CVE-2011-1021
Published: 21 June 2012
drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.
Notes
Author | Note |
---|---|
apw | note that CONFIG_ACPI_DEBUG must be off before the fixing commit and CONFIG_ACPI_CUSTOM_METHOD must be off after it. Confirmed off in all cases, and CONFIG_ACPI_CUSTOM_METHOD is enforced off. |
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Not vulnerable
|
|
precise |
Not vulnerable
(3.1.0-1.1)
|
|
quantal |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
trusty |
Not vulnerable
(3.11.0-12.19)
|
|
upstream |
Released
(3.0~rc1)
|
|
Patches: Introduced by a1a541d86f50a9957beeedb122a035870d602647 |
||
linux-ec2 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-flo Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
(trusty was not-affected [3.4.0-1.3])
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-goldfish Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was not-affected [3.4.0-1.7])
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-grouper Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was not-affected [3.1.10-8.28])
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-maguro Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was not-affected [3.0.0-3.18])
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-mako Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was not-affected [3.4.0-3.21])
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-manta Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Ignored
|
|
trusty |
Does not exist
(trusty was not-affected [3.4.0-4.19])
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.0~rc1)
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
maverick |
Not vulnerable
|
|
natty |
Not vulnerable
|
|
precise |
Not vulnerable
(3.0.0-1401.2)
|
|
quantal |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.0~rc1)
|