CVE-2011-4127
Priority
Medium
Description
The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls,
which allows local users to bypass intended restrictions on disk read and
write operations by sending a SCSI command to (1) a partition block device
or (2) an LVM volume.
which allows local users to bypass intended restrictions on disk read and
write operations by sending a SCSI command to (1) a partition block device
or (2) an LVM volume.
Ubuntu-Description
Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl
command. A local user, or user in a VM could exploit this flaw to bypass
restrictions and gain read/write access to all data on the affected block
device.
command. A local user, or user in a VM could exploit this flaw to bypass
restrictions and gain read/write access to all data on the affected block
device.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4127
https://lkml.org/lkml/2004/8/12/218
https://lkml.org/lkml/2004/8/12/260
https://lkml.org/lkml/2011/12/22/270
http://www.ubuntu.com/usn/usn-1384-1
http://www.ubuntu.com/usn/usn-1388-1
http://www.ubuntu.com/usn/usn-1384-1
http://www.ubuntu.com/usn/usn-1389-1
http://www.ubuntu.com/usn/usn-1405-1
https://lkml.org/lkml/2004/8/12/218
https://lkml.org/lkml/2004/8/12/260
https://lkml.org/lkml/2011/12/22/270
http://www.ubuntu.com/usn/usn-1384-1
http://www.ubuntu.com/usn/usn-1388-1
http://www.ubuntu.com/usn/usn-1384-1
http://www.ubuntu.com/usn/usn-1389-1
http://www.ubuntu.com/usn/usn-1405-1
Notes
apw> This seems to be seens as the right thing to do, but not so late
apw> in 3.2, expect to see something applied in the early merge window
apw> https://lkml.org/lkml/2011/12/22/366
apw> The fixes have now hit mainline, there is a strong possibility that
apw> when these are applied to older releases we will get functionality
apw> regressions, will get them on precise as soon as possible.
apw> in 3.2, expect to see something applied in the early merge window
apw> https://lkml.org/lkml/2011/12/22/366
apw> The fixes have now hit mainline, there is a strong possibility that
apw> when these are applied to older releases we will get functionality
apw> regressions, will get them on precise as soon as possible.
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-1600.1) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-1600.1) |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.32-343.45) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (3.0.0-16.29~lucid1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needed |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Patches:
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected (no virtualisation on ARM) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.32-39.86) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-12.20) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-12.20) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.2.0-12.20) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (3.2.0-12.20) |
Patches:
| Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | Fixed by 577ebb374c78314ac4617242f509e2f5e7156649 |
| Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | Fixed by 0bfc96cb77224736dfa35c3c555d37b3646ef35e |
| Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | Fixed by ec8013beddd717d1740cfefb1a9b900deef85462 |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (no virtualisation on ARM) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (no virtualisation on ARM) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (no virtualisation on ARM) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (no virtualisation on ARM) |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected (no virtualisation on ARM) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |