CVE 2017-7374
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.
Related bugs and status
CVE-2017-7374 (Candidate) is related to these bugs:
Bug #1672819: exec'ing a setuid binary from a threaded program sometimes fails to setuid
Bug #1676679: datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1676679 | datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD | openvswitch (Ubuntu) | Undecided | Invalid | ||
1676679 | datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD | The Ubuntu-power-systems project | Undecided | Fix Released | ||
1676679 | datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD | linux (Ubuntu) | Medium | Fix Released | ||
1676679 | datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD | linux (Ubuntu Zesty) | Medium | Fix Released | ||
1676679 | datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD | openvswitch (Ubuntu Zesty) | Undecided | Invalid | ||
1676679 | datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD | linux (Ubuntu Yakkety) | Medium | Fix Released | ||
1676679 | datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD | openvswitch (Ubuntu Yakkety) | Undecided | Invalid |
Bug #1686099: connection flood to port 445 on mounting cifs volume under kernel
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1686099 | connection flood to port 445 on mounting cifs volume under kernel | linux (Ubuntu) | High | Fix Released | ||
1686099 | connection flood to port 445 on mounting cifs volume under kernel | Linux | Unknown | Fix Released | ||
1686099 | connection flood to port 445 on mounting cifs volume under kernel | linux (Ubuntu Zesty) | High | Fix Committed | ||
1686099 | connection flood to port 445 on mounting cifs volume under kernel | linux (Ubuntu Xenial) | High | Fix Committed | ||
1686099 | connection flood to port 445 on mounting cifs volume under kernel | linux (Ubuntu Yakkety) | High | Fix Released |
Bug #1686305: Merlin SGMII fail on Ubuntu Xenial HWE kernel
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1686305 | Merlin SGMII fail on Ubuntu Xenial HWE kernel | linux (Ubuntu) | Medium | Fix Released | ||
1686305 | Merlin SGMII fail on Ubuntu Xenial HWE kernel | linux (Ubuntu Yakkety) | Medium | Fix Released | ||
1686305 | Merlin SGMII fail on Ubuntu Xenial HWE kernel | linux (Ubuntu Zesty) | Medium | Fix Released |
Bug #1686592: APST quirk needed for Intel NVMe
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1686592 | APST quirk needed for Intel NVMe | linux (Ubuntu) | Medium | Fix Released | ||
1686592 | APST quirk needed for Intel NVMe | linux (Ubuntu Zesty) | Undecided | Fix Released | ||
1686592 | APST quirk needed for Intel NVMe | linux (Ubuntu Yakkety) | Undecided | Fix Released |
Bug #1688132: Support IPMI system interface on Cavium ThunderX
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1688132 | Support IPMI system interface on Cavium ThunderX | linux (Ubuntu) | High | Fix Released | ||
1688132 | Support IPMI system interface on Cavium ThunderX | linux (Ubuntu Zesty) | High | Fix Released | ||
1688132 | Support IPMI system interface on Cavium ThunderX | linux (Ubuntu Yakkety) | High | Fix Released | ||
1688132 | Support IPMI system interface on Cavium ThunderX | linux (Ubuntu Xenial) | High | Fix Released |
Bug #1691899: regression: the 4.8 hwe kernel does not create the /sys/block/*/device/enclosure_device:* symlinks
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1691899 | regression: the 4.8 hwe kernel does not create the /sys/block/*/device/enclosure_device:* symlinks | linux (Ubuntu) | High | Fix Released | ||
1691899 | regression: the 4.8 hwe kernel does not create the /sys/block/*/device/enclosure_device:* symlinks | linux (Ubuntu Yakkety) | High | Fix Released |
Bug #1693126: Keyboard backlight control does not work on some dell laptops.
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1693126 | Keyboard backlight control does not work on some dell laptops. | linux (Ubuntu) | Undecided | Fix Released | ||
1693126 | Keyboard backlight control does not work on some dell laptops. | HWE Next | Undecided | Fix Released | ||
1693126 | Keyboard backlight control does not work on some dell laptops. | linux (Ubuntu Xenial) | Medium | Fix Released | ||
1693126 | Keyboard backlight control does not work on some dell laptops. | linux (Ubuntu Yakkety) | Medium | Fix Released | ||
1693126 | Keyboard backlight control does not work on some dell laptops. | linux (Ubuntu Zesty) | Medium | Fix Released |
Bug #1693250: raspi2 config diverges from master/generic armhf
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1693250 | raspi2 config diverges from master/generic armhf | linux-raspi2 (Ubuntu) | Undecided | Fix Released | ||
1693250 | raspi2 config diverges from master/generic armhf | linux-raspi2 (Ubuntu Xenial) | Undecided | Fix Released | ||
1693250 | raspi2 config diverges from master/generic armhf | linux-raspi2 (Ubuntu Yakkety) | Undecided | Fix Released | ||
1693250 | raspi2 config diverges from master/generic armhf | linux-raspi2 (Ubuntu Zesty) | Medium | Fix Released |
Bug #1693504: extend-diff-ignore should use exact matches
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1693504 | extend-diff-ignore should use exact matches | linux (Ubuntu) | Undecided | Fix Released | ||
1693504 | extend-diff-ignore should use exact matches | linux (Ubuntu Artful) | Undecided | Fix Released | ||
1693504 | extend-diff-ignore should use exact matches | linux (Ubuntu Trusty) | Undecided | New | ||
1693504 | extend-diff-ignore should use exact matches | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
1693504 | extend-diff-ignore should use exact matches | linux (Ubuntu Yakkety) | Undecided | Fix Released | ||
1693504 | extend-diff-ignore should use exact matches | linux (Ubuntu Zesty) | Undecided | Fix Released |
Bug #1699035: linux: 4.8.0-57.62 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1699035 | linux: 4.8.0-57.62 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow | Medium | In Progress | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Confirmed | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Confirmed | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1699035 | linux: 4.8.0-57.62 -proposed tracker | linux (Ubuntu Yakkety) | Undecided | Fix Released |
Bug #1699037: linux-raspi2: 4.8.0-1041.45 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | linux-raspi2 (Ubuntu) | Undecided | Invalid | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow | Medium | In Progress | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Confirmed | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Confirmed | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | New | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Invalid | ||
1699037 | linux-raspi2: 4.8.0-1041.45 -proposed tracker | linux-raspi2 (Ubuntu Yakkety) | Undecided | Fix Released |
Bug #1700533: linux: 4.8.0-58.63 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1700533 | linux: 4.8.0-58.63 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | linux (Ubuntu Yakkety) | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
1700533 | linux: 4.8.0-58.63 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Invalid |
Bug #1700534: linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | linux-hwe (Ubuntu) | Undecided | Invalid | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | linux-hwe (Ubuntu Xenial) | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
1700534 | linux-hwe: 4.8.0-58.63~16.04.1 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Invalid |
Bug #1700536: linux-raspi2: 4.8.0-1042.46 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | linux-raspi2 (Ubuntu) | Undecided | Invalid | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | linux-raspi2 (Ubuntu Yakkety) | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
1700536 | linux-raspi2: 4.8.0-1042.46 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Invalid |
See the
CVE page on Mitre.org
for more details.