CVE-2011-2918

Priority
Medium
Description
The Performance Events subsystem in the Linux kernel before 3.1 does not
properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK
events, which allows local users to cause a denial of service (system hang)
via a crafted application.
Ubuntu-Description
The performance counter subsystem did not correctly handle certain
counters. A local attacker could exploit this to crash the system, leading
to a denial of service.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2918
http://www.openwall.com/lists/oss-security/2011/08/15/4
http://www.ubuntu.com/usn/usn-1202-1
http://www.ubuntu.com/usn/usn-1204-1
http://www.ubuntu.com/usn/usn-1203-1
http://www.ubuntu.com/usn/usn-1208-1
http://www.ubuntu.com/usn/usn-1212-1
http://www.ubuntu.com/usn/usn-1211-1
http://www.ubuntu.com/usn/usn-1216-1
http://www.ubuntu.com/usn/usn-1219-1
http://www.ubuntu.com/usn/usn-1218-1
http://www.ubuntu.com/usn/usn-1227-1
http://www.ubuntu.com/usn/usn-1256-1
Bugs
https://bugzilla.redhat.com/show_bug.cgi?id=730706
https://launchpad.net/bugs/834121
Notes
https://lkml.org/lkml/2011/7/27/337 (reproducer)
https://lkml.org/lkml/2011/7/28/284 (fix)
mainline fix: a8b0ca17b80e92faab46ee7179ba9e99ccb61233
stable fix: 462fee3af72df0de7b60b96c525ffe8baf4db0f0
http://git.kernel.org/?p=linux/kernel/git/stable/linux-3.0.y.git;a=commit;h=462fee3af72df0de7b60b96c525ffe8baf4db0f0
Package
Source: linux-ec2 (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-318.37)
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux-lts-backport-oneiric (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux-lts-backport-natty (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.38-11.49~lucid1)
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux-mvl-dove (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-218.35)
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux-lts-backport-maverick (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.35-30.60~lucid1)
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 8.04 LTS (Hardy Heron):not-affected
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-34.73)
Ubuntu 11.04 (Natty Narwhal):released (2.6.38-11.49)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (3.0.0-8.10)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.0.0-8.10)
Patches:
Introduced by 0793a61d4df8daeac6492dbf8d2f3e5713caae5eFixed by a8b0ca17b80e92faab46ee7179ba9e99ccb61233
Package
Source: linux-ti-omap4 (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):released (2.6.38-1209.15)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (3.0.0-1201.4)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.0.0-1201.4)
Package
Source: linux-fsl-imx51 (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.31-610.28)
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:22:19 UTC (commit 5347)