CVE-2012-2745
Priority
Low
Description
The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2
provides an invalid replacement session keyring to a child process, which
allows local users to cause a denial of service (panic) via a crafted
application that uses the fork system call.
provides an invalid replacement session keyring to a child process, which
allows local users to cause a denial of service (panic) via a crafted
application that uses the fork system call.
Ubuntu-Description
A flaw was found in how the Linux kernel passed the replacement session
keyring to a child process. An unprivileged local user could exploit this
flaw to cause a denial of service (panic).
keyring to a child process. An unprivileged local user could exploit this
flaw to cause a denial of service (panic).
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2745
https://rhn.redhat.com/errata/RHSA-2012-1064.html
http://www.ubuntu.com/usn/usn-1567-1
http://www.ubuntu.com/usn/usn-1574-1
http://www.ubuntu.com/usn/usn-1448-1
http://www.ubuntu.com/usn/usn-1459-1
http://www.ubuntu.com/usn/usn-1460-1
http://www.ubuntu.com/usn/usn-1452-1
http://www.ubuntu.com/usn/usn-1597-1
http://www.ubuntu.com/usn/usn-1606-1
http://www.ubuntu.com/usn/usn-1455-1
https://rhn.redhat.com/errata/RHSA-2012-1064.html
http://www.ubuntu.com/usn/usn-1567-1
http://www.ubuntu.com/usn/usn-1574-1
http://www.ubuntu.com/usn/usn-1448-1
http://www.ubuntu.com/usn/usn-1459-1
http://www.ubuntu.com/usn/usn-1460-1
http://www.ubuntu.com/usn/usn-1452-1
http://www.ubuntu.com/usn/usn-1597-1
http://www.ubuntu.com/usn/usn-1606-1
http://www.ubuntu.com/usn/usn-1455-1
Notes
jdstrand> linux-armadaxp is maintained by OEM
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | released (3.2.0-1603.6) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-1603.6) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.2.0-1603.6) |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.32-349.55) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (3.0.0-20.34~lucid1) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (abandoned) |
| Ubuntu 12.04 LTS (Precise Pangolin): | ignored (abandoned) |
| Ubuntu 12.10 (Quantal Quetzal): | ignored (abandoned) |
| Ubuntu 13.04 (Raring Ringtail): | ignored (abandoned) |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | ignored (abandoned) |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (abandoned) |
| Ubuntu 12.04 LTS (Precise Pangolin): | ignored (abandoned) |
| Ubuntu 12.10 (Quantal Quetzal): | ignored (abandoned) |
| Ubuntu 13.04 (Raring Ringtail): | ignored (abandoned) |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (abandoned) |
| Ubuntu 11.04 (Natty Narwhal): | ignored (abandoned) |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (abandoned) |
| Ubuntu 12.04 LTS (Precise Pangolin): | ignored (abandoned) |
| Ubuntu 12.10 (Quantal Quetzal): | ignored (abandoned) |
| Ubuntu 13.04 (Raring Ringtail): | ignored (abandoned) |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.38-16.67~lucid1) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | not-affected |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.32-44.98) |
| Ubuntu 11.04 (Natty Narwhal): | released (2.6.38-16.67) |
| Ubuntu 11.10 (Oneiric Ocelot): | released (3.0.0-20.34) |
| Ubuntu 12.04 LTS (Precise Pangolin): | released (3.2.0-24.38) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.4.0-1.1) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.4.0-1.1) |
Patches:
| Vendor: | https://rhn.redhat.com/errata/RHSA-2012-1064.html |
| Introduced by ee18d64c1f632043a02e6f5ba5e045bb26a5465f | Fixed by 79549c6dfda0603dba9a70a53467ce62d9335c33 |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | ignored (reached end-of-life) |
| Ubuntu 11.10 (Oneiric Ocelot): | released (3.0.0-1210.22) |
| Ubuntu 12.04 LTS (Precise Pangolin): | released (3.2.0-1413.17) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.4.0-1.1) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.4.0-1.1) |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | ignored (abandoned) |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (abandoned) |
| Ubuntu 12.04 LTS (Precise Pangolin): | ignored (abandoned) |
| Ubuntu 12.10 (Quantal Quetzal): | ignored (abandoned) |
| Ubuntu 13.04 (Raring Ringtail): | ignored (abandoned) |
Package
| Upstream: | released (3.4~rc3) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life, does not affect buildd) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |