UBUNTU-CVE-2017-2618

Details

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.

Affected Packages(131 packages)

linux

Ubuntu 14.04 LTS

Affected versions:

3.11.0-12.193.12.0-1.33.12.0-2.53.12.0-2.73.12.0-3.83.12.0-3.93.12.0-4.103.12.0-4.123.12.0-5.133.12.0-7.15+107 more

Fixed in:

3.13.0-126.175

linux

Ubuntu 24.04 LTS

Fixed in:

6.5.0-9.9

linux

Ubuntu 18.04 LTS

Fixed in:

4.13.0-16.19

linux

Ubuntu 22.04 LTS

Fixed in:

5.13.0-19.19

linux

Ubuntu 16.04 LTS

Affected versions:

4.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-10.254.4.0-11.26+35 more

Fixed in:

4.4.0-67.88

linux

Ubuntu 20.04 LTS

Affected versions:

5.3.0-18.195.3.0-24.26

Fixed in:

5.4.0-9.12

linux-aws

Ubuntu 16.04 LTS

Affected versions:

4.4.0-1001.104.4.0-1003.124.4.0-1004.134.4.0-1007.16

Fixed in:

4.4.0-1009.18

linux-aws

Ubuntu 14.04 LTS

Fixed in:

4.4.0-1002.2

linux-aws

Ubuntu 22.04 LTS

Fixed in:

5.13.0-1005.6

linux-aws

Ubuntu 24.04 LTS

Fixed in:

6.5.0-1008.8

References

REPORThttps://ubuntu.com/security/CVE-2017-2618 REPORThttps://ubuntu.com/security/notices/USN-3361-1 REPORThttps://ubuntu.com/security/notices/USN-3381-1 REPORThttps://ubuntu.com/security/notices/USN-3381-2 REPORThttps://www.cve.org/CVERecord?id=CVE-2017-2618

UBUNTU-CVE-2017-2618

Details

Affected Packages(131 packages)

References

CVSS Analysis

Related

Ecosystems(26)

Timeline