CVE-2011-2497

Priority
Medium
Description
Integer underflow in the l2cap_config_req function in
net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote
attackers to cause a denial of service (heap memory corruption) or possibly
have unspecified other impact via a small command-size value within the
command header of a Logical Link Control and Adaptation Protocol (L2CAP)
configuration request, leading to a buffer overflow.
Ubuntu-Description
Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
certain L2CAP requests. If a system was using Bluetooth, a remote attacker
could send specially crafted traffic to crash the system or gain root
privileges.
References
Bugs
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-319.39)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.1.10-8.28)
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-1.7)
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.38-12.51~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-1.3)
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-219.37)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.35-30.60~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-35.78)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected
Ubuntu 13.10 (Saucy Salamander):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.0.0-11.18)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 7ac28817536797fd40e9646452183606f9e17f71
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.0.0-3.18)
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected
Ubuntu 13.10 (Saucy Salamander):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-3.21)
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.31-611.29)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.0)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-4.19)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-04-24 13:14:54 UTC (commit 7970)