It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "linux-image-unsigned-4.15.0-1155-aws": "4.15.0-1155.168~16.04.1", "linux-aws-headers-4.15.0-1155": "4.15.0-1155.168~16.04.1", "linux-cloud-tools-4.15.0-1155-aws": "4.15.0-1155.168~16.04.1", "linux-buildinfo-4.15.0-1155-aws": "4.15.0-1155.168~16.04.1", "linux-aws-hwe-cloud-tools-4.15.0-1155": "4.15.0-1155.168~16.04.1", "linux-aws-hwe-tools-4.15.0-1155": "4.15.0-1155.168~16.04.1", "linux-headers-4.15.0-1155-aws": "4.15.0-1155.168~16.04.1", "linux-modules-extra-4.15.0-1155-aws": "4.15.0-1155.168~16.04.1", "linux-image-unsigned-4.15.0-1155-aws-dbgsym": "4.15.0-1155.168~16.04.1", "linux-tools-4.15.0-1155-aws": "4.15.0-1155.168~16.04.1", "linux-modules-4.15.0-1155-aws": "4.15.0-1155.168~16.04.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-image-unsigned-4.15.0-1155-aws": "4.15.0-1155.168", "linux-aws-headers-4.15.0-1155": "4.15.0-1155.168", "linux-cloud-tools-4.15.0-1155-aws": "4.15.0-1155.168", "linux-buildinfo-4.15.0-1155-aws": "4.15.0-1155.168", "linux-aws-tools-4.15.0-1155": "4.15.0-1155.168", "linux-aws-cloud-tools-4.15.0-1155": "4.15.0-1155.168", "linux-headers-4.15.0-1155-aws": "4.15.0-1155.168", "linux-modules-extra-4.15.0-1155-aws": "4.15.0-1155.168", "linux-image-unsigned-4.15.0-1155-aws-dbgsym": "4.15.0-1155.168", "linux-tools-4.15.0-1155-aws": "4.15.0-1155.168", "linux-modules-4.15.0-1155-aws": "4.15.0-1155.168" } ] }