CVE-2011-1759

Priority
Low
Description
Integer overflow in the sys_oabi_semtimedop function in
arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 2.6.39 on the
ARM platform, when CONFIG_OABI_COMPAT is enabled, allows local users to
gain privileges or cause a denial of service (heap memory corruption) by
providing a crafted argument and leveraging a race condition.
Ubuntu-Description
Dan Rosenberg reported an error in the old ABI compatibility layer of ARM
kernels. A local attacker could exploit this flaw to cause a denial of
service or gain root privileges.
References
Bugs
Package
Upstream:released (2.6.39~rc6)
Package
Upstream:released (2.6.39~rc6)
Package
Upstream:released (2.6.39~rc6)
Package
Upstream:released (2.6.39~rc6)
Package
Upstream:released (2.6.39~rc6)
Package
Upstream:released (2.6.39~rc6)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.39~rc6)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 0f22072ab50cac7983f9660d33974b45184da4f9
Package
Upstream:released (2.6.39~rc6)
Package
Upstream:released (2.6.39~rc6)
More Information

Updated: 2017-08-11 23:47:01 UTC (commit 13081)