CVE-2011-1593

Published: 03 May 2011

Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.

From the Ubuntu security team

Tavis Ormandy discovered that the pidmap function did not correctly handle large requests. A local attacker could exploit this to crash the system, leading to a denial of service.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
Patches:
Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d8bdc59f215e62098bc5b4256fd9928bf27053a1
Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c78193e9c7bcbf25b8237ad0dec82f805c4ea69b
linux-ec2
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-fsl-imx51
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-mvl-dove
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-source-2.6.15
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)
linux-ti-omap4
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.39~rc4)

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading