UBUNTU-CVE-2016-5829

Details

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

Affected Packages(26 packages)

linux

Ubuntu 14.04 LTS

Fixed in:

3.13.0-95.142

linux-lts-vivid

Ubuntu 14.04 LTS

Fixed in:

3.19.0-68.76~14.04.1

linux-lts-xenial

Ubuntu 14.04 LTS

Fixed in:

4.4.0-36.55~14.04.1

linux

Ubuntu 16.04 LTS

Fixed in:

4.4.0-36.55

linux-raspi2

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1021.27

linux-snapdragon

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1024.27

linux-azure

Ubuntu 18.04 LTS

Affected versions:

4.15.0-1002.24.15.0-1003.34.15.0-1004.44.15.0-1008.84.15.0-1009.94.15.0-1012.124.15.0-1013.134.15.0-1014.144.15.0-1018.184.15.0-1019.19+34 more

linux-gcp

Ubuntu 18.04 LTS

Affected versions:

4.15.0-1001.14.15.0-1003.34.15.0-1005.54.15.0-1006.64.15.0-1008.84.15.0-1009.94.15.0-1010.104.15.0-1014.144.15.0-1015.154.15.0-1017.18+28 more

linux-hwe

Ubuntu 18.04 LTS

Affected versions:

4.18.0-13.14~18.04.14.18.0-14.15~18.04.14.18.0-15.16~18.04.14.18.0-16.17~18.04.14.18.0-17.18~18.04.14.18.0-18.19~18.04.14.18.0-20.21~18.04.14.18.0-21.22~18.04.14.18.0-22.23~18.04.14.18.0-24.25~18.04.1+33 more

linux-hwe-edge

Ubuntu 18.04 LTS

Affected versions:

5.0.0-15.16~18.04.15.0.0-16.17~18.04.15.0.0-17.18~18.04.15.0.0-19.20~18.04.15.0.0-20.21~18.04.15.3.0-19.20~18.04.25.3.0-22.24~18.04.15.3.0-23.25~18.04.15.3.0-23.25~18.04.25.3.0-24.26~18.04.2

References

REPORT

https://ubuntu.com/security/CVE-2016-5829

ADVISORY

https://ubuntu.com/security/notices/USN-3070-1

ADVISORY

https://ubuntu.com/security/notices/USN-3070-2

ADVISORY

https://ubuntu.com/security/notices/USN-3070-3

ADVISORY

https://ubuntu.com/security/notices/USN-3070-4

ADVISORY