Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2016-10906

Published: 19 August 2019

An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.

From the Ubuntu Security Team

It was discovered that a race condition existed in the ARC EMAC ethernet driver for the Linux kernel, resulting in a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash).

Notes

AuthorNote
tyhicks
Setting the priority to low since the ARC EMAC ethernet device driver
is for legacy FPGA boards which are unlikely to have a high numbers of users

Priority

Low

Cvss 3 Severity Score

7.0

Score breakdown

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.13.0-16.19)
disco Not vulnerable
(4.18.0-10.11)
eoan Not vulnerable
(5.0.0-13.14)
precise Ignored
(was needs-triage ESM criteria)
trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (4.5~rc6)
xenial
Released (4.4.0-166.195)
Patches:
Introduced by

e4f2379db6c6823c5d4a4c2c912df00c65de51d7

Fixed by c278c253f3d992c6994d08aa0efb2b6806ca396f
linux-aws
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1001.1)
disco Not vulnerable
(4.18.0-1002.3)
eoan Not vulnerable
(5.0.0-1004.4)
precise Does not exist

trusty
Released (4.4.0-1056.60)
upstream
Released (4.5~rc6)
xenial
Released (4.4.0-1096.107)
linux-aws-hwe
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Not vulnerable
(4.15.0-1030.31~16.04.1)
linux-azure
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1002.2)
disco Not vulnerable
(4.18.0-1003.3)
eoan Not vulnerable
(5.0.0-1004.4)
precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (4.5~rc6)
xenial Not vulnerable
(4.11.0-1009.9)
linux-azure-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1002.2)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Not vulnerable
(4.11.0-1009.9)
linux-gcp
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1001.1)
disco Not vulnerable
(4.18.0-1002.3)
eoan Not vulnerable
(5.0.0-1004.4)
precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Not vulnerable
(4.10.0-1004.4)
linux-gcp-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1001.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1030.32)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.0.0-1011.11~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.18.0-13.14~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Not vulnerable
(4.8.0-36.36~16.04.1)
linux-hwe-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.0.0-15.16~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Not vulnerable
(4.8.0-36.36~16.04.1)
linux-kvm
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1002.2)
disco Not vulnerable
(4.18.0-1003.3)
eoan Not vulnerable
(5.0.0-1004.4)
precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial
Released (4.4.0-1060.67)
linux-lts-trusty
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Ignored
(was needs-triage ESM criteria)
trusty Does not exist

upstream
Released (4.5~rc6)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Does not exist

trusty
Released (4.4.0-166.195~14.04.1)
upstream
Released (4.5~rc6)
xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1002.3)
disco Not vulnerable
(4.15.0-1021.24)
eoan Not vulnerable
(4.15.0-1035.40)
precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Ignored
(was needs-triage now end-of-life)
linux-oracle
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1007.9)
disco Not vulnerable
(4.15.0-1007.9)
eoan Not vulnerable
(4.15.0-1011.13)
precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial Not vulnerable
(4.15.0-1007.9~16.04.1)
linux-raspi2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.13.0-1005.5)
disco Not vulnerable
(4.18.0-1005.7)
eoan Not vulnerable
(5.0.0-1006.6)
precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial
Released (4.4.0-1124.133)
linux-snapdragon
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1053.57)
disco Not vulnerable
(5.0.0-1010.10)
eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.5~rc6)
xenial
Released (4.4.0-1128.136)

Severity score breakdown

Parameter Value
Base score 7.0
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H