Ubuntu

Overview
Code
Bugs
Blueprints
Translations
Answers

CVE-2012-3510

Reported by John Johansen on 2012-08-27

258

This bug affects 1 person

	Status	Importance	Assigned to
linux (Ubuntu)	Invalid	Low	Unassigned
Hardy	Won't Fix	Low	Unassigned
Lucid	Fix Committed	Low	Unassigned
Natty	Won't Fix	Low	Unassigned
Oneiric	Won't Fix	Low	Unassigned
Precise	Fix Committed	Low	Unassigned
Quantal	Invalid	Low	Unassigned
linux-armadaxp (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
linux-ec2 (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Fix Committed	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
linux-fsl-imx51 (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
linux-lts-backport-maverick (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
linux-lts-backport-natty (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Won't Fix	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
linux-lts-backport-oneiric (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Won't Fix	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
linux-mvl-dove (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
Quantal	Invalid	Low	Unassigned
linux-ti-omap4 (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Natty	Won't Fix	Low	Unassigned
Oneiric	Won't Fix	Low	Unassigned
Precise	Fix Committed	Low	Unassigned
Quantal	Invalid	Low	Unassigned

(?)

Bug Description

Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.

Break-Fix: 9acc1853519a0473620d424105f9d49ea5b4e62e f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9

See original description

Tags: Edit Tag help

CVE References

2012-3510

John Johansen (jjohansen) wrote on 2012-08-27:

CVE-2012-3510

tags:	added: kernel-cve-tracking-bug
security vulnerability:	no → yes
Changed in linux-armadaxp (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-armadaxp (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-armadaxp (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-armadaxp (Ubuntu Natty):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Natty):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Precise):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Natty):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Natty):
status:	New → Invalid
description:	updated
Changed in linux-armadaxp (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-armadaxp (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Hardy):
importance:	Undecided → Low

John Johansen (jjohansen) on 2012-08-27

Changed in linux-lts-backport-natty (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Lucid):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Natty):
importance:	Undecided → Low

Tim Gardner (timg-tpi) wrote on 2012-08-30:

The original patch that caused the theoretical vulnerability was introduced in v2.6.19-rc1, the fix was introduced in v2.6.19-rc4.

Changed in linux (Ubuntu Hardy):
status:	New → Fix Released
Changed in linux (Ubuntu Lucid):
status:	New → Fix Released
Changed in linux (Ubuntu Natty):
status:	New → Fix Released
Changed in linux (Ubuntu Oneiric):
status:	New → Fix Released
Changed in linux (Ubuntu Precise):
status:	New → Fix Released
Changed in linux (Ubuntu Quantal):
status:	New → Fix Released

John Johansen (jjohansen) on 2012-08-30

Changed in linux (Ubuntu Precise):
status:	Fix Released → New
Changed in linux (Ubuntu Oneiric):
status:	Fix Released → New
Changed in linux (Ubuntu Lucid):
status:	Fix Released → New
Changed in linux (Ubuntu Quantal):
status:	Fix Released → New
Changed in linux (Ubuntu Hardy):
status:	Fix Released → New
Changed in linux (Ubuntu Natty):
status:	Fix Released → New

John Johansen (jjohansen) on 2012-09-05

Changed in linux-armadaxp (Ubuntu Precise):
status:	New → Invalid
Changed in linux-armadaxp (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Lucid):
status:	New → Fix Committed
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status:	New → Fix Committed
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status:	New → Fix Committed
Changed in linux (Ubuntu Precise):
status:	New → Fix Committed
Changed in linux (Ubuntu Oneiric):
status:	New → Fix Committed
Changed in linux (Ubuntu Lucid):
status:	New → Fix Committed
Changed in linux (Ubuntu Quantal):
status:	New → Invalid
Changed in linux (Ubuntu Hardy):
status:	New → Fix Committed
Changed in linux (Ubuntu Natty):
status:	New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Precise):
status:	New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status:	New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Quantal):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Natty):
status:	New → Fix Committed
description:	updated

John Johansen (jjohansen) on 2012-10-04

description:

updated

Jamie Strandboge (jdstrand) wrote on 2013-05-21:

Thank you for reporting this bug to Ubuntu. hardy has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against hardy is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux (Ubuntu Hardy):
status:	Fix Committed → Won't Fix

Jamie Strandboge (jdstrand) wrote on 2013-05-21:

Thank you for reporting this bug to Ubuntu. lucid has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against lucid is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status:	Fix Committed → Won't Fix

Jamie Strandboge (jdstrand) wrote on 2013-05-21:

Thank you for reporting this bug to Ubuntu. natty has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against natty is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux-ti-omap4 (Ubuntu Natty):
status:	Fix Committed → Won't Fix

Jamie Strandboge (jdstrand) wrote on 2013-05-21:

Thank you for reporting this bug to Ubuntu. oneiric has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against oneiric is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux-ti-omap4 (Ubuntu Oneiric):
status:	Fix Committed → Won't Fix

Jamie Strandboge (jdstrand) wrote on 2013-05-21:

Thank you for reporting this bug to Ubuntu. precise has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against precise is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux-ti-omap4 (Ubuntu Precise):
status:	Fix Committed → Won't Fix

Jamie Strandboge (jdstrand) wrote on 2013-05-21:

Undoing inadvertent change.

Changed in linux-ti-omap4 (Ubuntu Precise):
status:	Won't Fix → New
status:	New → Fix Committed

Jamie Strandboge (jdstrand) on 2013-05-22

Changed in linux-lts-backport-natty (Ubuntu Lucid):
status:	Fix Committed → Won't Fix

Jamie Strandboge (jdstrand) wrote on 2013-07-12:

Please feel free to report any other bugs you may find.

Changed in linux (Ubuntu Natty):
status:	Fix Committed → Won't Fix

Jamie Strandboge (jdstrand) wrote on 2013-07-12:

#10

Please feel free to report any other bugs you may find.

Changed in linux (Ubuntu Oneiric):
status:	Fix Committed → Won't Fix

Report a bug

This report contains Public Security information Edit

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers