CVE-2011-1020

Published: 28 February 2011

The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.

From the Ubuntu Security Team

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities.

Priority

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Released (2.6.24-29.93)
	karmic	Ignored
	lucid	Released (2.6.32-34.73)
	maverick	Released (2.6.35-30.57)
	natty	Released (2.6.38-11.49)
	oneiric	Not vulnerable (2.6.39-0.1)
	upstream	Released (2.6.39~rc1)
	Patches: Introduced by 85863e475e59afb027b0113290e3796ee6020b7d Fixed by ca6b0bf0e086513b9ee5efc0aa5770ecb57778af Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Fixed by ec6fd8a4355cda81cd9f06bebc048e83eb514ac7 Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Fixed by d6f64b89d7ff22ce05896ab4a93a653e8d0b123d Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Fixed by 2fadaef41283aad7100fa73f01998cddaca25833 Introduced by ebcb67341fee34061430f3367f2e507e52ee051b Fixed by a9712bc12c40c172e393f85a9b2ba8db4bf59509
linux-ec2 Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	karmic	Ignored (reached end-of-life)
	lucid	Released (2.6.32-318.37)
	maverick	Ignored (binary supplied by "linux" now)
	natty	Does not exist
	oneiric	Does not exist
	upstream	Released (2.6.39~rc1)
linux-fsl-imx51 Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	karmic	Ignored (reached end-of-life)
	lucid	Released (2.6.31-610.27)
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	upstream	Released (2.6.39~rc1)
linux-lts-backport-maverick Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	karmic	Does not exist
	lucid	Released (2.6.35-30.57~lucid1)
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	upstream	Released (2.6.39~rc1)
linux-lts-backport-natty Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Released (2.6.38-11.49~lucid1)
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	upstream	Released (2.6.39~rc1)
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Not vulnerable
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	upstream	Released (2.6.39~rc1)
linux-mvl-dove Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	karmic	Ignored (abandonded branch)
	lucid	Released (2.6.32-218.35)
	maverick	Released (2.6.32-418.35)
	natty	Does not exist
	oneiric	Does not exist
	upstream	Released (2.6.39~rc1)
linux-ti-omap4 Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	karmic	Does not exist
	lucid	Does not exist
	maverick	Released (2.6.35-903.23)
	natty	Released (2.6.38-1209.15)
	oneiric	Not vulnerable (3.0.0-1204.9)
	upstream	Released (2.6.39~rc1)

References

Bugs

https://launchpad.net/bugs/813026

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›