

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-115.116)
Ubuntu 20.04 LTS:	released (5.4.0-45.49)
Ubuntu 16.04 ESM:	released (4.4.0-186.216)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2	Fixed by d47a5dc2888fd1b94adf1553068b8dad76cec96c
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2	Fixed by 24c5efe41c29ee3e55bcf5a1c9f61ca8709622e8

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1080.84)
Ubuntu 20.04 LTS:	released (5.4.0-1022.22)
Ubuntu 16.04 ESM:	released (4.4.0-1111.123)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Package

Source: linux-aws-5.0 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-5.3 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was pending [5.3.0-1032.34~18.04.2] now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-5.4 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.4.0-1022.22~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-hwe (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	released (4.15.0-1080.84~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	released (5.4.0-1023.23)
Ubuntu 16.04 ESM:	released (4.15.0-1093.103~16.04.1)
Ubuntu 14.04 ESM:	released (4.15.0-1093.103~14.04.1)

Patches:

Package

Source: linux-azure-4.15 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1093.103)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-5.3 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-5.4 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.4.0-1023.23~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-edge (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	released (5.4.0-1022.22)
Ubuntu 16.04 ESM:	released (4.15.0-1081.92~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-4.15 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1081.92)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-5.3 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-5.4 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.4.0-1022.22~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-edge (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-4.15 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1067.70)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.0 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1045.46)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.3 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1032.34~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.4 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	not-affected (5.4.0-1025.25~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gkeop-5.4 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	not-affected (5.4.0-1001.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-64.58~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	released (4.15.0-115.116~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe-5.4 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.4.0-45.49~18.04.2)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe-5.8 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.8.0-23.24~20.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	ignored (was needs-triage now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1072.73)
Ubuntu 20.04 LTS:	released (5.4.0-1021.21)
Ubuntu 16.04 ESM:	released (4.4.0-1077.84)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Package

Source: linux-oem (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1094.104)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-5.6 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	released (5.6.0-1031.32)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-osp1 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1065.70)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1051.55)
Ubuntu 20.04 LTS:	released (5.4.0-1022.22)
Ubuntu 16.04 ESM:	released (4.15.0-1051.55~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.0 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.3 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.4 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.4.0-1022.22~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	released (5.4.0-1016.17)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi-5.4 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.4.0-1016.17~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1068.72)
Ubuntu 20.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2-5.3 (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1030.32~18.04.2)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-riscv (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	released (5.4.0-31.35)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (5.8~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1084.92)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

More Information

Updated: 2022-04-13 14:06:47 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)