CVE-2011-1182

Priority
Description
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to
spoof the uid and pid of a signal sender via a sigqueueinfo system call.
Ubuntu-Description
Julien Tinnes discovered that the kernel did not correctly validate the
signal structure from tkill(). A local attacker could exploit this to send
signals to arbitrary threads, possibly bypassing expected restrictions.
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
More Information

Updated: 2019-03-19 11:57:42 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)