Your submission was sent successfully! Close

CVE-2011-2905

Published: 6 October 2011

Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory.

From the Ubuntu security team

Christian Ohm discovered that the perf command looks for configuration files in the current directory. If a privileged user were tricked into running perf in a directory containing a malicious configuration file, an attacker could run arbitrary commands and possibly gain privileges.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
hardy Not vulnerable

lucid
Released (2.6.32-35.78)
maverick
Released (2.6.35-30.61)
natty
Released (2.6.38-13.52)
oneiric Not vulnerable
(3.0.0-9.12)
upstream
Released (3.1~rc2)
Patches:
Introduced by

0780060124011b94af55830939c86cc0916be0f5

Fixed by aba8d056078e47350d85b06a9cabd5afcc4b72ea
linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-319.39)
maverick Ignored
(binary supplied by "linux" now)
natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.31-611.29)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.35-30.61~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.38-13.52~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-219.37)
maverick
Released (2.6.32-419.37)
natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick
Released (2.6.35-903.26)
natty
Released (2.6.38-1209.17)
oneiric Not vulnerable
(3.0.0-1204.9)
upstream
Released (3.1~rc2)