Launchpad.net

CVE 2011-2184

The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960.

Related bugs and status

CVE-2011-2184 (Candidate) is related to these bugs:

Bug #844367: CVE-2011-2184

		In	Importance	Status
844367	CVE-2011-2184	linux (Ubuntu)	Low	Invalid
844367	CVE-2011-2184	linux-fsl-imx51 (Ubuntu)	Low	Invalid
844367	CVE-2011-2184	linux-mvl-dove (Ubuntu)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-maverick (Ubuntu)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-natty (Ubuntu)	Low	Invalid
844367	CVE-2011-2184	linux-ti-omap4 (Ubuntu)	Low	Fix Released
844367	CVE-2011-2184	linux (Ubuntu Oneiric)	Low	Invalid
844367	CVE-2011-2184	linux-fsl-imx51 (Ubuntu Oneiric)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-maverick (Ubuntu Oneiric)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-natty (Ubuntu Oneiric)	Low	Invalid
844367	CVE-2011-2184	linux-mvl-dove (Ubuntu Oneiric)	Low	Invalid
844367	CVE-2011-2184	linux-ti-omap4 (Ubuntu Oneiric)	Low	Fix Released
844367	CVE-2011-2184	linux (Ubuntu Natty)	Low	Invalid
844367	CVE-2011-2184	linux-fsl-imx51 (Ubuntu Natty)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-maverick (Ubuntu Natty)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-natty (Ubuntu Natty)	Low	Invalid
844367	CVE-2011-2184	linux-mvl-dove (Ubuntu Natty)	Low	Invalid
844367	CVE-2011-2184	linux-ti-omap4 (Ubuntu Natty)	Low	Invalid
844367	CVE-2011-2184	linux (Ubuntu Maverick)	Low	Invalid
844367	CVE-2011-2184	linux-fsl-imx51 (Ubuntu Maverick)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-maverick (Ubuntu Maverick)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-natty (Ubuntu Maverick)	Low	Invalid
844367	CVE-2011-2184	linux-mvl-dove (Ubuntu Maverick)	Low	Invalid
844367	CVE-2011-2184	linux-ti-omap4 (Ubuntu Maverick)	Low	Invalid
844367	CVE-2011-2184	linux (Ubuntu Lucid)	Low	Invalid
844367	CVE-2011-2184	linux-fsl-imx51 (Ubuntu Lucid)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-maverick (Ubuntu Lucid)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-natty (Ubuntu Lucid)	Low	Invalid
844367	CVE-2011-2184	linux-mvl-dove (Ubuntu Lucid)	Low	Invalid
844367	CVE-2011-2184	linux-ti-omap4 (Ubuntu Lucid)	Low	Invalid
844367	CVE-2011-2184	linux (Ubuntu Hardy)	Low	Invalid
844367	CVE-2011-2184	linux-fsl-imx51 (Ubuntu Hardy)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-maverick (Ubuntu Hardy)	Low	Invalid
844367	CVE-2011-2184	linux-lts-backport-natty (Ubuntu Hardy)	Low	Invalid
844367	CVE-2011-2184	linux-mvl-dove (Ubuntu Hardy)	Low	Invalid
844367	CVE-2011-2184	linux-ti-omap4 (Ubuntu Hardy)	Low	Invalid
844367	CVE-2011-2184	linux-ec2 (Ubuntu)	Low	Invalid
844367	CVE-2011-2184	linux-ec2 (Ubuntu Hardy)	Low	Invalid
844367	CVE-2011-2184	linux-ec2 (Ubuntu Lucid)	Low	Invalid
844367	CVE-2011-2184	linux-ec2 (Ubuntu Maverick)	Low	Invalid
844367	CVE-2011-2184	linux-ec2 (Ubuntu Natty)	Low	Invalid
844367	CVE-2011-2184	linux-ec2 (Ubuntu Oneiric)	Low	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-2184

Related bugs and status

Related bugs

References