| Revision Date: | 2016-04-27 | Version: | 1 | | Title: | CVE-2016-0774 on Ubuntu 16.04 LTS (xenial) - medium. | | Description: | The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805. It was discovered that the Linux kernel did not keep accurate track of pipe buffer details when error conditions occurred, due to an incomplete fix for CVE-2015-1805. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2016-0774
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT linux-image-4.4.0-150-generic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-150-generic-lpae package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-150-lowlatency package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-150-powerpc-e500mc package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-150-powerpc-smp package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-150-powerpc64-emb package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-150-powerpc64-smp package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-unsigned-4.4.0-150-generic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-unsigned-4.4.0-150-lowlatency package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-1084-aws package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-3.4.0-5-flo package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-1034-gke package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-extra-4.4.0-1034-gke package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-3.4.0-4-goldfish package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.15.0-51-generic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.15.0-51-generic-lpae package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.15.0-51-lowlatency package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-unsigned-4.15.0-51-generic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-unsigned-4.15.0-51-lowlatency package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-3.4.0-7-mako package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-extra-virtual package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-extra-virtual-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-extra-virtual-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-extra-virtual-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-extra-virtual-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lpae package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lpae-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lpae-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lpae-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lpae-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-hwe-generic-trusty package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-hwe-virtual-trusty package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-lowlatency package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-lowlatency-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-lowlatency-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-lowlatency-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-lowlatency-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-e500mc package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-e500mc-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-e500mc-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-e500mc-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-e500mc-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-smp package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-smp-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-smp-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-smp-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc-smp-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-emb package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-emb-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-emb-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-emb-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-emb-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-smp package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-smp-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-smp-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-smp-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-powerpc64-smp-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-virtual package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-virtual-lts-utopic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-virtual-lts-vivid package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-virtual-lts-wily package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-virtual-lts-xenial package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-aws package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-extra-virtual-hwe-16.04 package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-hwe-16.04 package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-generic-lpae-hwe-16.04 package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-lowlatency-hwe-16.04 package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-oem package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-virtual-hwe-16.04 package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-raspi2 package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-snapdragon package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-1110-raspi2 package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-150-generic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-150-lowlatency package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.15.0-51-generic package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.15.0-51-lowlatency package in xenial, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.4.0-1114-snapdragon package in xenial, while related to the CVE in some way, is not affected.
|
|