CVE-2016-5340
Published: 7 August 2016
The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.
Notes
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
sbeattie | strcmp /ashmem code was never in upstream kernels, marking not-affected |
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(Android only)
|
precise |
Not vulnerable
(Android only)
|
|
trusty |
Not vulnerable
(Android only)
|
|
upstream |
Not vulnerable
(Android only)
|
|
xenial |
Not vulnerable
(Android only)
|
|
yakkety |
Not vulnerable
(Android only)
|
|
zesty |
Not vulnerable
(Android only)
|
|
linux-armadaxp Launchpad, Ubuntu, Debian |
precise |
Ignored
(end of life)
|
trusty |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
artful |
Does not exist
|
|
This package is not directly supported by the Ubuntu Security Team | ||
linux-aws Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Not vulnerable
(Android kernel only)
|
|
xenial |
Not vulnerable
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-azure Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
trusty |
Not vulnerable
(4.15.0-1023.24~14.04.1)
|
|
xenial |
Not vulnerable
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-euclid Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-flo Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored)
|
|
xenial |
Ignored
(abandoned)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-gcp Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-gke Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-goldfish Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored)
|
|
xenial |
Ignored
(abandoned)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|
|
upstream |
Needs triage
|
|
linux-grouper Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored)
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-hwe Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-kvm Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-linaro-omap Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
linux-linaro-shared Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-linaro-vexpress Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-lts-quantal Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
This package is not directly supported by the Ubuntu Security Team | ||
linux-lts-raring Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-lts-saucy Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
This package is not directly supported by the Ubuntu Security Team | ||
linux-lts-trusty Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Not vulnerable
(Android kernel only)
|
|
trusty |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-lts-utopic Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was not-affected [Android kernel only])
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-lts-vivid Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was not-affected [Android kernel only])
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-lts-wily Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was not-affected [Android kernel only])
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Not vulnerable
(Android kernel only)
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-maguro Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored)
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-mako Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored)
|
|
xenial |
Ignored
(abandoned)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-manta Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored)
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-oem Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-qcm-msm Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(Android only)
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
(Android only)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Not vulnerable
(Android only)
|
|
upstream |
Needs triage
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(Android only)
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
xenial |
Not vulnerable
(Android only)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Not vulnerable
(Android only)
|
|
upstream |
Needs triage
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.8 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |