CVE-2011-4621

Published: 23 December 2011

The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop.

From the Ubuntu Security Team

It was discovered that some import kernel threads can be blocked by a user level process. An unprivileged local user could exploit this flaw to cause a denial of service.

Priority

Cvss 3 Severity Score

5.5

Score breakdown

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	hardy	Not vulnerable
	lucid	Not vulnerable
	maverick	Released (2.6.35-27.47)
	natty	Not vulnerable (2.6.37-11.25)
	oneiric	Not vulnerable (2.6.39-0.0)
	precise	Not vulnerable (3.1.0-1.1)
	quantal	Not vulnerable (3.1.0-1.0)
	upstream	Released (2.6.37~rc7)
	Patches: Introduced by a64692a3afd85fe048551ab89142fd5ca99a0dbd Fixed by f26f9aff6aaf67e9a430d16c266f91b13a5bff64
linux-armadaxp Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	precise	Not vulnerable (3.2.0-1600.1)
	quantal	Not vulnerable (3.2.0-1602.5)
	upstream	Released (2.6.37~rc7)
linux-ec2 Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Not vulnerable
	maverick	Ignored (binary supplied by "linux" now)
	natty	Does not exist
	oneiric	Does not exist
	precise	Does not exist
	quantal	Does not exist
	upstream	Released (2.6.37~rc7)
linux-fsl-imx51 Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Not vulnerable
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	precise	Does not exist
	quantal	Does not exist
	upstream	Released (2.6.37~rc7)
linux-lts-backport-maverick Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Released (2.6.35-28.50~lucid1)
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	precise	Does not exist
	quantal	Does not exist
	upstream	Released (2.6.37~rc7)
linux-lts-backport-natty Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Not vulnerable (2.6.38-1.27~lucid1)
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	precise	Does not exist
	quantal	Does not exist
	upstream	Released (2.6.37~rc7)
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Not vulnerable (3.0.0-5.6~lucid1)
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	precise	Does not exist
	quantal	Does not exist
	upstream	Released (2.6.37~rc7)
linux-mvl-dove Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Not vulnerable
	maverick	Not vulnerable
	natty	Does not exist
	oneiric	Does not exist
	precise	Does not exist
	quantal	Does not exist
	upstream	Released (2.6.37~rc7)
linux-ti-omap4 Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Does not exist
	maverick	Released (2.6.35-903.30)
	natty	Released (2.6.38-1201.2)
	oneiric	Not vulnerable (2.6.38-1309.13)
	precise	Not vulnerable (3.0.0-1401.2)
	quantal	Not vulnerable (3.0.0-1401.2)
	upstream	Released (2.6.37~rc7)

Severity score breakdown

Parameter	Value
Base score	5.5
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	None
Integrity impact	None
Availability impact	High
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›