CVE-2010-2243

Published: 07 November 2019

A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by ad6759fbf35d104dbf573cd6f4c6784ad6823f7e
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-lts-quantal
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-lts-raring
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc2)

Notes

AuthorNote
apw
this is is fixed by the commit below:
ad6759fbf35d104dbf573cd6f4c6784ad6823f7e
CONFIG_GENERIC_TIME must be disabled to trigger the issue too and
this option was removed moving =y everywhere in the commit below:
592913ecb87a9e06f98ddb55b298f1a66bf94c6b
the option already existed in v2.6.24.
confirmed configuration was always on for hardy, lucid and maverick

References