Ubuntu

CVE-2012-3510

Reported by John Johansen on 2012-08-27
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
linux-armadaxp (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
linux-ec2 (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
linux-fsl-imx51 (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
linux-lts-backport-maverick (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
linux-lts-backport-natty (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
linux-lts-backport-oneiric (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
linux-mvl-dove (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned
linux-ti-omap4 (Ubuntu)
Low
Unassigned
Hardy
Low
Unassigned
Lucid
Low
Unassigned
Natty
Low
Unassigned
Oneiric
Low
Unassigned
Precise
Low
Unassigned
Quantal
Low
Unassigned

Bug Description

Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.

Break-Fix: 9acc1853519a0473620d424105f9d49ea5b4e62e f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9

CVE References

John Johansen (jjohansen) wrote :

CVE-2012-3510

tags: added: kernel-cve-tracking-bug
security vulnerability: no → yes
Changed in linux-armadaxp (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Hardy):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Natty):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Natty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Quantal):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Natty):
status: New → Invalid
description: updated
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Natty):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Natty):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
importance: Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Natty):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Natty):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Natty):
importance: Undecided → Low
Changed in linux (Ubuntu Precise):
importance: Undecided → Low
Changed in linux (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux (Ubuntu Natty):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Natty):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Natty):
importance: Undecided → Low
Tim Gardner (timg-tpi) wrote :

The original patch that caused the theoretical vulnerability was introduced in v2.6.19-rc1, the fix was introduced in v2.6.19-rc4.

Changed in linux (Ubuntu Hardy):
status: New → Fix Released
Changed in linux (Ubuntu Lucid):
status: New → Fix Released
Changed in linux (Ubuntu Natty):
status: New → Fix Released
Changed in linux (Ubuntu Oneiric):
status: New → Fix Released
Changed in linux (Ubuntu Precise):
status: New → Fix Released
Changed in linux (Ubuntu Quantal):
status: New → Fix Released
Changed in linux (Ubuntu Precise):
status: Fix Released → New
Changed in linux (Ubuntu Oneiric):
status: Fix Released → New
Changed in linux (Ubuntu Lucid):
status: Fix Released → New
Changed in linux (Ubuntu Quantal):
status: Fix Released → New
Changed in linux (Ubuntu Hardy):
status: Fix Released → New
Changed in linux (Ubuntu Natty):
status: Fix Released → New
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Oneiric):
status: New → Fix Committed
Changed in linux (Ubuntu Lucid):
status: New → Fix Committed
Changed in linux (Ubuntu Quantal):
status: New → Invalid
Changed in linux (Ubuntu Hardy):
status: New → Fix Committed
Changed in linux (Ubuntu Natty):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Natty):
status: New → Fix Committed
description: updated
description: updated
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. hardy has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against hardy is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux (Ubuntu Hardy):
status: Fix Committed → Won't Fix
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. lucid has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against lucid is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status: Fix Committed → Won't Fix
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. natty has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against natty is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux-ti-omap4 (Ubuntu Natty):
status: Fix Committed → Won't Fix
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. oneiric has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against oneiric is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: Fix Committed → Won't Fix
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. precise has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against precise is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux-ti-omap4 (Ubuntu Precise):
status: Fix Committed → Won't Fix
Jamie Strandboge (jdstrand) wrote :

Undoing inadvertent change.

Changed in linux-ti-omap4 (Ubuntu Precise):
status: Won't Fix → New
status: New → Fix Committed
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: Fix Committed → Won't Fix
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. natty has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against natty is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux (Ubuntu Natty):
status: Fix Committed → Won't Fix
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. oneiric has reached EOL
(End of Life) for this package and is no longer supported. As
a result, this bug against oneiric is being marked "Won't Fix".
Please see https://wiki.ubuntu.com/Releases for currently
supported Ubuntu releases.

Please feel free to report any other bugs you may find.

Changed in linux (Ubuntu Oneiric):
status: Fix Committed → Won't Fix
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers