Your submission was sent successfully! Close

CVE-2014-2580

Published: 15 April 2014

The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface.

From the Ubuntu security team

Török Edwin discovered a flaw with Xen netback driver when used with Linux configurations that do not allow sleeping in softirq context. A guest administrator could exploit this flaw to cause a denial of service (system crash) on the host.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
lucid Not vulnerable

precise Not vulnerable

saucy Not vulnerable

trusty
Released (3.13.0-27.50)
upstream
Released (3.15~rc1)
utopic Not vulnerable
(3.15.0-1.5)
vivid Not vulnerable
(3.16.0-23.31)
wily Not vulnerable
(3.19.0-15.15)
Patches:
Introduced by

b3f980bd827e6e81a050c518d60ed7811a83061d

Fixed by e9d8b2c2968499c1f96563e6522c56958d5a1d0d
linux-armadaxp
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable

saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-ec2
Launchpad, Ubuntu, Debian
lucid Not vulnerable

precise Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-flo
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

saucy Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (3.15~rc1)
utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

linux-fsl-imx51
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life, does not affect buildd)
precise Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored)
upstream
Released (3.15~rc1)
utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

linux-grouper
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored)
upstream
Released (3.15~rc1)
utopic Ignored
(reached end-of-life)
vivid Does not exist

wily Does not exist

linux-linaro-omap
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Ignored
(abandoned)
saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-linaro-shared
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Ignored
(abandoned)
saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-linaro-vexpress
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Ignored
(abandoned)
saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-lts-quantal
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable

saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-lts-raring
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable

saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-lts-saucy
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable

saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-lts-trusty
Launchpad, Ubuntu, Debian
lucid Does not exist

precise
Released (3.13.0-27.50~precise1)
saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

trusty Does not exist
(trusty was not-affected [3.16.0-25.33~14.04.2])
upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-lts-vivid
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

trusty Does not exist
(trusty was not-affected [3.19.0-18.18~14.04.1])
upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored)
upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-mako
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored)
upstream
Released (3.15~rc1)
utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

linux-manta
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored)
upstream
Released (3.15~rc1)
utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

linux-mvl-dove
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-qcm-msm
Launchpad, Ubuntu, Debian
lucid Ignored
(abandoned)
precise Ignored
(abandoned)
saucy Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (3.15~rc1)
vivid Does not exist

wily Not vulnerable
(4.2.0-1008.12)
linux-ti-omap4
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable

saucy Not vulnerable

trusty Does not exist

upstream
Released (3.15~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist