CVE-2012-2372

Priority
Low
Description
The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram
Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier
allows local users to cause a denial of service (BUG_ON and kernel panic)
by establishing an RDS connection with the source IP address equal to the
IPoIB interface's own IP address, as demonstrated by rds-ping.
Ubuntu-Description
A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS)
protocol implementation. A local, unprivileged user could use this flaw to
cause a denial of service.
References
Bugs
Notes
 jdstrand> linux-armadaxp is maintained by OEM
 apw> this is claimed fixed by RedHat but I cannot find the fix anywhere, the
 apw> only reference I did find to the CVE in Fedora implies they have miss
 apw> tagged the fix for CVE-2012-2373 as 2372:
 apw> http://permalink.gmane.org/gmane.linux.redhat.fedora.extras.cvs/775892
 apw> note the patch is the x86 pmd patch.
 apw> needs-triage back to -security for lack of a clear direction on a fix (per
 apw> irc discussions)
 apw> Looking at the RHEL kernels it appears that this is the fix, though it
 apw> is not upstream as yet:
 apw> http://people.canonical.com/~apw/misc/cves/CVE-2012-2372-1.diff
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.13.0-24.46~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
linux-vegetahd:needed
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.5.0-18.29~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-29.46)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.11.0-12.19)
Ubuntu 15.04 (Vivid Vervet):not-affected (3.16.0-23.31)
Ubuntu 15.10 (Wily Werewolf):not-affected (3.19.0-15.15)
Patches:
Introduced by 639b321b4d8f4e412bfbb2a4a19bfebc1e68ace4Fixed by local-2012-2372
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-1417.23)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.8.0-19.30~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-1606.9)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.11.0-13.20~precise2)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 15.04 (Vivid Vervet):needed
Ubuntu 15.10 (Wily Werewolf):needed
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.19.0-18.18~14.04.1)
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 15.04 (Vivid Vervet):needed
Ubuntu 15.10 (Wily Werewolf):needed
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.16.0-25.33~14.04.2)
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 15.04 (Vivid Vervet):needed
Ubuntu 15.10 (Wily Werewolf):needed
Package
linux-krillin:needed
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 15.04 (Vivid Vervet):needed
Ubuntu 15.10 (Wily Werewolf):needed
More Information

Valid XHTML 1.0 Strict

Updated: 2015-08-26 06:30:14 UTC (commit 9852)