Oval Definition:oval:com.ubuntu.xenial:def:2016107230000000
Revision Date:2018-06-21Version:1
Title:CVE-2016-10723 on Ubuntu 16.04 LTS (xenial) - low.
Description:** DISPUTED ** An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault events) when the global OOM killer is invoked. NOTE: the software maintainer has not accepted certain proposed patches, in part because of a viewpoint that "the underlying problem is non-trivial to handle."
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-10723
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • linux package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-aws package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-aws-hwe package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-azure package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-euclid: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needed ESM criteria').
  • OR linux-flo: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'abandoned').
  • OR linux-gcp package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-gke: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needs-triage now end-of-life').
  • OR linux-goldfish: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needs-triage now end-of-life').
  • OR linux-hwe package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-kvm package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-mako: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'abandoned').
  • OR linux-meta package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-aws package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-aws-hwe package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-azure package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-gcp package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-hwe package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-kvm package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-oracle package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-raspi2 package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-meta-snapdragon package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-oem: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needed now end-of-life').
  • OR linux-oracle package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-raspi2 package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-signed package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-signed-azure package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-signed-gcp package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-signed-hwe package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-signed-oracle package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
  • OR linux-snapdragon package in xenial is affected, but a decision has been made to defer addressing it (note: '2019-01-24').
    • BACK