UBUNTU-CVE-2016-4568

Details

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a crafted number of planes in a VIDIOC_DQBUF ioctl call.

Affected Packages

Ubuntu:16.04:LTSlinux

Affected versions:

4.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-10.254.4.0-11.26+28 more

Fixed in:

4.4.0-57.78

Ubuntu:14.04:LTSlinux-aws

Fixed in:

4.4.0-1002.2

Ubuntu:16.04:LTSlinux-aws

Fixed in:

4.4.0-1001.10

Ubuntu:16.04:LTSlinux-gke

Fixed in:

4.4.0-1003.3

Ubuntu:16.04:LTSlinux-hwe

Fixed in:

4.8.0-36.36~16.04.1

Ubuntu:14.04:LTSlinux-lts-xenial

Affected versions:

4.4.0-13.29~14.04.14.4.0-14.30~14.04.24.4.0-15.31~14.04.14.4.0-18.34~14.04.14.4.0-21.37~14.04.14.4.0-22.39~14.04.14.4.0-22.40~14.04.14.4.0-24.43~14.04.14.4.0-28.47~14.04.14.4.0-31.50~14.04.1+8 more

Fixed in:

4.4.0-57.78~14.04.1

Ubuntu:16.04:LTSlinux-raspi2

Affected versions:

4.2.0-1013.194.2.0-1014.214.3.0-1006.64.4.0-1003.44.4.0-1004.54.4.0-1009.104.4.0-1010.124.4.0-1010.134.4.0-1012.164.4.0-1016.22+7 more

Fixed in:

4.4.0-1038.45

Ubuntu:16.04:LTSlinux-snapdragon

Affected versions:

4.4.0-1012.124.4.0-1013.144.4.0-1013.154.4.0-1015.184.4.0-1019.224.4.0-1020.234.4.0-1022.254.4.0-1024.274.4.0-1026.294.4.0-1030.33+3 more

Fixed in:

4.4.0-1042.46

References

REPORThttps://git.linuxtv.org/sailus/media_tree.git/log/?h=vb2-overwrite-fix-error-on-fixes-v2 REPORThttps://patchwork.linuxtv.org/patch/34284/REPORThttps://ubuntu.com/security/CVE-2016-4568 REPORThttps://ubuntu.com/security/notices/USN-3161-1 REPORThttps://ubuntu.com/security/notices/USN-3161-2 REPORThttps://ubuntu.com/security/notices/USN-3161-3 REPORThttps://ubuntu.com/security/notices/USN-3161-4 REPORThttps://www.cve.org/CVERecord?id=CVE-2016-4568

UBUNTU-CVE-2016-4568

Details

Affected Packages

References

CVSS Analysis

Related

Ecosystems

Timeline