PublicDateAtUSN: 2011-05-03
Candidate: CVE-2011-1593
PublicDate: 2011-05-03 20:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593
 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.4
 http://groups.google.com/group/fa.linux.kernel/msg/4a28ecb7f755a88d?dmode=source
 https://ubuntu.com/security/notices/USN-1146-1
 https://ubuntu.com/security/notices/USN-1160-1
 https://ubuntu.com/security/notices/USN-1162-1
 https://ubuntu.com/security/notices/USN-1164-1
 https://ubuntu.com/security/notices/USN-1167-1
 https://ubuntu.com/security/notices/USN-1161-1
 https://ubuntu.com/security/notices/USN-1159-1
 https://ubuntu.com/security/notices/USN-1168-1
 https://ubuntu.com/security/notices/USN-1187-1
 https://ubuntu.com/security/notices/USN-1202-1
 https://ubuntu.com/security/notices/USN-1212-1
Description:
 Multiple integer overflows in the next_pidmap function in kernel/pid.c in
 the Linux kernel before 2.6.38.4 allow local users to cause a denial of
 service (system crash) via a crafted (1) getdents or (2) readdir system
 call.
Ubuntu-Description:
 Tavis Ormandy discovered that the pidmap function did not correctly handle
 large requests. A local attacker could exploit this to crash the system,
 leading to a denial of service.
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=697822
Priority: medium
Discovered-by: Tavis Ormandy
Assigned-to:
CVSS: 

Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: released (2.6.39~rc4)
dapper_linux-source-2.6.15: ignored
hardy_linux-source-2.6.15: DNE
lucid_linux-source-2.6.15: DNE
maverick_linux-source-2.6.15: DNE
natty_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

Patches_linux:
 upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d8bdc59f215e62098bc5b4256fd9928bf27053a1
 upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c78193e9c7bcbf25b8237ad0dec82f805c4ea69b
upstream_linux: released (2.6.39~rc4)
dapper_linux: DNE
hardy_linux: released (2.6.24-29.90)
lucid_linux: released (2.6.32-33.64)
maverick_linux: released (2.6.35-30.52)
natty_linux: released (2.6.38-9.43)
devel_linux: not-affected (2.6.39-0.4)

Patches_linux-ec2:
upstream_linux-ec2: released (2.6.39~rc4)
dapper_linux-ec2: DNE
hardy_linux-ec2: DNE
lucid_linux-ec2: released (2.6.32-317.32)
maverick_linux-ec2: ignored (binary supplied by "linux" now)
natty_linux-ec2: DNE
devel_linux-ec2: DNE

Patches_linux-mvl-dove:
upstream_linux-mvl-dove: released (2.6.39~rc4)
dapper_linux-mvl-dove: DNE
hardy_linux-mvl-dove: DNE
lucid_linux-mvl-dove: released (2.6.32-217.34)
maverick_linux-mvl-dove: released (2.6.32-417.34)
natty_linux-mvl-dove: DNE
devel_linux-mvl-dove: DNE

Patches_linux-ti-omap4:
upstream_linux-ti-omap4: released (2.6.39~rc4)
dapper_linux-ti-omap4: DNE
hardy_linux-ti-omap4: DNE
lucid_linux-ti-omap4: DNE
maverick_linux-ti-omap4: released (2.6.35-903.23)
natty_linux-ti-omap4: released (2.6.38-1209.13)
devel_linux-ti-omap4: not-affected (2.6.38-1309.13)

Patches_linux-lts-backport-maverick:
upstream_linux-lts-backport-maverick: released (2.6.39~rc4)
dapper_linux-lts-backport-maverick: DNE
hardy_linux-lts-backport-maverick: DNE
lucid_linux-lts-backport-maverick: released (2.6.35-30.54~lucid1)
maverick_linux-lts-backport-maverick: DNE
natty_linux-lts-backport-maverick: DNE
devel_linux-lts-backport-maverick: DNE

Patches_linux-fsl-imx51:
upstream_linux-fsl-imx51: released (2.6.39~rc4)
dapper_linux-fsl-imx51: DNE
hardy_linux-fsl-imx51: DNE
lucid_linux-fsl-imx51: released (2.6.31-609.26)
maverick_linux-fsl-imx51: DNE
natty_linux-fsl-imx51: DNE
devel_linux-fsl-imx51: DNE

Patches_linux-lts-backport-natty:
upstream_linux-lts-backport-natty: released (2.6.39~rc4)
hardy_linux-lts-backport-natty: DNE
lucid_linux-lts-backport-natty: not-affected (2.6.38-9.43~lucid1)
maverick_linux-lts-backport-natty: DNE
natty_linux-lts-backport-natty: DNE
devel_linux-lts-backport-natty: DNE