CVE-2011-4621

Published: 23 December 2011

The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop.

From the Ubuntu security team

It was discovered that some import kernel threads can be blocked by a user level process. An unprivileged local user could exploit this flaw to cause a denial of service.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)
Patches:
Introduced by a64692a3afd85fe048551ab89142fd5ca99a0dbd
Fixed by f26f9aff6aaf67e9a430d16c266f91b13a5bff64
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc7)