CVE 2017-5669
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
Related bugs and status
CVE-2017-5669 (Candidate) is related to these bugs:
Bug #1742772: powerpc: flush L1D on return to use
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1742772 | powerpc: flush L1D on return to use | linux (Ubuntu) | Undecided | Fix Released | ||
| 1742772 | powerpc: flush L1D on return to use | linux (Ubuntu Artful) | Undecided | Fix Released | ||
| 1742772 | powerpc: flush L1D on return to use | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
| 1742772 | powerpc: flush L1D on return to use | linux (Ubuntu Trusty) | Medium | Fix Released | ||
Bug #1745338: upload urgency should be medium by default
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1745338 | upload urgency should be medium by default | linux (Ubuntu) | Medium | Fix Released | ||
| 1745338 | upload urgency should be medium by default | linux (Ubuntu Artful) | Medium | Fix Released | ||
| 1745338 | upload urgency should be medium by default | linux (Ubuntu Trusty) | Medium | Fix Released | ||
| 1745338 | upload urgency should be medium by default | linux (Ubuntu Precise) | Medium | Fix Released | ||
| 1745338 | upload urgency should be medium by default | linux (Ubuntu Xenial) | Medium | Fix Released | ||
Bug #1746900: linux: 3.13.0-142.191 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | linux (Ubuntu Trusty) | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1746900 | linux: 3.13.0-142.191 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
