CVE-2011-1019
Bug #804366 reported by
Paolo Pisati
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Hardy |
Invalid
|
Medium
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Unassigned | ||
Maverick |
Invalid
|
Medium
|
Unassigned | ||
Natty |
Invalid
|
Medium
|
Unassigned | ||
Oneiric |
Invalid
|
Medium
|
Unassigned | ||
linux-ec2 (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Hardy |
Invalid
|
Medium
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Unassigned | ||
Maverick |
Invalid
|
Medium
|
Unassigned | ||
Natty |
Invalid
|
Medium
|
Unassigned | ||
Oneiric |
Invalid
|
Medium
|
Unassigned | ||
linux-fsl-imx51 (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Hardy |
Invalid
|
Medium
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Unassigned | ||
Maverick |
Invalid
|
Medium
|
Unassigned | ||
Natty |
Invalid
|
Medium
|
Unassigned | ||
Oneiric |
Invalid
|
Medium
|
Unassigned | ||
linux-linaro (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Hardy |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Undecided
|
Unassigned | ||
Maverick |
Invalid
|
Undecided
|
Unassigned | ||
Natty |
Invalid
|
Undecided
|
Unassigned | ||
Oneiric |
Invalid
|
Undecided
|
Unassigned | ||
linux-lts-backport-maverick (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Hardy |
Invalid
|
Medium
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Unassigned | ||
Maverick |
Invalid
|
Medium
|
Unassigned | ||
Natty |
Invalid
|
Medium
|
Unassigned | ||
Oneiric |
Invalid
|
Medium
|
Unassigned | ||
linux-lts-backport-natty (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Hardy |
Invalid
|
Medium
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Unassigned | ||
Maverick |
Invalid
|
Medium
|
Unassigned | ||
Natty |
Invalid
|
Medium
|
Unassigned | ||
Oneiric |
Invalid
|
Medium
|
Unassigned | ||
linux-mvl-dove (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Hardy |
Invalid
|
Medium
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Unassigned | ||
Maverick |
Invalid
|
Medium
|
Unassigned | ||
Natty |
Invalid
|
Medium
|
Unassigned | ||
Oneiric |
Invalid
|
Medium
|
Unassigned | ||
linux-qcm-msm (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Hardy |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Undecided
|
Unassigned | ||
Maverick |
Invalid
|
Undecided
|
Unassigned | ||
Natty |
Invalid
|
Undecided
|
Unassigned | ||
Oneiric |
Invalid
|
Undecided
|
Unassigned | ||
linux-ti-omap4 (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Hardy |
Invalid
|
Medium
|
Unassigned | ||
Lucid |
Invalid
|
Medium
|
Unassigned | ||
Maverick |
Invalid
|
Medium
|
Unassigned | ||
Natty |
Invalid
|
Medium
|
Unassigned | ||
Oneiric |
Invalid
|
Medium
|
Unassigned |
Bug Description
Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not needed to load kernel modules. A local attacker with the CAP_NET_ADMIN capability could load existing kernel modules, possibly increasing the attack surface available on the system.
Break-Fix: a8f80e8ff94ecba
Related branches
CVE References
- 2010-3296
- 2010-3297
- 2010-3858
- 2010-3859
- 2010-3880
- 2010-4073
- 2010-4076
- 2010-4077
- 2010-4080
- 2010-4081
- 2010-4082
- 2010-4083
- 2010-4157
- 2010-4162
- 2010-4163
- 2010-4169
- 2010-4175
- 2010-4242
- 2010-4243
- 2010-4248
- 2010-4256
- 2010-4565
- 2010-4649
- 2011-0463
- 2011-0695
- 2011-0711
- 2011-0726
- 2011-1010
- 2011-1012
- 2011-1013
- 2011-1016
- 2011-1017
- 2011-1019
- 2011-1020
- 2011-1078
- 2011-1079
- 2011-1080
- 2011-1082
- 2011-1090
- 2011-1093
- 2011-1160
- 2011-1163
- 2011-1169
- 2011-1170
- 2011-1171
- 2011-1172
- 2011-1173
- 2011-1180
- 2011-1478
- 2011-1493
- 2011-1494
- 2011-1577
- 2011-1598
- 2011-1748
- 2011-1770
- 2011-1833
- 2011-2484
- 2011-2492
- 2011-2534
- 2011-2699
- 2011-2918
visibility: | private → public |
tags: | added: kernel-cve-tracker |
Changed in linux-ec2 (Ubuntu Maverick): | |
status: | New → Invalid |
Changed in linux-lts-backport-natty (Ubuntu Maverick): | |
status: | New → Invalid |
Changed in linux-mvl-dove (Ubuntu Maverick): | |
status: | New → Fix Released |
Changed in linux-lts-backport-maverick (Ubuntu Maverick): | |
status: | New → Invalid |
Changed in linux (Ubuntu Maverick): | |
status: | New → Fix Released |
Changed in linux-ti-omap4 (Ubuntu Maverick): | |
status: | New → Fix Committed |
Changed in linux-fsl-imx51 (Ubuntu Maverick): | |
status: | New → Invalid |
description: | updated |
Changed in linux-ec2 (Ubuntu Lucid): | |
status: | New → Fix Released |
Changed in linux-ec2 (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in linux-ec2 (Ubuntu Hardy): | |
status: | New → Invalid |
Changed in linux-ec2 (Ubuntu Natty): | |
status: | New → Invalid |
Changed in linux-lts-backport-natty (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-lts-backport-natty (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in linux-lts-backport-natty (Ubuntu Hardy): | |
status: | New → Invalid |
Changed in linux-lts-backport-natty (Ubuntu Natty): | |
status: | New → Invalid |
Changed in linux-mvl-dove (Ubuntu Lucid): | |
status: | New → Fix Released |
Changed in linux-mvl-dove (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in linux-mvl-dove (Ubuntu Hardy): | |
status: | New → Invalid |
Changed in linux-mvl-dove (Ubuntu Natty): | |
status: | New → Invalid |
Changed in linux-lts-backport-maverick (Ubuntu Lucid): | |
status: | New → Fix Released |
Changed in linux-lts-backport-maverick (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in linux-lts-backport-maverick (Ubuntu Hardy): | |
status: | New → Invalid |
Changed in linux-lts-backport-maverick (Ubuntu Natty): | |
status: | New → Invalid |
Changed in linux (Ubuntu Lucid): | |
status: | New → Fix Released |
Changed in linux (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in linux (Ubuntu Hardy): | |
status: | New → Invalid |
Changed in linux (Ubuntu Natty): | |
status: | New → Fix Released |
Changed in linux-ti-omap4 (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-ti-omap4 (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in linux-ti-omap4 (Ubuntu Hardy): | |
status: | New → Invalid |
Changed in linux-ti-omap4 (Ubuntu Natty): | |
status: | New → Fix Committed |
Changed in linux-fsl-imx51 (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux-fsl-imx51 (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in linux-fsl-imx51 (Ubuntu Hardy): | |
status: | New → Invalid |
Changed in linux-fsl-imx51 (Ubuntu Natty): | |
status: | New → Invalid |
description: | updated |
Changed in linux-ec2 (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in linux-ec2 (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in linux-ec2 (Ubuntu Hardy): | |
importance: | Undecided → Medium |
Changed in linux-ec2 (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in linux-ec2 (Ubuntu Natty): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-natty (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-natty (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-natty (Ubuntu Hardy): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-natty (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-natty (Ubuntu Natty): | |
importance: | Undecided → Medium |
Changed in linux-mvl-dove (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in linux-mvl-dove (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in linux-mvl-dove (Ubuntu Hardy): | |
importance: | Undecided → Medium |
Changed in linux-mvl-dove (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in linux-mvl-dove (Ubuntu Natty): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-maverick (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-maverick (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-maverick (Ubuntu Hardy): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-maverick (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in linux-lts-backport-maverick (Ubuntu Natty): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Hardy): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Natty): | |
importance: | Undecided → Medium |
Changed in linux-ti-omap4 (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in linux-ti-omap4 (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in linux-ti-omap4 (Ubuntu Hardy): | |
importance: | Undecided → Medium |
Changed in linux-ti-omap4 (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in linux-ti-omap4 (Ubuntu Natty): | |
importance: | Undecided → Medium |
Changed in linux-fsl-imx51 (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in linux-fsl-imx51 (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in linux-fsl-imx51 (Ubuntu Hardy): | |
importance: | Undecided → Medium |
Changed in linux-fsl-imx51 (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in linux-fsl-imx51 (Ubuntu Natty): | |
importance: | Undecided → Medium |
Changed in linux-linaro (Ubuntu): | |
status: | Won't Fix → Invalid |
Changed in linux-qcm-msm (Ubuntu): | |
status: | New → Invalid |
Changed in linux (Ubuntu Lucid): | |
status: | Fix Released → Invalid |
Changed in linux-ec2 (Ubuntu Lucid): | |
status: | Fix Released → Invalid |
Changed in linux-linaro (Ubuntu Lucid): | |
status: | Won't Fix → Invalid |
Changed in linux-lts-backport-maverick (Ubuntu Lucid): | |
status: | Fix Released → Invalid |
Changed in linux-mvl-dove (Ubuntu Lucid): | |
status: | Fix Released → Invalid |
Changed in linux-qcm-msm (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux (Ubuntu Maverick): | |
status: | Fix Released → Invalid |
Changed in linux-linaro (Ubuntu Maverick): | |
status: | Won't Fix → Invalid |
Changed in linux-mvl-dove (Ubuntu Maverick): | |
status: | Fix Released → Invalid |
Changed in linux-qcm-msm (Ubuntu Maverick): | |
status: | New → Invalid |
Changed in linux-ti-omap4 (Ubuntu Maverick): | |
status: | Fix Released → Invalid |
Changed in linux (Ubuntu Natty): | |
status: | Fix Released → Invalid |
Changed in linux-linaro (Ubuntu Natty): | |
status: | Won't Fix → Invalid |
Changed in linux-qcm-msm (Ubuntu Natty): | |
status: | New → Invalid |
Changed in linux-ti-omap4 (Ubuntu Natty): | |
status: | Fix Committed → Invalid |
Changed in linux-linaro (Ubuntu Oneiric): | |
status: | Won't Fix → Invalid |
Changed in linux-qcm-msm (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in linux-linaro (Ubuntu Hardy): | |
status: | Won't Fix → Invalid |
Changed in linux-qcm-msm (Ubuntu Hardy): | |
status: | New → Invalid |
To post a comment you must log in.
This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.24
---------------
linux-ti-omap4 (2.6.35-903.24) maverick-proposed; urgency=low
* Release tracking bug
- LP: #838037
[ Upstream Kernel Changes ]
* ipv6: make fragment identifications less predictable, CVE-2011-2699
- LP: #827685
- CVE-2011-2699
* perf: Fix software event overflow, CVE-2011-2918
- LP: #834121
- CVE-2011-2918
* proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
- LP: #813026
- CVE-2011-1020
linux-ti-omap4 (2.6.35-903.23) maverick-proposed; urgency=low
* Release tracking bug
- LP: #829655
[ Upstream Kernel Changes ]
* drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016 ldm.c: fix oops caused by corrupted partition table, net/cxgb3/ cxgb3_main. c: prevent reading uninitialized stack
- LP: #745686
- CVE-2011-1016
* drm/radeon: fix regression with AA resolve checking, CVE-2011-1016
- LP: #745686
- CVE-2011-1016
* can-bcm: fix minor heap overflow
- LP: #690730
* CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565
- LP: #765007
- CVE-2010-4565
* av7110: check for negative array offset
- LP: #747520
* xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
CVE-2011-0711
- LP: #767740
- CVE-2011-0711
* ALSA: caiaq - Fix possible string-buffer overflow
- LP: #747520
* IB/cm: Bump reference count on cm_id before invoking callback,
CVE-2011-0695
- LP: #770369
- CVE-2011-0695
* RDMA/cma: Fix crash in request handlers, CVE-2011-0695
- LP: #770369
- CVE-2011-0695
* Treat writes as new when holes span across page boundaries,
CVE-2011-0463
- LP: #770483
- CVE-2011-0463
* net: clear heap allocations for privileged ethtool actions
- LP: #686158
* usb: iowarrior: don't trust report_size for buffer size
- LP: #747520
* fs/partitions/
CVE-2011-1017
- LP: #771382
- CVE-2011-1017
* Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal
code
- LP: #747520
* Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
- LP: #747520
* exec: make argv/envp memory visible to oom-killer
- LP: #690730
* next_pidmap: fix overflow condition
- LP: #772560
* proc: do proper range check on readdir offset
- LP: #772560
* ALSA: sound/pci/asihpi: check adapter index in hpi_ioctl, CVE-2011-1169
- LP: #785331
- CVE-2011-1169
* mpt2sas: prevent heap overflows and unchecked reads, CVE-2011-1494
- LP: #787145
- CVE-2011-1494
* agp: fix arbitrary kernel memory writes, CVE-1011-2022
- LP: #788684
- CVE-1011-2022
* can: add missing socket check in can/raw release, CVE-2011-1748
- LP: #788694
- CVE-2011-1748
* agp: fix OOM and buffer overflow
- LP: #788700
* drivers/
memory - CVE-2010-3296
- CVE-2010-3296
* drivers/net/eql.c: prevent reading uninitialized stack memory -
CVE-2010-3297
- CVE-2010-3297
* inet_diag: Make sure we actually run the same bytecode we audited,
CVE-2010-3880
- LP: #711865
- CVE-2010-3880
* setup_arg_pages: diagnose excessive argume...