Oval Definition:
oval:com.ubuntu.xenial:def:20168405000
Revision Date
:
2017-05-30
Version
:
1
Title
:
CVE-2016-8405 on Ubuntu 16.04 LTS (xenial) - low.
Description
:
Copying color maps to userspace doesn't check the value of to->start, which will cause kernel heap buffer OOB read due to signedness wraps.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2016-8405
Platform(s)
:
Ubuntu 16.04 LTS
Product(s)
:
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed.
AND
Package Information
The 'linux' package in xenial is affected. An update containing the fix has been completed and is pending publication (note: '4.4.0-67.88').
OR
The 'linux-aws' package in xenial is affected. An update containing the fix has been completed and is pending publication (note: '4.4.0-1009.18').
OR
While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR
NOT
While related to the CVE in some way, the 'linux-gke' package in xenial is not affected (note: '4.4.0-1003.3').
OR
The 'linux-goldfish' package in xenial is affected and needs fixing.
OR
The 'linux-hwe' package in xenial is affected and needs fixing.
OR
The 'linux-hwe-edge' package in xenial is affected. An update containing the fix has been completed and is pending publication (note: '4.10.0-14.16~16.04.1').
OR
While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR
The 'linux-raspi2' package in xenial is affected. An update containing the fix has been completed and is pending publication (note: '4.4.0-1048.55').
OR
The 'linux-snapdragon' package in xenial is affected. An update containing the fix has been completed and is pending publication (note: '4.4.0-1051.55').
BACK