CVE-2016-8645: Linux kernel mishandles socket buffer (skb) truncation
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Low
|
Dan Streetman | ||
Trusty |
Fix Released
|
Low
|
Dan Streetman |
Bug Description
[Impact]
From CVE description:
https:/
"The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation,
which allows local users to cause a denial of service (system crash) via a
crafted application that makes sendto system calls, related to
net/ipv4/tcp_ipv4.c and net/ipv6/
[Test Case]
See references in the CVE page.
[Regression Potential]
This modifies the code that handles all tcp packets, so it could cause problems with network traffic, although unlikely since it's been applied upstream and to various stable kernels (but not the 3.13.y stable branch).
[Other Info]
The patch appears to have been pulled into xenial through the 4.4.y stable tree, but it doesn't appear that the patch will be applied to the 3.13.y stable tree, so this bug is track manually adding the patch.
CVE References
Changed in linux (Ubuntu): | |
status: | Incomplete → In Progress |
importance: | Undecided → Low |
assignee: | nobody → Dan Streetman (ddstreet) |
tags: | added: sts-sru |
Changed in linux (Ubuntu Trusty): | |
status: | New → In Progress |
importance: | Undecided → Low |
assignee: | nobody → Dan Streetman (ddstreet) |
Changed in linux (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu): | |
status: | In Progress → Fix Released |
This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:
apport-collect 1687107
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.