CVE-2011-4611
Published: 15 December 2011
Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events.
From the Ubuntu security team
Maynard Johnson discovered that on POWER7, certain speculative events may raise a performance monitor exception. A local attacker could exploit this to crash the system, leading to a denial of service.
Priority
Low
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
|
Patches: Introduced by 4574910e5087085a1f330ff8373cee4503f5c77c Fixed by 0837e3242c73566fc1c0196b4ec61779c25ffc93 |
||
|
linux-armadaxp Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
|
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
|
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.39~rc1)
|
Notes
| Author | Note |
|---|---|
| jdstrand | may not apply to Ubuntu. See redhat bug |
| apw | note this can only affect power systems, therefore none of the arm branches can express the issue and so are not-affected |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4611
- https://usn.ubuntu.com/usn/usn-1160-1
- https://usn.ubuntu.com/usn/usn-1141-1
- https://usn.ubuntu.com/usn/usn-1162-1
- https://usn.ubuntu.com/usn/usn-1159-1
- https://usn.ubuntu.com/usn/usn-1187-1
- NVD
- Launchpad
- Debian