CVE 2017-18270
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.
Related bugs and status
CVE-2017-18270 (Candidate) is related to these bugs:
Bug #1774181: Update to upstream's implementation of Spectre v1 mitigation
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1774181 | Update to upstream's implementation of Spectre v1 mitigation | linux (Ubuntu) | Undecided | Invalid | ||
| 1774181 | Update to upstream's implementation of Spectre v1 mitigation | linux (Ubuntu Precise) | Undecided | Fix Released | ||
| 1774181 | Update to upstream's implementation of Spectre v1 mitigation | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
| 1774181 | Update to upstream's implementation of Spectre v1 mitigation | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
Bug #1775137: Prevent speculation on user controlled pointer
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1775137 | Prevent speculation on user controlled pointer | linux (Ubuntu) | Undecided | Invalid | ||
| 1775137 | Prevent speculation on user controlled pointer | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
| 1775137 | Prevent speculation on user controlled pointer | linux (Ubuntu Precise) | Undecided | Fix Released | ||
| 1775137 | Prevent speculation on user controlled pointer | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
Bug #1777029: fscache: Fix hanging wait on page discarded by writeback
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu) | High | Confirmed | ||
| 1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu Bionic) | High | Fix Released | ||
| 1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu Trusty) | High | Fix Released | ||
| 1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu Artful) | High | Won't Fix | ||
| 1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu Xenial) | High | Fix Released | ||
Bug #1779923: other users' coredumps can be read via setgid directory and killpriv bypass
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu) | Medium | Fix Released | ||
| 1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu Trusty) | Medium | Fix Released | ||
| 1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu Cosmic) | Medium | Won't Fix | ||
| 1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu Bionic) | Medium | Fix Released | ||
| 1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu Xenial) | Medium | Fix Released | ||
Bug #1787982: linux: 3.13.0-157.207 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
| 1787982 | linux: 3.13.0-157.207 -proposed tracker | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
