CVE-2011-4110
Priority
Medium
Description
The user_update function in security/keys/user_defined.c in the Linux
kernel 2.6 allows local users to cause a denial of service (NULL pointer
dereference and kernel oops) via vectors related to a user-defined key and
"updating a negative key into a fully instantiated key."
kernel 2.6 allows local users to cause a denial of service (NULL pointer
dereference and kernel oops) via vectors related to a user-defined key and
"updating a negative key into a fully instantiated key."
Ubuntu-Description
A flaw was found in how the Linux kernel handles user-defined key types. An
unprivileged local user could exploit this to crash the system.
unprivileged local user could exploit this to crash the system.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4110
http://www.openwall.com/lists/oss-security/2011/11/21/19
https://lkml.org/lkml/2011/11/15/363
http://www.ubuntu.com/usn/usn-1318-1
http://www.ubuntu.com/usn/usn-1319-1
http://www.ubuntu.com/usn/usn-1322-1
http://www.ubuntu.com/usn/usn-1323-1
http://www.ubuntu.com/usn/usn-1325-1
http://www.ubuntu.com/usn/usn-1324-1
http://www.ubuntu.com/usn/usn-1328-1
http://www.ubuntu.com/usn/usn-1330-1
http://www.ubuntu.com/usn/usn-1332-1
http://www.ubuntu.com/usn/usn-1337-1
http://www.ubuntu.com/usn/usn-1340-1
http://www.ubuntu.com/usn/usn-1341-1
http://www.ubuntu.com/usn/usn-1344-1
http://www.ubuntu.com/usn/usn-1345-1
http://www.ubuntu.com/usn/usn-1336-1
http://www.openwall.com/lists/oss-security/2011/11/21/19
https://lkml.org/lkml/2011/11/15/363
http://www.ubuntu.com/usn/usn-1318-1
http://www.ubuntu.com/usn/usn-1319-1
http://www.ubuntu.com/usn/usn-1322-1
http://www.ubuntu.com/usn/usn-1323-1
http://www.ubuntu.com/usn/usn-1325-1
http://www.ubuntu.com/usn/usn-1324-1
http://www.ubuntu.com/usn/usn-1328-1
http://www.ubuntu.com/usn/usn-1330-1
http://www.ubuntu.com/usn/usn-1332-1
http://www.ubuntu.com/usn/usn-1337-1
http://www.ubuntu.com/usn/usn-1340-1
http://www.ubuntu.com/usn/usn-1341-1
http://www.ubuntu.com/usn/usn-1344-1
http://www.ubuntu.com/usn/usn-1345-1
http://www.ubuntu.com/usn/usn-1336-1
Package
| Upstream: | released (3.2~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.32-342.43) |
| Ubuntu 10.10 (Maverick Meerkat): | ignored (binary supplied by "linux" now) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Package
| Upstream: | released (3.2~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (3.0.0-15.25~lucid1) |
| Ubuntu 10.10 (Maverick Meerkat): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Package
| Upstream: | released (3.2~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.38-13.54~lucid1) |
| Ubuntu 10.10 (Maverick Meerkat): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Package
| Upstream: | released (3.2~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | pending (2.6.32-222.40) |
| Ubuntu 10.10 (Maverick Meerkat): | released (2.6.32-422.40) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Package
| Upstream: | released (3.2~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.35-32.64~lucid1) |
| Ubuntu 10.10 (Maverick Meerkat): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Package
| Upstream: | released (3.2~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | released (2.6.24-30.98) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.32-38.82) |
| Ubuntu 10.10 (Maverick Meerkat): | released (2.6.35-32.64) |
| Ubuntu 11.04 (Natty Narwhal): | released (2.6.38-13.54) |
| Ubuntu 11.10 (Oneiric Ocelot): | released (3.0.0-15.24) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-2.4) |
Patches:
| Upstream: | http://git.kernel.org/linus/9f35a33b8d06263a165efe3541d9aa0cdbd70b3b |
Package
| Upstream: | released (3.2~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 10.10 (Maverick Meerkat): | released (2.6.35-903.29) |
| Ubuntu 11.04 (Natty Narwhal): | released (2.6.38-1209.19) |
| Ubuntu 11.10 (Oneiric Ocelot): | released (3.0.0-1206.14) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-1401.1) |
Package
| Upstream: | released (3.2~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.31-612.32) |
| Ubuntu 10.10 (Maverick Meerkat): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |