Описание
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 4.10.0-19.21 |
| devel | not-affected | 4.13.0-16.19 |
| esm-infra-legacy/trusty | not-affected | 3.13.0-125.174 |
| esm-infra/xenial | not-affected | 4.4.0-63.84 |
| precise | ignored | end of life |
| precise/esm | ignored | end of life, was needed |
| trusty | released | 3.13.0-125.174 |
| trusty/esm | not-affected | 3.13.0-125.174 |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 4.4.0-1002.2 |
| esm-infra/xenial | not-affected | 4.4.0-1003.12 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | not-affected | 4.4.0-1002.2 |
| trusty/esm | not-affected | 4.4.0-1002.2 |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 4.15.0-1023.24~14.04.1 |
| esm-infra/xenial | not-affected | 4.11.0-1009.9 |
| precise/esm | DNE | |
| trusty | not-affected | 4.15.0-1023.24~14.04.1 |
| trusty/esm | not-affected | 4.15.0-1023.24~14.04.1 |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-apps/xenial | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/ubuntu-core | DNE | |
| xenial | ignored | end of standard support, was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-apps/xenial | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 4.10.0-1004.4 |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/ubuntu-core | DNE | |
| xenial | not-affected | 4.10.0-1004.4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-apps/xenial | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 4.8.0-39.42~16.04.1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 4.8.0-39.42~16.04.1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 4.4.0-1004.9 |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/ubuntu-core | DNE | |
| xenial | not-affected | 4.4.0-1004.9 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was ignored [abandoned] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was ignored [abandoned] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was ignored [abandoned] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | ignored | end of life, was ignored |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | ignored | end of life, was ignored |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | ignored | end of life, was ignored |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | not-affected | 3.13.0-125.174~precise1 |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [end of standard support]] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [end of standard support] |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was ignored [end of life, was needed] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support, was needed |
| trusty/esm | ignored | end of life, was needed |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [end of standard support]] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [end of standard support] |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 4.4.0-63.84~14.04.2 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | released | 4.4.0-63.84~14.04.2 |
| trusty/esm | not-affected | 4.4.0-63.84~14.04.2 |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-apps/xenial | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| xenial | not-affected | 4.13.0-1008.9 |
| zesty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was ignored [abandoned] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 4.10.0-1004.6 |
| devel | not-affected | 4.13.0-1005.5 |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | ignored | end of life, was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 4.4.0-1050.54 |
| devel | not-affected | 4.4.0-1077.82 |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.10~rc1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
Ссылки на источники
EPSS
6.9 Medium
CVSS2
7 High
CVSS3
Связанные уязвимости
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.
The sg implementation in the Linux kernel through 4.9 does not properl ...
Security update for Linux Kernel Live Patch 4 for SLE 12 SP2
Security update for Linux Kernel Live Patch 3 for SLE 12 SP2
EPSS
6.9 Medium
CVSS2
7 High
CVSS3