CVE-2011-1182 (retired)

Priority
Description
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to
spoof the uid and pid of a signal sender via a sigqueueinfo system call.
Ubuntu-Description
Julien Tinnes discovered that the kernel did not correctly validate the
signal structure from tkill(). A local attacker could exploit this to send
signals to arbitrary threads, possibly bypassing expected restrictions.
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
More Information

Updated: 2019-03-26 11:55:50 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)