PublicDateAtUSN: 2012-01-04 Candidate: CVE-2012-0028 PublicDate: 2012-06-21 23:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0028 http://openwall.com/lists/oss-security/2012/01/04/17 https://ubuntu.com/security/notices/USN-1390-1 Description: The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process. Ubuntu-Description: A flaw was found in how the linux kernel handles user-space held futexs. An unprivileged user could exploit this flaw to cause a denial of service or possibly elevate privileges. Notes: Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=771764 https://launchpad.net/bugs/927889 Priority: medium Discovered-by: Assigned-to: CVSS: Patches_linux: break-fix: - 8141c7f3e7aee618312fa1c15109e1219de784a7 break-fix: - fc6b177dee33365ccb29fe6d2092223cf8d679f9 upstream_linux: released (2.6.32~rc4) hardy_linux: released (2.6.24-31.99) lucid_linux: not-affected (2.6.32-1.1) maverick_linux: ignored (was pending [2.6.35-1.1] now end-of-life) natty_linux: not-affected (2.6.37-2.9) oneiric_linux: not-affected (2.6.39-0.0) precise_linux: not-affected (3.1.0-1.1) quantal_linux: not-affected (3.1.0-1.0) raring_linux: not-affected (3.1.0-1.0) devel_linux: not-affected (3.1.0-1.0) Patches_linux-ec2: upstream_linux-ec2: released (2.6.32~rc4) hardy_linux-ec2: DNE lucid_linux-ec2: not-affected (2.6.32-300.1) maverick_linux-ec2: ignored (binary supplied by "linux" now) natty_linux-ec2: DNE oneiric_linux-ec2: DNE precise_linux-ec2: DNE quantal_linux-ec2: DNE raring_linux-ec2: DNE devel_linux-ec2: DNE Patches_linux-mvl-dove: upstream_linux-mvl-dove: released (2.6.32~rc4) hardy_linux-mvl-dove: DNE lucid_linux-mvl-dove: ignored (reached end-of-life) maverick_linux-mvl-dove: ignored (was pending [2.6.32-409.25] now end-of-life) natty_linux-mvl-dove: DNE oneiric_linux-mvl-dove: DNE precise_linux-mvl-dove: DNE quantal_linux-mvl-dove: DNE raring_linux-mvl-dove: DNE devel_linux-mvl-dove: DNE Patches_linux-ti-omap4: upstream_linux-ti-omap4: released (2.6.32~rc4) hardy_linux-ti-omap4: DNE lucid_linux-ti-omap4: DNE maverick_linux-ti-omap4: ignored (was pending [2.6.35-903.8] now end-of-life) natty_linux-ti-omap4: not-affected (2.6.38-1201.2) oneiric_linux-ti-omap4: not-affected (2.6.38-1309.13) precise_linux-ti-omap4: not-affected (3.0.0-1401.2) quantal_linux-ti-omap4: not-affected (3.0.0-1401.2) raring_linux-ti-omap4: not-affected (3.0.0-1401.2) devel_linux-ti-omap4: not-affected (3.0.0-1401.2) Patches_linux-lts-backport-maverick: upstream_linux-lts-backport-maverick: released (2.6.32~rc4) hardy_linux-lts-backport-maverick: DNE lucid_linux-lts-backport-maverick: ignored (reached end-of-life) maverick_linux-lts-backport-maverick: DNE natty_linux-lts-backport-maverick: DNE oneiric_linux-lts-backport-maverick: DNE precise_linux-lts-backport-maverick: DNE quantal_linux-lts-backport-maverick: DNE raring_linux-lts-backport-maverick: DNE devel_linux-lts-backport-maverick: DNE Patches_linux-fsl-imx51: upstream_linux-fsl-imx51: released (2.6.32~rc4) hardy_linux-fsl-imx51: DNE lucid_linux-fsl-imx51: not-affected (2.6.31-600.1) maverick_linux-fsl-imx51: DNE natty_linux-fsl-imx51: DNE oneiric_linux-fsl-imx51: DNE precise_linux-fsl-imx51: DNE quantal_linux-fsl-imx51: DNE raring_linux-fsl-imx51: DNE devel_linux-fsl-imx51: DNE Patches_linux-lts-backport-natty: upstream_linux-lts-backport-natty: released (2.6.32~rc4) hardy_linux-lts-backport-natty: DNE lucid_linux-lts-backport-natty: not-affected (2.6.38-1.27~lucid1) maverick_linux-lts-backport-natty: DNE natty_linux-lts-backport-natty: DNE oneiric_linux-lts-backport-natty: DNE precise_linux-lts-backport-natty: DNE quantal_linux-lts-backport-natty: DNE raring_linux-lts-backport-natty: DNE devel_linux-lts-backport-natty: DNE Patches_linux-lts-backport-oneiric: upstream_linux-lts-backport-oneiric: released (2.6.32~rc4) hardy_linux-lts-backport-oneiric: DNE lucid_linux-lts-backport-oneiric: not-affected (3.0.0-5.6~lucid1) maverick_linux-lts-backport-oneiric: DNE natty_linux-lts-backport-oneiric: DNE oneiric_linux-lts-backport-oneiric: DNE precise_linux-lts-backport-oneiric: DNE quantal_linux-lts-backport-oneiric: DNE raring_linux-lts-backport-oneiric: DNE devel_linux-lts-backport-oneiric: DNE Patches_linux-armadaxp: upstream_linux-armadaxp: released (2.6.32~rc4) hardy_linux-armadaxp: DNE lucid_linux-armadaxp: DNE natty_linux-armadaxp: DNE oneiric_linux-armadaxp: DNE precise_linux-armadaxp: not-affected (3.2.0-1600.1) quantal_linux-armadaxp: not-affected (3.2.0-1602.5) raring_linux-armadaxp: DNE devel_linux-armadaxp: DNE Patches_linux-lts-quantal: upstream_linux-lts-quantal: released (2.6.32~rc4) hardy_linux-lts-quantal: DNE lucid_linux-lts-quantal: DNE oneiric_linux-lts-quantal: DNE precise_linux-lts-quantal: not-affected quantal_linux-lts-quantal: DNE raring_linux-lts-quantal: DNE devel_linux-lts-quantal: DNE Patches_linux-lts-raring: upstream_linux-lts-raring: released (2.6.32~rc4) hardy_linux-lts-raring: DNE lucid_linux-lts-raring: DNE oneiric_linux-lts-raring: DNE precise_linux-lts-raring: not-affected quantal_linux-lts-raring: DNE raring_linux-lts-raring: DNE devel_linux-lts-raring: DNE