CVE-2015-4004
Published: 7 June 2015
The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet.
From the Ubuntu security team
Jason A. Donenfeld discovered multiple out-of-bounds reads in the OZMO USB over wifi device drivers in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or obtain potentially sensitive information from kernel memory.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
Patches: Introduced by ae926051d7eb8f80dba9513db70d2e2fc8385d3a |
||
linux-armadaxp Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
This package is not directly supported by the Ubuntu Security Team | ||
linux-aws Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-ec2 Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-flo Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-gke Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-goldfish Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-grouper Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-hwe Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-linaro-omap Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-linaro-shared Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-linaro-vexpress Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-lts-quantal Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
This package is not directly supported by the Ubuntu Security Team | ||
linux-lts-raring Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-lts-saucy Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
This package is not directly supported by the Ubuntu Security Team | ||
linux-lts-trusty Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-lts-utopic Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-lts-vivid Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-lts-wily Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-maguro Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-mako Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-manta Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-qcm-msm Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-raspi2 Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-snapdragon Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
upstream |
Released
(4.3~rc1)
|
Notes
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
apw | it seems that upstream gave up and ripped this driver out en-toto: commit a73e99cb67e7438e5ab0c524ae63a8a27616c839 Author: Jason A. Donenfeld <Jason@zx2c4.com> Date: Mon Aug 10 17:49:51 2015 +0200 staging: ozwpan: Remove from tree |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4004
- http://www.openwall.com/lists/oss-security/2015/06/05/7
- https://lkml.org/lkml/2015/5/13/739
- https://ubuntu.com/security/notices/USN-2989-1
- https://ubuntu.com/security/notices/USN-2998-1
- https://ubuntu.com/security/notices/USN-3000-1
- https://ubuntu.com/security/notices/USN-3001-1
- https://ubuntu.com/security/notices/USN-3002-1
- https://ubuntu.com/security/notices/USN-3003-1
- https://ubuntu.com/security/notices/USN-3004-1
- NVD
- Launchpad
- Debian