CVE-2011-2918

Priority
Medium
Description
The Performance Events subsystem in the Linux kernel before 3.1 does not
properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK
events, which allows local users to cause a denial of service (system hang)
via a crafted application.
Ubuntu-Description
The performance counter subsystem did not correctly handle certain
counters. A local attacker could exploit this to crash the system, leading
to a denial of service.
References
Bugs
Notes
 https://lkml.org/lkml/2011/7/27/337 (reproducer)
 https://lkml.org/lkml/2011/7/28/284 (fix)
 mainline fix: a8b0ca17b80e92faab46ee7179ba9e99ccb61233
 stable fix: 462fee3af72df0de7b60b96c525ffe8baf4db0f0
 http://git.kernel.org/?p=linux/kernel/git/stable/linux-3.0.y.git;a=commit;h=462fee3af72df0de7b60b96c525ffe8baf4db0f0
Package
Upstream:released (3.1~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Upstream:released (3.1~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Upstream:released (3.1~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Upstream:released (3.1~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Upstream:released (3.1~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.0.0-8.10)
Patches:
Introduced by 0793a61d4df8daeac6492dbf8d2f3e5713caae5eFixed by a8b0ca17b80e92faab46ee7179ba9e99ccb61233
Package
Upstream:released (3.1~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.0.0-1201.4)
Package
Upstream:released (3.1~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:39:53 UTC (commit 9756)