| Revision Date: | 2016-08-07 | Version: | 1 | | Title: | CVE-2016-5340 on Ubuntu 14.04 LTS (trusty) - medium. | | Description: | The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2016-5340
| | Platform(s): | Ubuntu 14.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 14.04 LTS (trusty) is installed. AND Package Information
NOT While related to the CVE in some way, the 'linux' package in trusty is not affected (note: 'Android only').
OR NOT While related to the CVE in some way, the 'linux-aws' package in trusty is not affected (note: 'Android kernel only').
OR NOT While related to the CVE in some way, the 'linux-azure' package in trusty is not affected (note: '4.15.0-1023.24~14.04.1').
OR While related to the CVE in some way, a decision has been made to ignore it.
OR While related to the CVE in some way, a decision has been made to ignore it.
OR While related to the CVE in some way, a decision has been made to ignore it.
OR NOT While related to the CVE in some way, the 'linux-lts-utopic' package in trusty is not affected (note: 'Android kernel only').
OR NOT While related to the CVE in some way, the 'linux-lts-vivid' package in trusty is not affected (note: 'Android kernel only').
OR NOT While related to the CVE in some way, the 'linux-lts-wily' package in trusty is not affected (note: 'Android kernel only').
OR NOT While related to the CVE in some way, the 'linux-lts-xenial' package in trusty is not affected (note: 'Android kernel only').
OR While related to the CVE in some way, a decision has been made to ignore it.
OR While related to the CVE in some way, a decision has been made to ignore it.
OR While related to the CVE in some way, a decision has been made to ignore it.
|
|