CVE-2011-1169
Published: 3 May 2011
Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer.
From the Ubuntu Security Team
Dan Rosenberg discovered that some ALSA drivers did not correctly check the adapter index during ioctl calls. If this driver was loaded, a local attacker could make a specially crafted ioctl call to gain root privileges.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Not vulnerable
|
|
lucid |
Not vulnerable
|
|
maverick |
Released
(2.6.35-30.52)
|
|
natty |
Released
(2.6.38-8.40)
|
|
upstream |
Released
(2.6.39~rc1)
|
|
Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commit;h=4a122c10fbfe9020df469f0f669da129c5757671 |
||
linux-ec2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
lucid |
Not vulnerable
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.39~rc1)
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
lucid |
Not vulnerable
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.39~rc1)
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
lucid |
Released
(2.6.35-30.54~lucid1)
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.39~rc1)
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
(2.6.38-8.40~lucid1)
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.39~rc1)
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.39~rc1)
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.39~rc1)
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Released
(2.6.35-903.23)
|
|
natty |
Released
(2.6.38-1208.11)
|
|
upstream |
Released
(2.6.39~rc1)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1169
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.1
- https://ubuntu.com/security/notices/USN-1160-1
- https://ubuntu.com/security/notices/USN-1167-1
- https://ubuntu.com/security/notices/USN-1187-1
- https://ubuntu.com/security/notices/USN-1202-1
- NVD
- Launchpad
- Debian