*** This bug is a security vulnerability *** Public security bug reported:
A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. Break-Fix: 04b5d028f50ff05a8f9ae049ee71f8fdfcf1f5de 67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3 ** Affects: linux (Ubuntu) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu) Importance: Undecided Status: New ** Affects: linux-flo (Ubuntu) Importance: Medium Status: New ** Affects: linux-fsl-imx51 (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-goldfish (Ubuntu) Importance: Medium Status: New ** Affects: linux-lts-backport-maverick (Ubuntu) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-trusty (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-utopic (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-vivid (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-wily (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-lts-xenial (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux-mako (Ubuntu) Importance: Medium Status: New ** Affects: linux-manta (Ubuntu) Importance: Medium Status: New ** Affects: linux-mvl-dove (Ubuntu) Importance: Undecided Status: New ** Affects: linux-raspi2 (Ubuntu) Importance: Medium Status: New ** Affects: linux-ti-omap4 (Ubuntu) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-ec2 (Ubuntu Precise) Importance: Undecided Status: New ** Affects: linux-flo (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-goldfish (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Precise) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Precise) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-trusty (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux-lts-utopic (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-vivid (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-wily (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-lts-xenial (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-mako (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-manta (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Precise) Importance: Undecided Status: New ** Affects: linux-raspi2 (Ubuntu Precise) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Precise) Importance: Medium Status: New ** Affects: linux (Ubuntu Trusty) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: linux-flo (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-fsl-imx51 (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-goldfish (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-backport-maverick (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-trusty (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-lts-utopic (Ubuntu Trusty) Importance: Medium Status: New ** Affects: linux-lts-vivid (Ubuntu Trusty) Importance: Medium Status: New ** Affects: linux-lts-wily (Ubuntu Trusty) Importance: Medium Status: New ** Affects: linux-lts-xenial (Ubuntu Trusty) Importance: Medium Status: New ** Affects: linux-mako (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-manta (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-mvl-dove (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: linux-raspi2 (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux-ti-omap4 (Ubuntu Trusty) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-armadaxp (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-ec2 (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-flo (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-fsl-imx51 (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-goldfish (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-raring (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-saucy (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-trusty (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-utopic (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-vivid (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-wily (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-lts-xenial (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-mako (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-manta (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-mvl-dove (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-raspi2 (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux-ti-omap4 (Ubuntu Vivid) Importance: Undecided Status: New ** Affects: linux (Ubuntu Wily) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Wily) Importance: Undecided Status: New ** Affects: linux-flo (Ubuntu Wily) Importance: Medium Status: New ** Affects: linux-fsl-imx51 (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-goldfish (Ubuntu Wily) Importance: Medium Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Wily) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Wily) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-lts-trusty (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-lts-utopic (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-lts-vivid (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-lts-wily (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-lts-xenial (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux-mako (Ubuntu Wily) Importance: Medium Status: New ** Affects: linux-manta (Ubuntu Wily) Importance: Medium Status: New ** Affects: linux-mvl-dove (Ubuntu Wily) Importance: Undecided Status: New ** Affects: linux-raspi2 (Ubuntu Wily) Importance: Medium Status: New ** Affects: linux-ti-omap4 (Ubuntu Wily) Importance: Medium Status: Invalid ** Affects: linux (Ubuntu Xenial) Importance: Medium Status: New ** Affects: linux-armadaxp (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-ec2 (Ubuntu Xenial) Importance: Undecided Status: New ** Affects: linux-flo (Ubuntu Xenial) Importance: Medium Status: New ** Affects: linux-fsl-imx51 (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-goldfish (Ubuntu Xenial) Importance: Medium Status: New ** Affects: linux-lts-backport-maverick (Ubuntu Xenial) Importance: Undecided Status: New ** Affects: linux-lts-backport-natty (Ubuntu Xenial) Importance: Undecided Status: New ** Affects: linux-lts-quantal (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-lts-raring (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-lts-saucy (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-lts-trusty (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-lts-utopic (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-lts-vivid (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-lts-wily (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-lts-xenial (Ubuntu Xenial) Importance: Medium Status: Invalid ** Affects: linux-mako (Ubuntu Xenial) Importance: Medium Status: New ** Affects: linux-manta (Ubuntu Xenial) Importance: Medium Status: New ** Affects: linux-mvl-dove (Ubuntu Xenial) Importance: Undecided Status: New ** Affects: linux-raspi2 (Ubuntu Xenial) Importance: Medium Status: New ** Affects: linux-ti-omap4 (Ubuntu Xenial) Importance: Medium Status: Invalid ** Tags: kernel-cve-tracking-bug ** Tags added: kernel-cve-tracking-bug ** Information type changed from Public to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8812 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1545029 Title: CVE-2015-8812 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1545029/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs