CVE-2013-2140

Published: 05 June 2013

The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature.

From the Ubuntu security team

A flaw was discovered in the Xen subsystem of the Linux kernel when it provides read-only access to a disk that supports TRIM or SCSI UNMAP to a guest OS. A privileged user in the guest OS could exploit this flaw to destroy data on the disk, even though the guest OS should not be able to write to the disk.

Priority

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable (4.2.0-16.19)
	Ubuntu 14.04 ESM (Trusty Tahr)	Not vulnerable (3.11.0-12.19)
	Patches: Introduced by b3cb0d6adc4bbc70b5e37e49a6068e973545ead7 Fixed by 604c499cbbcc3d5fe5fb8d53306aa0fae1990109
linux-ec2 Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-mvl-dove Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-ti-omap4 Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-lts-backport-maverick Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-fsl-imx51 Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-linaro-omap Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-linaro-shared Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-linaro-vexpress Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-qcm-msm Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-armadaxp Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
	This package is not directly supported by the Ubuntu Security Team
linux-lts-quantal Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
	Patches: DNE
linux-lts-raring Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-lts-saucy Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-goldfish Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable (3.4.0-4.27)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [was needed now end-of-life])
linux-grouper Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [abandoned])
linux-maguro Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [abandoned])
linux-mako Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Ignored (abandoned)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [was needed now end-of-life])
linux-manta Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [was needed now end-of-life])
linux-flo Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Ignored (abandoned)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [was needed now end-of-life])
linux-lts-trusty Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-lts-utopic Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was not-affected [3.16.0-25.33~14.04.2])
linux-lts-vivid Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was not-affected [3.19.0-18.18~14.04.1])
linux-lts-wily Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was not-affected [4.2.0-18.22~14.04.1])
linux-raspi2 Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable (4.2.0-1013.19)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-lts-xenial Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Not vulnerable (4.4.0-13.29~14.04.1)
linux-snapdragon Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable (4.4.0-1012.12)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-aws Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable (4.4.0-1001.10)
	Ubuntu 14.04 ESM (Trusty Tahr)	Not vulnerable (4.4.0-1002.2)
linux-hwe-edge Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable (4.8.0-36.36~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-hwe Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable (4.8.0-36.36~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gke Launchpad, Ubuntu, Debian	Upstream	Released (3.11~rc3)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable (4.4.0-1003.3)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist

Notes

Author	Note
seth-arnold	diff is e79ab45..4119bcd, patch not yet in tree

References

Bugs

https://launchpad.net/bugs/1188351

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM