Launchpad.net

CVE 2015-8962

Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.

Related bugs and status

CVE-2015-8962 (Candidate) is related to these bugs:

Bug #1239087: Safely remove is not working (or broken) in Gnome Disks

Summary				In	Importance	Status
	1239087	Safely remove is not working (or broken) in Gnome Disks		gnome-disk-utility (Ubuntu)	Undecided	New

Bug #792085: Automatic remount of safely removed USB 3.0 drive

		In	Importance	Status
792085	Automatic remount of safely removed USB 3.0 drive	linux (Fedora)	Undecided	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (openSUSE)	Medium	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (Ubuntu)	Medium	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (Ubuntu Yakkety)	Medium	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (Ubuntu Xenial)	Medium	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (Ubuntu Trusty)	Medium	Triaged

Bug #1690094: linux <3.18: netlink notification is missing when an interface is modified

Summary				In	Importance	Status
	1690094	linux <3.18: netlink notification is missing when an interface is modified		linux (Ubuntu)	Medium	Fix Released
	1690094	linux <3.18: netlink notification is missing when an interface is modified		linux (Ubuntu Trusty)	Medium	Fix Released

Bug #1697053: Missing IOTLB flush causes DMAR errors with SR-IOV

Summary				In	Importance	Status
	1697053	Missing IOTLB flush causes DMAR errors with SR-IOV		linux (Ubuntu)	Undecided	Confirmed
	1697053	Missing IOTLB flush causes DMAR errors with SR-IOV		linux (Ubuntu Trusty)	Undecided	Fix Released

Bug #1701042: linux: 3.13.0-125.174 -proposed tracker

		In	Importance	Status
1701042	linux: 3.13.0-125.174 -proposed tracker	linux (Ubuntu)	Undecided	Invalid
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Incomplete
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Confirmed
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	In Progress
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	New
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	New
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	In Progress
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1701042	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Confirmed
1701042	linux: 3.13.0-125.174 -proposed tracker	linux (Ubuntu Trusty)	Undecided	Fix Released

Bug #1703396: linux: 3.13.0-125.174 -proposed tracker

		In	Importance	Status
1703396	linux: 3.13.0-125.174 -proposed tracker	linux (Ubuntu)	Undecided	Invalid
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1703396	linux: 3.13.0-125.174 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released
1703396	linux: 3.13.0-125.174 -proposed tracker	linux (Ubuntu Trusty)	Undecided	Fix Released

Bug #1703401: NULL pointer dereference triggered by openvswitch autopkg testcase

Summary				In	Importance	Status
	1703401	NULL pointer dereference triggered by openvswitch autopkg testcase		linux (Ubuntu)	Undecided	Fix Released
	1703401	NULL pointer dereference triggered by openvswitch autopkg testcase		linux (Ubuntu Trusty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-8962

Related bugs and status

Related bugs

References