Your submission was sent successfully! Close

CVE-2017-7979

Published: 19 April 2017

The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refcount underflow, and system hang or crash) or possibly have unspecified other impact via "tc filter add" commands in certain contexts. NOTE: this does not affect stable kernels, such as 4.10.x, from kernel.org.

From the Ubuntu security team

Fabian Gr├╝nbichler discovered that the Packet action API implementation in the Linux kernel improperly handled uninitialized data. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Not vulnerable

upstream
Released (4.11~rc8)
xenial Not vulnerable

yakkety Not vulnerable

zesty
Released (4.10.0-22.24)
Patches:
Introduced by

1045ba77a5962a22bce7777678ef46714107ea63

Fixed by e0535ce58b92d7baf0b33284a6c4f8f0338f943e
linux-armadaxp
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was not-affected)
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-aws
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable

upstream
Released (4.11~rc8)
xenial Not vulnerable

yakkety Does not exist

zesty Does not exist

linux-azure
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable
(4.15.0-1023.24~14.04.1)
upstream
Released (4.11~rc8)
xenial Not vulnerable
(4.11.0-1009.9)
yakkety Does not exist

zesty Does not exist

linux-euclid
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Not vulnerable

zesty Does not exist

linux-flo
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.11~rc8)
xenial Not vulnerable

yakkety Ignored
(abandoned)
zesty Does not exist

linux-gcp
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Not vulnerable
(4.10.0-1004.4)
yakkety Does not exist

zesty Does not exist

linux-gke
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Not vulnerable

yakkety Does not exist

zesty Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.11~rc8)
xenial Not vulnerable

yakkety Ignored
(abandoned)
zesty Ignored
(abandoned)
linux-grouper
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Not vulnerable
(4.10.0-27.30~16.04.2)
yakkety Does not exist

zesty Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Not vulnerable
(4.10.0-27.30~16.04.2)
yakkety Does not exist

zesty Does not exist

linux-kvm
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Not vulnerable

zesty Does not exist

linux-linaro-omap
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [abandoned])
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-linaro-shared
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [abandoned])
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-linaro-vexpress
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [abandoned])
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-quantal
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [end-of-life])
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-lts-raring
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [end-of-life])
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-saucy
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [end-of-life])
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-lts-trusty
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored [out of standard support])
upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-vivid
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was not-affected)
upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-wily
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored [out of standard support])
upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-mako
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.11~rc8)
xenial Not vulnerable

yakkety Ignored
(abandoned)
zesty Does not exist

linux-manta
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-qcm-msm
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [abandoned])
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Not vulnerable

yakkety Not vulnerable

zesty
Released (4.10.0-1006.8)
linux-snapdragon
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.11~rc8)
xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable

linux-ti-omap4
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was not-affected)
trusty Does not exist

upstream
Released (4.11~rc8)
xenial Does not exist

yakkety Does not exist

zesty Does not exist