← Back to team overview

kernel-packages team mailing list archive

[Bug 1441304] Re: CVE-2011-1149

 

CVE-2011-1149

** Also affects: linux (Ubuntu Vivid)
   Importance: Undecided
       Status: New

** Also affects: linux-fsl-imx51 (Ubuntu Vivid)
   Importance: Undecided
       Status: New

** Also affects: linux-mvl-dove (Ubuntu Vivid)
   Importance: Undecided
       Status: New

** Also affects: linux-ec2 (Ubuntu Vivid)
   Importance: Undecided
       Status: New

** Also affects: linux-ti-omap4 (Ubuntu Vivid)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-maverick (Ubuntu Vivid)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-natty (Ubuntu Vivid)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Utopic)
   Importance: Undecided
       Status: New

** Also affects: linux-fsl-imx51 (Ubuntu Utopic)
   Importance: Undecided
       Status: New

** Also affects: linux-mvl-dove (Ubuntu Utopic)
   Importance: Undecided
       Status: New

** Also affects: linux-ec2 (Ubuntu Utopic)
   Importance: Undecided
       Status: New

** Also affects: linux-ti-omap4 (Ubuntu Utopic)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-maverick (Ubuntu Utopic)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-natty (Ubuntu Utopic)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: linux-fsl-imx51 (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: linux-mvl-dove (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: linux-ec2 (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: linux-ti-omap4 (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-maverick (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-natty (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: linux-fsl-imx51 (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: linux-mvl-dove (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: linux-ec2 (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: linux-ti-omap4 (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-maverick (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-natty (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Also affects: linux-fsl-imx51 (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Also affects: linux-mvl-dove (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Also affects: linux-ec2 (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Also affects: linux-ti-omap4 (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-maverick (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Also affects: linux-lts-backport-natty (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Changed in: linux-goldfish (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-goldfish (Ubuntu Lucid)
       Status: New => Invalid

** Changed in: linux-mako (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-mako (Ubuntu Lucid)
       Status: New => Invalid

** Changed in: linux-flo (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-flo (Ubuntu Lucid)
       Status: New => Invalid

** Changed in: linux-manta (Ubuntu Precise)
       Status: New => Invalid

** Changed in: linux-manta (Ubuntu Lucid)
       Status: New => Invalid

** Description changed:

- Placeholder
+ Android before 2.3 does not properly restrict access to the system
+ property space, which allows local applications to bypass the
+ application sandbox and gain privileges, as demonstrated by psneuter and
+ KillingInTheNameOf, related to the use of Android shared memory (ashmem)
+ and ASHMEM_SET_PROT_MASK.

** Changed in: linux-goldfish (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: linux-goldfish (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: linux-goldfish (Ubuntu Lucid)
   Importance: Undecided => Medium

** Changed in: linux-goldfish (Ubuntu Vivid)
   Importance: Undecided => Medium

** Changed in: linux-goldfish (Ubuntu Utopic)
   Importance: Undecided => Medium

** Changed in: linux-mako (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: linux-mako (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: linux-mako (Ubuntu Lucid)
   Importance: Undecided => Medium

** Changed in: linux-mako (Ubuntu Vivid)
   Importance: Undecided => Medium

** Changed in: linux-mako (Ubuntu Utopic)
   Importance: Undecided => Medium

** Changed in: linux-flo (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: linux-flo (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: linux-flo (Ubuntu Lucid)
   Importance: Undecided => Medium

** Changed in: linux-flo (Ubuntu Vivid)
   Importance: Undecided => Medium

** Changed in: linux-flo (Ubuntu Utopic)
   Importance: Undecided => Medium

** Changed in: linux-manta (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: linux-manta (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: linux-manta (Ubuntu Lucid)
   Importance: Undecided => Medium

** Changed in: linux-manta (Ubuntu Vivid)
   Importance: Undecided => Medium

** Changed in: linux-manta (Ubuntu Utopic)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1441304

Title:
  CVE-2011-1149

Status in linux package in Ubuntu:
  New
Status in linux-armadaxp package in Ubuntu:
  New
Status in linux-ec2 package in Ubuntu:
  New
Status in linux-flo package in Ubuntu:
  New
Status in linux-fsl-imx51 package in Ubuntu:
  New
Status in linux-goldfish package in Ubuntu:
  New
Status in linux-lts-backport-maverick package in Ubuntu:
  New
Status in linux-lts-backport-natty package in Ubuntu:
  New
Status in linux-lts-quantal package in Ubuntu:
  New
Status in linux-lts-raring package in Ubuntu:
  New
Status in linux-lts-saucy package in Ubuntu:
  New
Status in linux-lts-trusty package in Ubuntu:
  New
Status in linux-lts-utopic package in Ubuntu:
  New
Status in linux-mako package in Ubuntu:
  New
Status in linux-manta package in Ubuntu:
  New
Status in linux-mvl-dove package in Ubuntu:
  New
Status in linux-ti-omap4 package in Ubuntu:
  New
Status in linux source package in Lucid:
  New
Status in linux-armadaxp source package in Lucid:
  New
Status in linux-ec2 source package in Lucid:
  New
Status in linux-flo source package in Lucid:
  Invalid
Status in linux-fsl-imx51 source package in Lucid:
  New
Status in linux-goldfish source package in Lucid:
  Invalid
Status in linux-lts-backport-maverick source package in Lucid:
  New
Status in linux-lts-backport-natty source package in Lucid:
  New
Status in linux-lts-quantal source package in Lucid:
  New
Status in linux-lts-raring source package in Lucid:
  New
Status in linux-lts-saucy source package in Lucid:
  New
Status in linux-lts-trusty source package in Lucid:
  New
Status in linux-lts-utopic source package in Lucid:
  New
Status in linux-mako source package in Lucid:
  Invalid
Status in linux-manta source package in Lucid:
  Invalid
Status in linux-mvl-dove source package in Lucid:
  New
Status in linux-ti-omap4 source package in Lucid:
  New
Status in linux source package in Precise:
  New
Status in linux-armadaxp source package in Precise:
  New
Status in linux-ec2 source package in Precise:
  New
Status in linux-flo source package in Precise:
  Invalid
Status in linux-fsl-imx51 source package in Precise:
  New
Status in linux-goldfish source package in Precise:
  Invalid
Status in linux-lts-backport-maverick source package in Precise:
  New
Status in linux-lts-backport-natty source package in Precise:
  New
Status in linux-lts-quantal source package in Precise:
  New
Status in linux-lts-raring source package in Precise:
  New
Status in linux-lts-saucy source package in Precise:
  New
Status in linux-lts-trusty source package in Precise:
  New
Status in linux-lts-utopic source package in Precise:
  New
Status in linux-mako source package in Precise:
  Invalid
Status in linux-manta source package in Precise:
  Invalid
Status in linux-mvl-dove source package in Precise:
  New
Status in linux-ti-omap4 source package in Precise:
  New
Status in linux source package in Trusty:
  New
Status in linux-armadaxp source package in Trusty:
  New
Status in linux-ec2 source package in Trusty:
  New
Status in linux-flo source package in Trusty:
  New
Status in linux-fsl-imx51 source package in Trusty:
  New
Status in linux-goldfish source package in Trusty:
  New
Status in linux-lts-backport-maverick source package in Trusty:
  New
Status in linux-lts-backport-natty source package in Trusty:
  New
Status in linux-lts-quantal source package in Trusty:
  New
Status in linux-lts-raring source package in Trusty:
  New
Status in linux-lts-saucy source package in Trusty:
  New
Status in linux-lts-trusty source package in Trusty:
  New
Status in linux-lts-utopic source package in Trusty:
  New
Status in linux-mako source package in Trusty:
  New
Status in linux-manta source package in Trusty:
  New
Status in linux-mvl-dove source package in Trusty:
  New
Status in linux-ti-omap4 source package in Trusty:
  New
Status in linux source package in Utopic:
  New
Status in linux-armadaxp source package in Utopic:
  New
Status in linux-ec2 source package in Utopic:
  New
Status in linux-flo source package in Utopic:
  New
Status in linux-fsl-imx51 source package in Utopic:
  New
Status in linux-goldfish source package in Utopic:
  New
Status in linux-lts-backport-maverick source package in Utopic:
  New
Status in linux-lts-backport-natty source package in Utopic:
  New
Status in linux-lts-quantal source package in Utopic:
  New
Status in linux-lts-raring source package in Utopic:
  New
Status in linux-lts-saucy source package in Utopic:
  New
Status in linux-lts-trusty source package in Utopic:
  New
Status in linux-lts-utopic source package in Utopic:
  New
Status in linux-mako source package in Utopic:
  New
Status in linux-manta source package in Utopic:
  New
Status in linux-mvl-dove source package in Utopic:
  New
Status in linux-ti-omap4 source package in Utopic:
  New
Status in linux source package in Vivid:
  New
Status in linux-armadaxp source package in Vivid:
  New
Status in linux-ec2 source package in Vivid:
  New
Status in linux-flo source package in Vivid:
  New
Status in linux-fsl-imx51 source package in Vivid:
  New
Status in linux-goldfish source package in Vivid:
  New
Status in linux-lts-backport-maverick source package in Vivid:
  New
Status in linux-lts-backport-natty source package in Vivid:
  New
Status in linux-lts-quantal source package in Vivid:
  New
Status in linux-lts-raring source package in Vivid:
  New
Status in linux-lts-saucy source package in Vivid:
  New
Status in linux-lts-trusty source package in Vivid:
  New
Status in linux-lts-utopic source package in Vivid:
  New
Status in linux-mako source package in Vivid:
  New
Status in linux-manta source package in Vivid:
  New
Status in linux-mvl-dove source package in Vivid:
  New
Status in linux-ti-omap4 source package in Vivid:
  New

Bug description:
  Android before 2.3 does not properly restrict access to the system
  property space, which allows local applications to bypass the
  application sandbox and gain privileges, as demonstrated by psneuter
  and KillingInTheNameOf, related to the use of Android shared memory
  (ashmem) and ASHMEM_SET_PROT_MASK.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1441304/+subscriptions


References