PublicDateAtUSN: 2011-06-24
Candidate: CVE-2011-1770
PublicDate: 2011-06-24 20:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1770
 http://marc.info/?l=linux-kernel&m=130468845209036&w=2
 https://ubuntu.com/security/notices/USN-1167-1
 https://ubuntu.com/security/notices/USN-1161-1
 https://ubuntu.com/security/notices/USN-1159-1
 https://ubuntu.com/security/notices/USN-1168-1
 https://ubuntu.com/security/notices/USN-1162-1
 https://ubuntu.com/security/notices/USN-1202-1
 https://ubuntu.com/security/notices/USN-1205-1
 https://ubuntu.com/security/notices/USN-1201-1
 https://ubuntu.com/security/notices/USN-1204-1
 https://ubuntu.com/security/notices/USN-1212-1
Description:
 Integer underflow in the dccp_parse_options function (net/dccp/options.c)
 in the Linux kernel before 2.6.33.14 allows remote attackers to cause a
 denial of service via a Datagram Congestion Control Protocol (DCCP) packet
 with an invalid feature options length, which triggers a buffer over-read.
Ubuntu-Description:
 Dan Rosenberg discovered that the DCCP stack did not correctly handle
 certain packet structures. A remote attacker could exploit this to crash
 the system, leading to a denial of service.
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=703011
 https://launchpad.net/bugs/806375
Priority: medium
Discovered-by: Dan Rosenberg
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

Patches_linux:
 break-fix: e77b8363b2ea7c0d89919547c1a8b0562f298b57 a294865978b701e4d0d90135672749531b9a900d
upstream_linux: released (2.6.39)
hardy_linux: not-affected
lucid_linux: released (2.6.32-33.64)
maverick_linux: released (2.6.35-30.57)
natty_linux: released (2.6.38-10.44)
devel_linux: not-affected (2.6.39-3.9)

Patches_linux-ec2:
upstream_linux-ec2: released (2.6.39)
hardy_linux-ec2: DNE
lucid_linux-ec2: released (2.6.32-317.32)
maverick_linux-ec2: ignored (binary supplied by "linux" now)
natty_linux-ec2: DNE
devel_linux-ec2: DNE

Patches_linux-mvl-dove:
upstream_linux-mvl-dove: released (2.6.39)
hardy_linux-mvl-dove: DNE
lucid_linux-mvl-dove: released (2.6.32-217.34)
maverick_linux-mvl-dove: released (2.6.32-417.34)
natty_linux-mvl-dove: DNE
devel_linux-mvl-dove: DNE

Patches_linux-ti-omap4:
upstream_linux-ti-omap4: released (2.6.39)
hardy_linux-ti-omap4: DNE
lucid_linux-ti-omap4: DNE
maverick_linux-ti-omap4: released (2.6.35-903.23)
natty_linux-ti-omap4: released (2.6.38-1209.15)
devel_linux-ti-omap4: not-affected (3.0.0-1204.9)

Patches_linux-lts-backport-maverick:
upstream_linux-lts-backport-maverick: released (2.6.39)
hardy_linux-lts-backport-maverick: DNE
lucid_linux-lts-backport-maverick: released (2.6.35-30.57~lucid1)
maverick_linux-lts-backport-maverick: DNE
natty_linux-lts-backport-maverick: DNE
devel_linux-lts-backport-maverick: DNE

Patches_linux-fsl-imx51:
upstream_linux-fsl-imx51: released (2.6.39)
hardy_linux-fsl-imx51: DNE
lucid_linux-fsl-imx51: released (2.6.31-610.27)
maverick_linux-fsl-imx51: DNE
natty_linux-fsl-imx51: DNE
devel_linux-fsl-imx51: DNE

Patches_linux-lts-backport-natty:
upstream_linux-lts-backport-natty: released (2.6.39)
hardy_linux-lts-backport-natty: DNE
lucid_linux-lts-backport-natty: not-affected (2.6.38-10.44~lucid1)
maverick_linux-lts-backport-natty: DNE
natty_linux-lts-backport-natty: DNE
devel_linux-lts-backport-natty: DNE