Your submission was sent successfully! Close

CVE-2011-4127

Published: 23 December 2011

The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.

From the Ubuntu security team

Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-armadaxp
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-ec2
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-flo
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-goldfish
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-grouper
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-quantal
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-raring
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-trusty
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-utopic
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-vivid
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-wily
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-lts-xenial
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-maguro
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-mako
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-manta
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-mvl-dove
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-raspi2
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-snapdragon
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)
linux-ti-omap4
Launchpad, Ubuntu, Debian
upstream
Released (3.3~rc1)

Notes

AuthorNote
apw
This seems to be seens as the right thing to do, but not so late
in 3.2, expect to see something applied in the early merge window
https://lkml.org/lkml/2011/12/22/366
The fixes have now hit mainline, there is a strong possibility that
when these are applied to older releases we will get functionality
regressions, will get them on precise as soon as possible.

References

Bugs