CVE-2011-3619

Published: 17 October 2011

The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file.

From the Ubuntu security team

A flaw was discovered in the Linux kernel's AppArmor security interface when invalid information was written to it. An unprivileged local user could use this to cause a denial of service on the system.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(3.11.0-12.19)
Patches:
Upstream: http://git.kernel.org/linus/a5b2c5b2ad5853591a6cac6134cd0f599a720865
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-flo
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.4.0-1.3])
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.4.0-1.7])
linux-grouper
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.1.10-8.28])
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-backport-natty
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.0.0-3.18])
linux-mako
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.4.0-3.21])
linux-manta
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.4.0-4.19])
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (3.0~rc2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist