Ubuntu
linux package

CVE-2011-2184

Bug #844367 reported by Kees Cook on 2011-09-07

258

This bug affects 1 person

	Status	Importance	Assigned to
linux (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
linux-ec2 (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
linux-fsl-imx51 (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
linux-lts-backport-maverick (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
linux-lts-backport-natty (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
linux-mvl-dove (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
linux-ti-omap4 (Ubuntu)	Fix Released	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Fix Released	Low	Unassigned

Bug Description

The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960.

Break-Fix: 47a150edc2ae734c0f4bf50aa19499e23b9a46f8 f7285b5d631fd6096b11c6af0058ed3a2b30ef4e

See original description

Tags:

CVE References

2011-2184

Revision history for this message

Kees Cook (kees) wrote on 2011-09-07:

CVE-2011-2184

tags:	added: kernel-cve-tracking-bug
security vulnerability:	no → yes
Changed in linux-ec2 (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Natty):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Natty):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Natty):
status:	New → Invalid
description:	updated
Changed in linux-ec2 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Maverick):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Natty):
importance:	Undecided → Low

Marc Deslauriers (mdeslaur) on 2011-09-19

Changed in linux-ec2 (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status:	New → Invalid
Changed in linux (Ubuntu Lucid):
status:	New → Invalid
Changed in linux (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux (Ubuntu Hardy):
status:	New → Invalid
Changed in linux (Ubuntu Maverick):
status:	New → Invalid
Changed in linux (Ubuntu Natty):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status:	New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Natty):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status:	New → Invalid
description:	updated

Paolo Pisati (p-pisati) on 2012-01-30

Changed in linux-ti-omap4 (Ubuntu):
status:	Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

CVE-2011-2184

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package