PublicDateAtUSN: 2010-09-30
Candidate: CVE-2010-3079
PublicDate: 2010-09-30 15:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3079
 https://ubuntu.com/security/notices/USN-1041-1
 https://ubuntu.com/security/notices/USN-1074-1
 https://ubuntu.com/security/notices/USN-1074-2
 https://ubuntu.com/security/notices/USN-1083-1
 https://ubuntu.com/security/notices/USN-1119-1
 https://ubuntu.com/security/notices/USN-1093-1
Description:
 kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is
 enabled, does not properly handle interaction between mutex possession and
 llseek operations, which allows local users to cause a denial of service
 (NULL pointer dereference and outage of all function tracing files) via an
 lseek call on a file descriptor associated with the set_ftrace_filter file.
Ubuntu-Description:
 Robert Swiecki discovered that ftrace did not correctly handle mutexes. A
 local attacker could exploit this to crash the kernel, leading to a denial
 of service.
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=631623
Priority: low
Discovered-by:
Assigned-to: ogasawara
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [5.5 MEDIUM]

Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: released (2.6.36~rc4)
dapper_linux-source-2.6.15: not-affected
hardy_linux-source-2.6.15: DNE
jaunty_linux-source-2.6.15: DNE
karmic_linux-source-2.6.15: DNE
lucid_linux-source-2.6.15: DNE
maverick_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

Patches_linux:
 upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9c55cb12c1c172e2d51e85fbb5a4796ca86b77e7
 karmic: http://chinstrap.ubuntu.com/~ogasawara/CVEs/CVE-2010-3079/patches/karmic/linux/0001-tracing-Do-not-allow-llseek-to-set_ftrace_filter.txt
 lucid: http://chinstrap.ubuntu.com/~ogasawara/CVEs/CVE-2010-3079/patches/lucid/linux/0001-tracing-Do-not-allow-llseek-to-set_ftrace_filter.txt
 maverick: http://chinstrap.ubuntu.com/~ogasawara/CVEs/CVE-2010-3079/patches/maverick/linux/0001-tracing-Do-not-allow-llseek-to-set_ftrace_filter.txt
upstream_linux: released (2.6.36~rc4)
dapper_linux: DNE
hardy_linux: not-affected
jaunty_linux: ignored (reached end-of-life)
karmic_linux: released (2.6.31-22.70)
lucid_linux: released (2.6.32-27.49)
maverick_linux: released (2.6.35-24.42)
devel_linux: released (2.6.36-0.1)

Patches_linux-fsl-imx51:
upstream_linux-fsl-imx51: released (2.6.36~rc4)
dapper_linux-fsl-imx51: DNE
hardy_linux-fsl-imx51: DNE
karmic_linux-fsl-imx51: released (2.6.31-112.30)
lucid_linux-fsl-imx51: released (2.6.31-608.22)
maverick_linux-fsl-imx51: DNE
devel_linux-fsl-imx51: DNE

Patches_linux-ec2:
upstream_linux-ec2: released (2.6.36~rc4)
dapper_linux-ec2: DNE
hardy_linux-ec2: DNE
karmic_linux-ec2: released (2.6.31-307.23)
lucid_linux-ec2: released (2.6.32-311.23)
maverick_linux-ec2: ignored (binary supplied by "linux" now)
devel_linux-ec2: DNE

Patches_linux-lts-backport-maverick:
upstream_linux-lts-backport-maverick: released (2.6.36~rc4)
dapper_linux-lts-backport-maverick: DNE
hardy_linux-lts-backport-maverick: DNE
karmic_linux-lts-backport-maverick: DNE
lucid_linux-lts-backport-maverick: released (2.6.35-25.44~lucid1)
maverick_linux-lts-backport-maverick: DNE
devel_linux-lts-backport-maverick: DNE

Patches_linux-ti-omap4:
upstream_linux-ti-omap4: released (2.6.36~rc4)
dapper_linux-ti-omap4: DNE
hardy_linux-ti-omap4: DNE
karmic_linux-ti-omap4: DNE
lucid_linux-ti-omap4: DNE
maverick_linux-ti-omap4: released (2.6.35-903.22)
devel_linux-ti-omap4: not-affected

Patches_linux-mvl-dove:
upstream_linux-mvl-dove: released (2.6.36~rc4)
dapper_linux-mvl-dove: DNE
hardy_linux-mvl-dove: DNE
karmic_linux-mvl-dove: ignored (abandonded branch)
lucid_linux-mvl-dove: released (2.6.32-216.33)
maverick_linux-mvl-dove: released (2.6.32-416.33)
devel_linux-mvl-dove: DNE