CVE-2017-15951
Publication date 27 October 2017
Last updated 24 July 2024
Ubuntu priority
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.
From the Ubuntu Security Team
Eric Biggers discovered a race condition in the key management subsystem of the Linux kernel around keys in a negative state. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linux | ||
| 16.04 LTS xenial |
Fixed 4.4.0-101.124
|
|
| 14.04 LTS trusty |
Not affected
|
|
| linux-armadaxp | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-aws | ||
| 16.04 LTS xenial |
Fixed 4.4.0-1041.50
|
|
| 14.04 LTS trusty |
Fixed 4.4.0-1003.3
|
|
| linux-azure | ||
| 16.04 LTS xenial |
Fixed 4.13.0-1005.7
|
|
| 14.04 LTS trusty |
Not affected
|
|
| linux-euclid | ||
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-flo | ||
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp | ||
| 16.04 LTS xenial |
Fixed 4.13.0-1002.5
|
|
| 14.04 LTS trusty | Not in release | |
| linux-gke | ||
| 16.04 LTS xenial |
Fixed 4.4.0-1034.34
|
|
| 14.04 LTS trusty | Not in release | |
| linux-goldfish | ||
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-grouper | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe | ||
| 16.04 LTS xenial |
Fixed 4.13.0-26.29~16.04.2
|
|
| 14.04 LTS trusty | Not in release | |
| linux-hwe-edge | ||
| 16.04 LTS xenial |
Fixed 4.13.0-26.29~16.04.2
|
|
| 14.04 LTS trusty | Not in release | |
| linux-kvm | ||
| 16.04 LTS xenial |
Fixed 4.4.0-1010.15
|
|
| 14.04 LTS trusty | Not in release | |
| linux-linaro-omap | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-linaro-shared | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-linaro-vexpress | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-quantal | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-raring | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-saucy | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-trusty | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-utopic | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-vivid | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Ignored | |
| linux-lts-wily | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-xenial | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty |
Fixed 4.4.0-101.124~14.04.1
|
|
| linux-maguro | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-mako | ||
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-manta | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oem | ||
| 16.04 LTS xenial |
Fixed 4.13.0-1010.11
|
|
| 14.04 LTS trusty | Not in release | |
| linux-qcm-msm | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi2 | ||
| 16.04 LTS xenial |
Fixed 4.4.0-1077.85
|
|
| 14.04 LTS trusty | Not in release | |
| linux-snapdragon | ||
| 16.04 LTS xenial |
Fixed 4.4.0-1079.84
|
|
| 14.04 LTS trusty | Not in release | |
| linux-ti-omap4 | ||
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.8 · High
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-3507-1
- Linux kernel vulnerabilities
- 7 December 2017
- USN-3507-2
- Linux kernel (GCP) vulnerabilities
- 8 December 2017
- USN-3485-1
- Linux kernel vulnerabilities
- 21 November 2017
- USN-3485-3
- Linux kernel (AWS) vulnerabilities
- 21 November 2017
- USN-3485-2
- Linux kernel (Xenial HWE) vulnerabilities
- 21 November 2017
Other references
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=363b02dab09b3226f3bd1420dad9c72b79a42a76
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.10
- https://github.com/torvalds/linux/commit/363b02dab09b3226f3bd1420dad9c72b79a42a76
- https://www.cve.org/CVERecord?id=CVE-2017-15951