CVE-2011-1019
Bug #804366 reported by
Paolo Pisati
on 2011-07-01
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| linux (Ubuntu) |
Medium
|
Unassigned | |||
| Hardy |
Medium
|
Unassigned | |||
| Lucid |
Medium
|
Unassigned | |||
| Maverick |
Medium
|
Unassigned | |||
| Natty |
Medium
|
Unassigned | |||
| Oneiric |
Medium
|
Unassigned | |||
| linux-ec2 (Ubuntu) |
Medium
|
Unassigned | |||
| Hardy |
Medium
|
Unassigned | |||
| Lucid |
Medium
|
Unassigned | |||
| Maverick |
Medium
|
Unassigned | |||
| Natty |
Medium
|
Unassigned | |||
| Oneiric |
Medium
|
Unassigned | |||
| linux-fsl-imx51 (Ubuntu) |
Medium
|
Unassigned | |||
| Hardy |
Medium
|
Unassigned | |||
| Lucid |
Medium
|
Unassigned | |||
| Maverick |
Medium
|
Unassigned | |||
| Natty |
Medium
|
Unassigned | |||
| Oneiric |
Medium
|
Unassigned | |||
| linux-linaro (Ubuntu) |
Undecided
|
Unassigned | |||
| Hardy |
Undecided
|
Unassigned | |||
| Lucid |
Undecided
|
Unassigned | |||
| Maverick |
Undecided
|
Unassigned | |||
| Natty |
Undecided
|
Unassigned | |||
| Oneiric |
Undecided
|
Unassigned | |||
| linux-lts-backport-maverick (Ubuntu) |
Medium
|
Unassigned | |||
| Hardy |
Medium
|
Unassigned | |||
| Lucid |
Medium
|
Unassigned | |||
| Maverick |
Medium
|
Unassigned | |||
| Natty |
Medium
|
Unassigned | |||
| Oneiric |
Medium
|
Unassigned | |||
| linux-lts-backport-natty (Ubuntu) |
Medium
|
Unassigned | |||
| Hardy |
Medium
|
Unassigned | |||
| Lucid |
Medium
|
Unassigned | |||
| Maverick |
Medium
|
Unassigned | |||
| Natty |
Medium
|
Unassigned | |||
| Oneiric |
Medium
|
Unassigned | |||
| linux-mvl-dove (Ubuntu) |
Medium
|
Unassigned | |||
| Hardy |
Medium
|
Unassigned | |||
| Lucid |
Medium
|
Unassigned | |||
| Maverick |
Medium
|
Unassigned | |||
| Natty |
Medium
|
Unassigned | |||
| Oneiric |
Medium
|
Unassigned | |||
| linux-qcm-msm (Ubuntu) |
Undecided
|
Unassigned | |||
| Hardy |
Undecided
|
Unassigned | |||
| Lucid |
Undecided
|
Unassigned | |||
| Maverick |
Undecided
|
Unassigned | |||
| Natty |
Undecided
|
Unassigned | |||
| Oneiric |
Undecided
|
Unassigned | |||
| linux-ti-omap4 (Ubuntu) |
Medium
|
Unassigned | |||
| Hardy |
Medium
|
Unassigned | |||
| Lucid |
Medium
|
Unassigned | |||
| Maverick |
Medium
|
Unassigned | |||
| Natty |
Medium
|
Unassigned | |||
| Oneiric |
Medium
|
Unassigned | |||
Bug Description
Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not needed to load kernel modules. A local attacker with the CAP_NET_ADMIN capability could load existing kernel modules, possibly increasing the attack surface available on the system.
Break-Fix: a8f80e8ff94ecba
Related branches
CVE References
- 2010-3296
- 2010-3297
- 2010-3858
- 2010-3859
- 2010-3880
- 2010-4073
- 2010-4076
- 2010-4077
- 2010-4080
- 2010-4081
- 2010-4082
- 2010-4083
- 2010-4157
- 2010-4162
- 2010-4163
- 2010-4169
- 2010-4175
- 2010-4242
- 2010-4243
- 2010-4248
- 2010-4256
- 2010-4565
- 2010-4649
- 2011-0463
- 2011-0695
- 2011-0711
- 2011-0726
- 2011-1010
- 2011-1012
- 2011-1013
- 2011-1016
- 2011-1017
- 2011-1019
- 2011-1020
- 2011-1078
- 2011-1079
- 2011-1080
- 2011-1082
- 2011-1090
- 2011-1093
- 2011-1160
- 2011-1163
- 2011-1169
- 2011-1170
- 2011-1171
- 2011-1172
- 2011-1173
- 2011-1180
- 2011-1478
- 2011-1493
- 2011-1494
- 2011-1577
- 2011-1598
- 2011-1748
- 2011-1770
- 2011-1833
- 2011-2484
- 2011-2492
- 2011-2534
- 2011-2699
- 2011-2918
Paolo Pisati (p-pisati)
on 2011-07-01
| visibility: | private → public |
| tags: | added: kernel-cve-tracker |
Kees Cook (kees)
on 2011-08-10
| Changed in linux-ec2 (Ubuntu Maverick): | |
| status: | New → Invalid |
| Changed in linux-lts-backport-natty (Ubuntu Maverick): | |
| status: | New → Invalid |
| Changed in linux-mvl-dove (Ubuntu Maverick): | |
| status: | New → Fix Released |
| Changed in linux-lts-backport-maverick (Ubuntu Maverick): | |
| status: | New → Invalid |
| Changed in linux (Ubuntu Maverick): | |
| status: | New → Fix Released |
| Changed in linux-ti-omap4 (Ubuntu Maverick): | |
| status: | New → Fix Committed |
| Changed in linux-fsl-imx51 (Ubuntu Maverick): | |
| status: | New → Invalid |
| description: | updated |
Kees Cook (kees)
on 2011-08-10
| Changed in linux-ec2 (Ubuntu Lucid): | |
| status: | New → Fix Released |
| Changed in linux-ec2 (Ubuntu Oneiric): | |
| status: | New → Invalid |
| Changed in linux-ec2 (Ubuntu Hardy): | |
| status: | New → Invalid |
| Changed in linux-ec2 (Ubuntu Natty): | |
| status: | New → Invalid |
| Changed in linux-lts-backport-natty (Ubuntu Lucid): | |
| status: | New → Invalid |
| Changed in linux-lts-backport-natty (Ubuntu Oneiric): | |
| status: | New → Invalid |
| Changed in linux-lts-backport-natty (Ubuntu Hardy): | |
| status: | New → Invalid |
| Changed in linux-lts-backport-natty (Ubuntu Natty): | |
| status: | New → Invalid |
| Changed in linux-mvl-dove (Ubuntu Lucid): | |
| status: | New → Fix Released |
| Changed in linux-mvl-dove (Ubuntu Oneiric): | |
| status: | New → Invalid |
| Changed in linux-mvl-dove (Ubuntu Hardy): | |
| status: | New → Invalid |
| Changed in linux-mvl-dove (Ubuntu Natty): | |
| status: | New → Invalid |
| Changed in linux-lts-backport-maverick (Ubuntu Lucid): | |
| status: | New → Fix Released |
| Changed in linux-lts-backport-maverick (Ubuntu Oneiric): | |
| status: | New → Invalid |
| Changed in linux-lts-backport-maverick (Ubuntu Hardy): | |
| status: | New → Invalid |
| Changed in linux-lts-backport-maverick (Ubuntu Natty): | |
| status: | New → Invalid |
| Changed in linux (Ubuntu Lucid): | |
| status: | New → Fix Released |
| Changed in linux (Ubuntu Oneiric): | |
| status: | New → Invalid |
| Changed in linux (Ubuntu Hardy): | |
| status: | New → Invalid |
| Changed in linux (Ubuntu Natty): | |
| status: | New → Fix Released |
| Changed in linux-ti-omap4 (Ubuntu Lucid): | |
| status: | New → Invalid |
| Changed in linux-ti-omap4 (Ubuntu Oneiric): | |
| status: | New → Invalid |
| Changed in linux-ti-omap4 (Ubuntu Hardy): | |
| status: | New → Invalid |
| Changed in linux-ti-omap4 (Ubuntu Natty): | |
| status: | New → Fix Committed |
| Changed in linux-fsl-imx51 (Ubuntu Lucid): | |
| status: | New → Invalid |
| Changed in linux-fsl-imx51 (Ubuntu Oneiric): | |
| status: | New → Invalid |
| Changed in linux-fsl-imx51 (Ubuntu Hardy): | |
| status: | New → Invalid |
| Changed in linux-fsl-imx51 (Ubuntu Natty): | |
| status: | New → Invalid |
| description: | updated |
Kees Cook (kees)
on 2011-08-16
| Changed in linux-ec2 (Ubuntu Lucid): | |
| importance: | Undecided → Medium |
| Changed in linux-ec2 (Ubuntu Oneiric): | |
| importance: | Undecided → Medium |
| Changed in linux-ec2 (Ubuntu Hardy): | |
| importance: | Undecided → Medium |
| Changed in linux-ec2 (Ubuntu Maverick): | |
| importance: | Undecided → Medium |
| Changed in linux-ec2 (Ubuntu Natty): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-natty (Ubuntu Lucid): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-natty (Ubuntu Oneiric): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-natty (Ubuntu Hardy): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-natty (Ubuntu Maverick): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-natty (Ubuntu Natty): | |
| importance: | Undecided → Medium |
| Changed in linux-mvl-dove (Ubuntu Lucid): | |
| importance: | Undecided → Medium |
| Changed in linux-mvl-dove (Ubuntu Oneiric): | |
| importance: | Undecided → Medium |
| Changed in linux-mvl-dove (Ubuntu Hardy): | |
| importance: | Undecided → Medium |
| Changed in linux-mvl-dove (Ubuntu Maverick): | |
| importance: | Undecided → Medium |
| Changed in linux-mvl-dove (Ubuntu Natty): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-maverick (Ubuntu Lucid): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-maverick (Ubuntu Oneiric): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-maverick (Ubuntu Hardy): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-maverick (Ubuntu Maverick): | |
| importance: | Undecided → Medium |
| Changed in linux-lts-backport-maverick (Ubuntu Natty): | |
| importance: | Undecided → Medium |
| Changed in linux (Ubuntu Lucid): | |
| importance: | Undecided → Medium |
| Changed in linux (Ubuntu Oneiric): | |
| importance: | Undecided → Medium |
| Changed in linux (Ubuntu Hardy): | |
| importance: | Undecided → Medium |
| Changed in linux (Ubuntu Maverick): | |
| importance: | Undecided → Medium |
| Changed in linux (Ubuntu Natty): | |
| importance: | Undecided → Medium |
| Changed in linux-ti-omap4 (Ubuntu Lucid): | |
| importance: | Undecided → Medium |
| Changed in linux-ti-omap4 (Ubuntu Oneiric): | |
| importance: | Undecided → Medium |
| Changed in linux-ti-omap4 (Ubuntu Hardy): | |
| importance: | Undecided → Medium |
| Changed in linux-ti-omap4 (Ubuntu Maverick): | |
| importance: | Undecided → Medium |
| Changed in linux-ti-omap4 (Ubuntu Natty): | |
| importance: | Undecided → Medium |
| Changed in linux-fsl-imx51 (Ubuntu Lucid): | |
| importance: | Undecided → Medium |
| Changed in linux-fsl-imx51 (Ubuntu Oneiric): | |
| importance: | Undecided → Medium |
| Changed in linux-fsl-imx51 (Ubuntu Hardy): | |
| importance: | Undecided → Medium |
| Changed in linux-fsl-imx51 (Ubuntu Maverick): | |
| importance: | Undecided → Medium |
| Changed in linux-fsl-imx51 (Ubuntu Natty): | |
| importance: | Undecided → Medium |
| Launchpad Janitor (janitor) wrote : | #1 |
Download full text (9.1 KiB)
| Changed in linux-ti-omap4 (Ubuntu Maverick): | |
| status: | Fix Committed → Fix Released |
| Jamie Strandboge (jdstrand) wrote : | #2 |
The linux-linaro kernel is community maintained and should be tracked in its own bug and not part of the supported kernel cadence process. If someone would like to provide updates for the linux-linaro kernel, please file a new bug and follow https:/
| Changed in linux-linaro (Ubuntu Lucid): | |
| status: | New → Won't Fix |
| Changed in linux-linaro (Ubuntu Maverick): | |
| status: | New → Won't Fix |
| Changed in linux-linaro (Ubuntu Natty): | |
| status: | New → Won't Fix |
| Changed in linux-linaro (Ubuntu Oneiric): | |
| status: | New → Won't Fix |
| Changed in linux-linaro (Ubuntu Hardy): | |
| status: | New → Won't Fix |
| Changed in linux-linaro (Ubuntu): | |
| status: | New → Won't Fix |
Marc Deslauriers (mdeslaur)
on 2013-01-31
| Changed in linux-linaro (Ubuntu): | |
| status: | Won't Fix → Invalid |
| Changed in linux-qcm-msm (Ubuntu): | |
| status: | New → Invalid |
| Changed in linux (Ubuntu Lucid): | |
| status: | Fix Released → Invalid |
| Changed in linux-ec2 (Ubuntu Lucid): | |
| status: | Fix Released → Invalid |
| Changed in linux-linaro (Ubuntu Lucid): | |
| status: | Won't Fix → Invalid |
| Changed in linux-lts-backport-maverick (Ubuntu Lucid): | |
| status: | Fix Released → Invalid |
| Changed in linux-mvl-dove (Ubuntu Lucid): | |
| status: | Fix Released → Invalid |
| Changed in linux-qcm-msm (Ubuntu Lucid): | |
| status: | New → Invalid |
| Changed in linux (Ubuntu Maverick): | |
| status: | Fix Released → Invalid |
| Changed in linux-linaro (Ubuntu Maverick): | |
| status: | Won't Fix → Invalid |
| Changed in linux-mvl-dove (Ubuntu Maverick): | |
| status: | Fix Released → Invalid |
| Changed in linux-qcm-msm (Ubuntu Maverick): | |
| status: | New → Invalid |
| Changed in linux-ti-omap4 (Ubuntu Maverick): | |
| status: | Fix Released → Invalid |
| Changed in linux (Ubuntu Natty): | |
| status: | Fix Released → Invalid |
| Changed in linux-linaro (Ubuntu Natty): | |
| status: | Won't Fix → Invalid |
| Changed in linux-qcm-msm (Ubuntu Natty): | |
| status: | New → Invalid |
| Changed in linux-ti-omap4 (Ubuntu Natty): | |
| status: | Fix Committed → Invalid |
| Changed in linux-linaro (Ubuntu Oneiric): | |
| status: | Won't Fix → Invalid |
| Changed in linux-qcm-msm (Ubuntu Oneiric): | |
| status: | New → Invalid |
| Changed in linux-linaro (Ubuntu Hardy): | |
| status: | Won't Fix → Invalid |
| Changed in linux-qcm-msm (Ubuntu Hardy): | |
| status: | New → Invalid |
To post a comment you must log in.
This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.24
---------------
linux-ti-omap4 (2.6.35-903.24) maverick-proposed; urgency=low
* Release tracking bug
- LP: #838037
[ Upstream Kernel Changes ]
* ipv6: make fragment identifications less predictable, CVE-2011-2699
- LP: #827685
- CVE-2011-2699
* perf: Fix software event overflow, CVE-2011-2918
- LP: #834121
- CVE-2011-2918
* proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
- LP: #813026
- CVE-2011-1020
linux-ti-omap4 (2.6.35-903.23) maverick-proposed; urgency=low
* Release tracking bug
- LP: #829655
[ Upstream Kernel Changes ]
* drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016
- LP: #745686
- CVE-2011-1016
* drm/radeon: fix regression with AA resolve checking, CVE-2011-1016
- LP: #745686
- CVE-2011-1016
* can-bcm: fix minor heap overflow
- LP: #690730
* CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565
- LP: #765007
- CVE-2010-4565
* av7110: check for negative array offset
- LP: #747520
* xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
CVE-2011-0711
- LP: #767740
- CVE-2011-0711
* ALSA: caiaq - Fix possible string-buffer overflow
- LP: #747520
* IB/cm: Bump reference count on cm_id before invoking callback,
CVE-2011-0695
- LP: #770369
- CVE-2011-0695
* RDMA/cma: Fix crash in request handlers, CVE-2011-0695
- LP: #770369
- CVE-2011-0695
* Treat writes as new when holes span across page boundaries,
CVE-2011-0463
- LP: #770483
- CVE-2011-0463
* net: clear heap allocations for privileged ethtool actions
- LP: #686158
* usb: iowarrior: don't trust report_size for buffer size
- LP: #747520
* fs/partitions/
CVE-2011-1017
- LP: #771382
- CVE-2011-1017
* Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal
code
- LP: #747520
* Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
- LP: #747520
* exec: make argv/envp memory visible to oom-killer
- LP: #690730
* next_pidmap: fix overflow condition
- LP: #772560
* proc: do proper range check on readdir offset
- LP: #772560
* ALSA: sound/pci/asihpi: check adapter index in hpi_ioctl, CVE-2011-1169
- LP: #785331
- CVE-2011-1169
* mpt2sas: prevent heap overflows and unchecked reads, CVE-2011-1494
- LP: #787145
- CVE-2011-1494
* agp: fix arbitrary kernel memory writes, CVE-1011-2022
- LP: #788684
- CVE-1011-2022
* can: add missing socket check in can/raw release, CVE-2011-1748
- LP: #788694
- CVE-2011-1748
* agp: fix OOM and buffer overflow
- LP: #788700
* drivers/
memory - CVE-2010-3296
- CVE-2010-3296
* drivers/net/eql.c: prevent reading uninitialized stack memory -
CVE-2010-3297
- CVE-2010-3297
* inet_diag: Make sure we actually run the same bytecode we audited,
CVE-2010-3880
- LP: #711865
- CVE-2010-3880
* setup_arg_pages: diagnose excessive argume...