** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9793
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1652242 Title: Kernel security test for CVE-2016-9793 still fail with proposed Yakkety 4.8.0-34 kernel Status in linux package in Ubuntu: Confirmed Bug description: According to the changelog [1] and the ACK mail, the patch for this CVE should be applied to the proposed kernel in this SRU cycle (Current cycle: 16-Dec through 07-Jan). But I can still see the kernel security test suite failed for this issue, not sure it's because of the tool or the kernel itself: ====================================================================== FAIL: test_213_setscokopt_sndbufforce_negative_value (__main__.KernelSecurityTest) Ensure setsockopt(SO_SNDBUFFORCE) does not accept negative values (CVE-2016-9793) ---------------------------------------------------------------------- Traceback (most recent call last): File "./test-kernel-security.py", line 2009, in test_213_setscokopt_sndbufforce_negative_value self.assertEquals(expected, rc, result + report) AssertionError: Got exit code 0, expected 1 4608 [1] * CVE-2016-9793 - net: avoid signed overflows for SO_{SND|RCV}BUFFORCE http://kernel.ubuntu.com/git/ubuntu/ubuntu-yakkety.git/tree/debian.master/changelog?h=master-next ProblemType: Bug DistroRelease: Ubuntu 16.10 Package: linux-image-4.8.0-34-generic 4.8.0-34.36 ProcVersionSignature: Ubuntu 4.8.0-34.36-generic 4.8.11 Uname: Linux 4.8.0-34-generic x86_64 ApportVersion: 2.20.3-0ubuntu8.2 Architecture: amd64 AudioDevicesInUse: USER PID ACCESS COMMAND /dev/snd/controlC0: kernel 2104 F.... pulseaudio /dev/snd/controlC1: kernel 2104 F.... pulseaudio Date: Fri Dec 23 02:44:12 2016 HibernationDevice: RESUME=UUID=bd7e0dbc-be9f-42ce-9dbf-133d683dca21 InstallationDate: Installed on 2016-12-19 (4 days ago) InstallationMedia: Ubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.2) MachineType: Dell Inc. Latitude E7240 ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.8.0-34-generic.efi.signed root=UUID=43e85bac-0ac0-4d12-9c90-980cddf963bc ro quiet splash vt.handoff=7 PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No PulseAudio daemon running, or not running as session daemon. RelatedPackageVersions: linux-restricted-modules-4.8.0-34-generic N/A linux-backports-modules-4.8.0-34-generic N/A linux-firmware 1.161.1 SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 10/05/2013 dmi.bios.vendor: Dell Inc. dmi.bios.version: A05 dmi.board.name: 0G05MN dmi.board.vendor: Dell Inc. dmi.board.version: X01 dmi.chassis.type: 9 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvrA05:bd10/05/2013:svnDellInc.:pnLatitudeE7240:pvr01:rvnDellInc.:rn0G05MN:rvrX01:cvnDellInc.:ct9:cvr: dmi.product.name: Latitude E7240 dmi.product.version: 01 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1652242/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
