This bug is missing log files that will aid in diagnosing the problem.
>From a terminal window please run:
apport-collect 1595350
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1595350
Title:
Linux netfilter local privilege escalation issues
Status in linux package in Ubuntu:
Incomplete
Bug description:
The upstream stable rc git tree
(http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-
rc.git/log/?h=linux-4.6.y) currently has the following commits for
netfilter that address (with unprivileged user namespaces enabled)
local privilege escalation. These are the commit references in linus'
tree:
f24e230d257af1ad7476c6e81a8dc3127a74204e
netfilter: x_tables: don't move to non-existent next rule
36472341017529e2b12573093cc0f68719300997
netfilter: x_tables: validate targets of jumps
7d35812c3214afa5b37a675113555259cfd67b98
netfilter: x_tables: add and use xt_check_entry_offsets
aa412ba225dd3bc36d404c28cdc3d674850d80d0
netfilter: x_tables: kill check_entry helper
a08e4e190b866579896c09af59b3bdca821da2cd
netfilter: x_tables: assert minimum target size
fc1221b3a163d1386d1052184202d5dc50d302d1
netfilter: x_tables: add compat version of xt_check_entry_offsets
7ed2abddd20cf8f6bd27f65bd218f26fa5bf7f44
netfilter: x_tables: check standard target size too
ce683e5f9d045e5d67d1312a42b359cb2ab2a13c
netfilter: x_tables: check for bogus target offset
13631bfc604161a9d69cd68991dff8603edd66f9
netfilter: x_tables: validate all offsets and sizes in a rule
7b7eba0f3515fca3296b8881d583f7c1042f5226
netfilter: x_tables: don't reject valid target size on some architectures
8dddd32756f6fe8e4e82a63361119b7e2384e02f
netfilter: arp_tables: simplify translate_compat_table args
7d3f843eed29222254c9feab481f55175a1afcc9
netfilter: ip_tables: simplify translate_compat_table args
329a0807124f12fe1c8032f95d8a8eb47047fb0e
netfilter: ip6_tables: simplify translate_compat_table args
0188346f21e6546498c2a0f84888797ad4063fc5
netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
09d9686047dbbe1cf4faa558d3ecc4aae2046054
netfilter: x_tables: do compat validation via translate_table
d7591f0c41ce3e67600a982bab6989ef0f07b3ce
netfilter: x_tables: introduce and use xt_copy_counters_from_user
They have also been backported to the 4.4
(http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-
rc.git/log/?h=linux-4.4.y) and 3.14
(http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-
rc.git/log/?h=linux-3.14.y) stable trees, with 3 additional
prerequisite backported commits:
bdf533de6968e9686df777dc178486f600c6e617
netfilter: x_tables: validate e->target_offset early
6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
netfilter: x_tables: make sure e->next_offset covers remaining blob size
54d83fc74aa9ec72794373cb47432c5f7fb1a309
netfilter: x_tables: fix unconditional helper
CRD: Public
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1595350/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
