CVE-2011-4081

Priority
Low
Description
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to
cause a denial of service (NULL pointer dereference and OOPS) or possibly
have unspecified other impact by triggering a failed or missing
ghash_setkey function call, followed by a (1) ghash_update function call or
(2) ghash_final function call, as demonstrated by a write operation on an
AF_ALG socket.
Ubuntu-Description
Nick Bowler discovered the kernel GHASH message digest algorithm
incorrectly handled error conditions. A local attacker could exploit this
to cause a kernel oops.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4081
http://www.ubuntu.com/usn/usn-1286-1
http://www.ubuntu.com/usn/usn-1287-1
http://www.ubuntu.com/usn/usn-1292-1
http://www.ubuntu.com/usn/usn-1293-1
http://www.ubuntu.com/usn/usn-1294-1
http://www.ubuntu.com/usn/usn-1302-1
http://www.ubuntu.com/usn/usn-1301-1
http://www.ubuntu.com/usn/usn-1303-1
http://www.ubuntu.com/usn/usn-1299-1
http://www.ubuntu.com/usn/usn-1304-1
http://www.ubuntu.com/usn/usn-1313-1
http://www.ubuntu.com/usn/usn-1311-1
http://www.ubuntu.com/usn/usn-1312-1
http://www.ubuntu.com/usn/usn-1322-1
Bugs
https://bugzilla.redhat.com/749475
https://bugs.gentoo.org/388581
https://launchpad.net/bugs/887299
Package
Source: linux-armadaxp (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.2.0-1600.1)
Ubuntu 12.10 (Quantal Quetzal):not-affected (3.2.0-1602.5)
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Package
Source: linux-ec2 (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-341.41)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Package
Source: linux-lts-backport-oneiric (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (3.0.0-14.23~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Package
Source: linux-lts-backport-natty (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.38-13.53~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Package
Source: linux-lts-quantal (LP Ubuntu Debian)
Upstream:DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Patches:
Package
Source: linux-mvl-dove (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):pending (2.6.32-221.39)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Package
Source: linux-lts-backport-maverick (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.35-31.63~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-37.80)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.1.0-2.2)
Ubuntu 12.10 (Quantal Quetzal):not-affected (3.1.0-2.2)
Ubuntu 13.04 (Raring Ringtail):not-affected (3.1.0-2.2)
Ubuntu 13.10 (Saucy Salamander):not-affected (3.1.0-2.2)
Patches:
Introduced by 2cdc6899a88e2b9c6cb82ebd547bf58932d534dfFixed by 7ed47b7d142ec99ad6880bbbec51e9f12b3af74c
Package
Source: linux-ti-omap4 (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected
Ubuntu 13.04 (Raring Ringtail):not-affected
Ubuntu 13.10 (Saucy Salamander):not-affected
Package
Source: linux-fsl-imx51 (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Package
Source: linux-lts-raring (LP Ubuntu Debian)
Upstream:released (3.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.04 (Raring Ringtail):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2013-05-10 19:14:34 UTC (commit 6828)