CVE-2012-2373
Published: 18 May 2012
The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition.
From the Ubuntu security team
Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(4.2.0-16.19)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Not vulnerable
(3.11.0-12.19)
|
|
Patches: Other: http://permalink.gmane.org/gmane.linux.kernel.mm/78590 Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Fixed by 26c191788f18129af0eb32a358cdaea0c7479626 |
||
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-linaro-omap Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-linaro-shared Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-linaro-vexpress Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-qcm-msm Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-armadaxp Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-quantal Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-raring Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-goldfish Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(3.4.0-4.27)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
linux-grouper Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [abandoned])
|
|
linux-maguro Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [abandoned])
|
|
linux-mako Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Ignored
(abandoned)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
linux-manta Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was not-affected [3.4.0-4.19])
|
|
linux-flo Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Ignored
(abandoned)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-utopic Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was not-affected [3.16.0-25.33~14.04.2])
|
|
linux-lts-vivid Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was not-affected [3.19.0-18.18~14.04.1])
|
|
linux-lts-wily Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was not-affected [4.2.0-18.22~14.04.1])
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(4.2.0-1013.19)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Not vulnerable
(4.4.0-13.29~14.04.1)
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(4.4.0-1012.12)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-aws Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(4.4.0-1001.10)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Not vulnerable
(4.4.0-1002.2)
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(4.8.0-36.36~16.04.1)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-hwe Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(4.8.0-36.36~16.04.1)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-gke Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.5~rc1)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(4.4.0-1003.3)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
Notes
Author | Note |
---|---|
jdstrand | linux-armadaxp is maintained by OEM |
henrix | Lucid isn't affected (vulnerable code isn't present) confirmed Debian stable kernel and they tag it as not affected as well |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2373
- http://www.openwall.com/lists/oss-security/2012/05/18/5
- https://usn.ubuntu.com/usn/usn-1529-1
- https://usn.ubuntu.com/usn/usn-1533-1
- https://usn.ubuntu.com/usn/usn-1532-1
- https://usn.ubuntu.com/usn/usn-1514-1
- https://usn.ubuntu.com/usn/usn-1539-1
- NVD
- Launchpad
- Debian