This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- trusty' to 'verification-done-trusty'. If the problem still exists, change the tag 'verification-needed-trusty' to 'verification-failed- trusty'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1687107 Title: CVE-2016-8645: Linux kernel mishandles socket buffer (skb) truncation Status in linux package in Ubuntu: In Progress Status in linux source package in Trusty: Fix Committed Bug description: [Impact] From CVE description: https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8645.html "The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c." [Test Case] See references in the CVE page. [Regression Potential] This modifies the code that handles all tcp packets, so it could cause problems with network traffic, although unlikely since it's been applied upstream and to various stable kernels (but not the 3.13.y stable branch). [Other Info] The patch appears to have been pulled into xenial through the 4.4.y stable tree, but it doesn't appear that the patch will be applied to the 3.13.y stable tree, so this bug is track manually adding the patch. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1687107/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
