Your submission was sent successfully! Close

CVE-2011-2689

Published: 28 July 2011

The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space.

From the Ubuntu Security Team

It was discovered that GFS2 did not correctly check block sizes. A local attacker could exploit this to crash the system, leading to a denial of service.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
hardy Not vulnerable

lucid Not vulnerable

maverick Not vulnerable

natty
Released (2.6.38-11.49)
oneiric Not vulnerable
(3.0-0.1)
precise Not vulnerable
(3.1.0-1.1)
quantal Not vulnerable

saucy Not vulnerable

trusty Not vulnerable
(3.11.0-12.19)
upstream
Released (3.0~rc1)
Patches:
Introduced by

3921120e757f9167f3fcd3a1781239824471b14d

Fixed by 6905d9e4dda6112f007e9090bca80507da158e63
linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Ignored
(binary supplied by "linux" now)
natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.0~rc1)
linux-flo
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist
(trusty was not-affected [3.4.0-1.3])
upstream
Released (3.0~rc1)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.0~rc1)
linux-goldfish
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was not-affected [3.4.0-1.7])
upstream
Released (3.0~rc1)
linux-grouper
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was not-affected [3.1.10-8.28])
upstream
Released (3.0~rc1)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.0~rc1)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.38-11.49~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.0~rc1)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.0~rc1)
linux-maguro
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was not-affected [3.0.0-3.18])
upstream
Released (3.0~rc1)
linux-mako
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was not-affected [3.4.0-3.21])
upstream
Released (3.0~rc1)
linux-manta
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was not-affected [3.4.0-4.19])
upstream
Released (3.0~rc1)
linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Not vulnerable

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.0~rc1)
linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick Not vulnerable

natty
Released (2.6.38-1209.15)
oneiric Not vulnerable
(3.0.0-1204.9)
precise Not vulnerable
(3.0.0-1401.2)
quantal Not vulnerable

saucy Not vulnerable

trusty Does not exist

upstream
Released (3.0~rc1)