Your submission was sent successfully! Close

CVE-2015-3332

Published: 21 April 2015

A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.

From the Ubuntu security team

A flaw was discovered in the Linux kernel's IPv4 networking when using TCP fast open to initiate a connection. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (3.13.0-53.89)
Patches:
Introduced by 355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a
Fixed by local-2015-3332
linux-2.6
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-flo
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-grouper
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-linaro-omap
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-linaro-shared
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-linaro-vexpress
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-quantal
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-lts-raring
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-saucy
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-lts-trusty
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [3.16.0-38.52~14.04.1])
linux-lts-vivid
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.19.0-18.18~14.04.1])
linux-maguro
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-mako
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-manta
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-qcm-msm
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (3.19~rc1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Notes

AuthorNote
jdstrand
android kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.10 and earlier preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support
henrix
This CVE is specific to stable kernels between 3.10 and 3.16, so
Trusty and Utopic are affected.  All other series are not.

References

Bugs