Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2011-4086

Published: 9 February 2012

The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal.

From the Ubuntu Security Team

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service.

Notes

AuthorNote
apw
This is sitting in Ted Ts'o's dev tree presumably waiting on the 3.4
merge window, the issue is masked from v3.2 onwards by other commits.
The commit itself is marked for stable and for now I suspect we should
wait for it.  We have no stable commit id as yet, see:
jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer
this has now appeared upstream (see below)
Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
hardy
Released (2.6.24-31.101)
lucid
Released (2.6.32-41.89)
maverick Ignored
(reached end-of-life)
natty
Released (2.6.38-15.59)
oneiric
Released (3.0.0-19.32)
precise Not vulnerable
(3.2.0-22.35)
quantal Not vulnerable
(3.4.0-1.1)
raring Not vulnerable
(3.7.0-0.5)
saucy Not vulnerable
(3.9.0-0.2)
trusty Not vulnerable
(3.11.0-12.19)
upstream
Released (3.4~rc1)
utopic Not vulnerable
(3.13.0-24.46)
vivid Not vulnerable
(3.16.0-23.31)
wily Not vulnerable
(3.19.0-15.15)
xenial Not vulnerable
(4.2.0-16.19)
yakkety Not vulnerable
(4.4.0-21.37)
zesty Not vulnerable
(4.8.0-22.24)
Patches:
Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 15291164b22a357cb211b618adfef4fa82fc0de3
linux-armadaxp
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist
(precise was not-affected [3.2.0-1602.5])
quantal Not vulnerable
(3.2.0-1602.5)
raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-aws
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable
(4.4.0-1002.2)
upstream
Released (3.4~rc1)
xenial Not vulnerable
(4.4.0-1001.10)
yakkety Does not exist

zesty Does not exist

linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-345.48)
maverick Ignored
(binary supplied by "linux" now)
natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-flo
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist
(trusty was not-affected [3.4.0-1.3])
upstream
Released (3.4~rc1)
utopic Not vulnerable
(3.4.0-3.10)
vivid Not vulnerable
(3.4.0-3.15)
wily Not vulnerable
(3.4.0-4.18)
xenial Not vulnerable
(3.4.0-5.22)
yakkety Not vulnerable
(3.4.0-3.15)
zesty Does not exist

linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(reached end-of-life)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-gke
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
xenial Not vulnerable
(4.4.0-1003.3)
yakkety Does not exist

zesty Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was not-affected [3.4.0-1.9])
upstream
Released (3.4~rc1)
utopic Not vulnerable
(3.4.0-3.14)
vivid Not vulnerable
(3.4.0-4.23)
wily Not vulnerable
(3.4.0-4.24)
xenial Not vulnerable
(3.4.0-4.27)
yakkety Not vulnerable
(3.4.0-4.27)
zesty Not vulnerable
(3.4.0-4.27)
linux-grouper
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (3.4~rc1)
utopic Ignored
(reached end-of-life)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
xenial Not vulnerable
(4.8.0-36.36~16.04.1)
yakkety Does not exist

zesty Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
xenial Not vulnerable
(4.8.0-36.36~16.04.1)
yakkety Does not exist

zesty Does not exist

linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(reached end-of-life)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.38-15.59~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (3.0.0-19.32~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-quantal
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

oneiric Does not exist

precise Does not exist
(precise was not-affected [3.5.0-18.29~precise1])
quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-raring
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

oneiric Does not exist

precise Does not exist
(precise was not-affected [3.8.0-19.30~precise1])
quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-trusty
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable
(3.13.0-24.46~precise1)
saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

trusty Does not exist
(trusty was not-affected [3.16.0-25.33~14.04.2])
upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-vivid
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

trusty Does not exist
(trusty was not-affected [3.19.0-18.18~14.04.1])
upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-wily
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was not-affected [4.2.0-18.22~14.04.1])
upstream
Released (3.4~rc1)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable
(4.4.0-13.29~14.04.1)
upstream
Released (3.4~rc1)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-mako
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was not-affected [3.4.0-3.21])
upstream
Released (3.4~rc1)
utopic Not vulnerable
(3.4.0-5.28)
vivid Not vulnerable
(3.4.0-5.34)
wily Not vulnerable
(3.4.0-6.37)
xenial Not vulnerable
(3.4.0-7.40)
yakkety Not vulnerable
(3.4.0-5.34)
zesty Does not exist

linux-manta
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was not-affected [3.4.0-4.19])
upstream
Released (3.4~rc1)
utopic Not vulnerable
(3.4.0-6.25)
vivid Not vulnerable
(3.4.0-6.29)
wily Not vulnerable
(3.4.0-7.32)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(reached end-of-life)
maverick Ignored
(reached end-of-life)
natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
vivid Does not exist

wily Not vulnerable
(4.2.0-1008.12)
xenial Not vulnerable
(4.2.0-1013.19)
yakkety Not vulnerable
(4.4.0-1009.10)
zesty Not vulnerable
(4.8.0-1013.15)
linux-snapdragon
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (3.4~rc1)
wily Does not exist

xenial Not vulnerable
(4.4.0-1012.12)
yakkety Not vulnerable
(4.4.0-1012.12)
zesty Not vulnerable
(4.4.0-1029.32)
linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick Ignored
(reached end-of-life)
natty
Released (2.6.38-1209.24)
oneiric
Released (3.0.0-1209.20)
precise Does not exist
(precise was not-affected [3.2.0-1412.15])
quantal Not vulnerable
(3.2.0-1412.15)
raring Not vulnerable
(3.2.0-1412.15)
saucy Not vulnerable
(3.5.0-223.34)
trusty Does not exist

upstream
Released (3.4~rc1)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist