kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #117917
[Bug 894371] Re: CVE-2011-4112
** Description changed:
- Kernel panic when running pktgen on a bridge over vlan.
+ The net subsystem in the Linux kernel before 3.1 does not properly restrict
+ use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a
+ denial of service (panic) by leveraging the CAP_NET_ADMIN capability to
+ access /proc/net/pktgen/pgctrl, and then using the pktgen package in
+ conjunction with a bridge device for a VLAN interface.
+
+ Break-Fix: - d8873315065f1f527c7c380402cf59b1e1d0ae36
+ Break-Fix: - 550fd08c2cebad61c548def135f67aba284c6162
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-lts-backport-maverick in Ubuntu.
https://bugs.launchpad.net/bugs/894371
Title:
CVE-2011-4112
Status in linux package in Ubuntu:
Invalid
Status in linux-ec2 package in Ubuntu:
Invalid
Status in linux-fsl-imx51 package in Ubuntu:
Invalid
Status in linux-lts-backport-maverick package in Ubuntu:
Invalid
Status in linux-lts-backport-natty package in Ubuntu:
Invalid
Status in linux-lts-backport-oneiric package in Ubuntu:
Invalid
Status in linux-mvl-dove package in Ubuntu:
Invalid
Status in linux-ti-omap4 package in Ubuntu:
Fix Released
Status in linux source package in Lucid:
New
Status in linux-ec2 source package in Lucid:
New
Status in linux-fsl-imx51 source package in Lucid:
New
Status in linux-lts-backport-maverick source package in Lucid:
Won't Fix
Status in linux-lts-backport-natty source package in Lucid:
Won't Fix
Status in linux-lts-backport-oneiric source package in Lucid:
Won't Fix
Status in linux-mvl-dove source package in Lucid:
New
Status in linux-ti-omap4 source package in Lucid:
Invalid
Status in linux source package in Maverick:
Won't Fix
Status in linux-ec2 source package in Maverick:
Invalid
Status in linux-fsl-imx51 source package in Maverick:
Invalid
Status in linux-lts-backport-maverick source package in Maverick:
Invalid
Status in linux-lts-backport-natty source package in Maverick:
Invalid
Status in linux-lts-backport-oneiric source package in Maverick:
Invalid
Status in linux-mvl-dove source package in Maverick:
Won't Fix
Status in linux-ti-omap4 source package in Maverick:
Won't Fix
Status in linux source package in Natty:
Won't Fix
Status in linux-ec2 source package in Natty:
Invalid
Status in linux-fsl-imx51 source package in Natty:
Invalid
Status in linux-lts-backport-maverick source package in Natty:
Invalid
Status in linux-lts-backport-natty source package in Natty:
Invalid
Status in linux-lts-backport-oneiric source package in Natty:
Invalid
Status in linux-mvl-dove source package in Natty:
Invalid
Status in linux-ti-omap4 source package in Natty:
Won't Fix
Status in linux source package in Oneiric:
Won't Fix
Status in linux-ec2 source package in Oneiric:
Invalid
Status in linux-fsl-imx51 source package in Oneiric:
Invalid
Status in linux-lts-backport-maverick source package in Oneiric:
Invalid
Status in linux-lts-backport-natty source package in Oneiric:
Invalid
Status in linux-lts-backport-oneiric source package in Oneiric:
Invalid
Status in linux-mvl-dove source package in Oneiric:
Invalid
Status in linux-ti-omap4 source package in Oneiric:
Fix Released
Status in linux source package in Precise:
Invalid
Status in linux-ec2 source package in Precise:
Invalid
Status in linux-fsl-imx51 source package in Precise:
Invalid
Status in linux-lts-backport-maverick source package in Precise:
Invalid
Status in linux-lts-backport-natty source package in Precise:
Invalid
Status in linux-lts-backport-oneiric source package in Precise:
Invalid
Status in linux-mvl-dove source package in Precise:
Invalid
Status in linux-ti-omap4 source package in Precise:
Fix Released
Status in linux source package in Hardy:
Won't Fix
Status in linux-ec2 source package in Hardy:
Invalid
Status in linux-fsl-imx51 source package in Hardy:
Invalid
Status in linux-lts-backport-maverick source package in Hardy:
Invalid
Status in linux-lts-backport-natty source package in Hardy:
Invalid
Status in linux-lts-backport-oneiric source package in Hardy:
Invalid
Status in linux-mvl-dove source package in Hardy:
Invalid
Status in linux-ti-omap4 source package in Hardy:
Invalid
Bug description:
The net subsystem in the Linux kernel before 3.1 does not properly restrict
use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a
denial of service (panic) by leveraging the CAP_NET_ADMIN capability to
access /proc/net/pktgen/pgctrl, and then using the pktgen package in
conjunction with a bridge device for a VLAN interface.
Break-Fix: - d8873315065f1f527c7c380402cf59b1e1d0ae36
Break-Fix: - 550fd08c2cebad61c548def135f67aba284c6162
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/894371/+subscriptions