CVE-2012-0044

Priority
Medium
Description
There is a potential integer overflow in drm_mode_dirtyfb_ioctl() if
userspace passes in a large num_clips. The call to kmalloc would
allocate a small buffer, and the call to fb->funcs->dirty may result in
a memory corruption.
Ubuntu-Description
Chen Haogang discovered an integer overflow that could result in memory
corruption. A local unprivileged user could use this to crash the system.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0044
http://www.ubuntu.com/usn/usn-1340-1
http://www.ubuntu.com/usn/usn-1336-1
http://www.ubuntu.com/usn/usn-1330-1
http://www.ubuntu.com/usn/usn-1356-1
http://www.ubuntu.com/usn/usn-1361-1
http://www.ubuntu.com/usn/usn-1362-1
Bugs
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0044
https://launchpad.net/bugs/917838
Package
Source: linux-ec2 (LP Ubuntu Debian)
Upstream:released (3.2~rc3)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 10.10 (Maverick Meerkat):ignored (binary supplied by "linux" now)
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux-lts-backport-oneiric (LP Ubuntu Debian)
Upstream:released (3.2~rc3)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (3.0.0-15.25~lucid1)
Ubuntu 10.10 (Maverick Meerkat):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux-lts-backport-natty (LP Ubuntu Debian)
Upstream:released (3.2~rc3)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):pending (2.6.38-13.55~lucid1)
Ubuntu 10.10 (Maverick Meerkat):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux-mvl-dove (LP Ubuntu Debian)
Upstream:released (3.2~rc3)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 10.10 (Maverick Meerkat):not-affected
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux-lts-backport-maverick (LP Ubuntu Debian)
Upstream:released (3.2~rc3)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):pending (2.6.35-32.65~lucid1)
Ubuntu 10.10 (Maverick Meerkat):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.2~rc3)
Ubuntu 8.04 LTS (Hardy Heron):not-affected
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 10.10 (Maverick Meerkat):released (2.6.35-32.65)
Ubuntu 11.04 (Natty Narwhal):released (2.6.38-13.55)
Ubuntu 11.10 (Oneiric Ocelot):released (3.0.0-15.24)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.2.0-2.4)
Patches:
Introduced by 884840aa3ce3214259e69557be5b4ce0d781ffa4Fixed by a5cd335165e31db9dbab636fd29895d41da55dd2
Package
Source: linux-ti-omap4 (LP Ubuntu Debian)
Upstream:released (3.2~rc3)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 10.10 (Maverick Meerkat):pending (2.6.35-903.30)
Ubuntu 11.04 (Natty Narwhal):released (2.6.38-1209.21)
Ubuntu 11.10 (Oneiric Ocelot):released (3.0.0-1206.14)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.2.0-1401.1)
Package
Source: linux-fsl-imx51 (LP Ubuntu Debian)
Upstream:released (3.2~rc3)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 10.10 (Maverick Meerkat):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-02-22 21:14:14 UTC (commit 4878)