CVE-2011-1017

Published: 01 March 2011

Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table.

From the Ubuntu security team

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
Patches:
Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=c340b1d640001c8c9ecff74f68fd90422ae2448a
linux-ec2
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-fsl-imx51
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-mvl-dove
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-source-2.6.15
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-ti-omap4
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading