CVE-2011-2517 in Ubuntu

CVE-2011-2517

Priority

Medium

Description

Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel
before 2.6.39.2 allow local users to gain privileges by leveraging the
CAP_NET_ADMIN capability during scan operations with a long SSID value.

Ubuntu-Description

It was discovered that the wireless stack incorrectly verified SSID
lengths. A local attacker could exploit this to cause a denial of service
or gain root privileges.

References

Bugs

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2517
https://launchpad.net/bugs/869245

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (3.2.0-1600.1)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (3.2.0-1602.5)
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-ec2 (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.32-340.40)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-backport-oneiric (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	not-affected
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-backport-natty (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.38-13.52~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	DNE
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Patches:

Package

Source: linux-mvl-dove (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	pending (2.6.32-220.38)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-backport-maverick (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.35-31.62~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.32-36.79)
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (3.0-1.2)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (3.0-1.2)
Ubuntu 13.04 (Raring Ringtail):	not-affected (3.0-1.2)
Ubuntu 13.10 (Saucy Salamander):	not-affected (3.0-1.2)

Patches:

Introduced by 2a5193119269062608582418deba7af82844159a	Fixed by 208c72f4fe44fe09577e7975ba0e7fa0278f3d03
Introduced by 2a5193119269062608582418deba7af82844159a	Fixed by 57a27e1d6a3bb9ad4efeebd3a8c71156d6207536

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (3.0.0-1200.1)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (3.0.0-1200.1)
Ubuntu 13.04 (Raring Ringtail):	not-affected (3.0.0-1200.1)
Ubuntu 13.10 (Saucy Salamander):	not-affected (3.0.0-1200.1)

Package

Source: linux-fsl-imx51 (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.31-611.29)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (3.0~rc3)
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

More Information

Updated: 2013-05-10 19:14:33 UTC (commit 6828)