CVE-2012-3511

Published: 24 August 2012

Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.

From the Ubuntu security team

A flaw was discovered in the madvise feature of the Linux kernel's memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system).

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.2.0-16.19)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(3.11.0-12.19)
Patches:
Introduced by 90ed52ebe48181d3c5427b3bd1d24f659e7575ad
Fixed by 9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb
linux-ec2
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-mvl-dove
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-ti-omap4
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-backport-maverick
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-fsl-imx51
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-backport-natty
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-linaro-omap
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-linaro-shared
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-linaro-vexpress
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-qcm-msm
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-armadaxp
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(3.4.0-4.27)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [was needed now end-of-life])
linux-grouper
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
linux-maguro
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
linux-mako
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(3.4.0-7.40)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.4.0-4.25])
linux-manta
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.4.0-4.19])
linux-flo
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(3.4.0-5.22)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.4.0-1.3])
linux-lts-trusty
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.16.0-25.33~14.04.2])
linux-lts-vivid
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.19.0-18.18~14.04.1])
linux-lts-wily
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [4.2.0-18.22~14.04.1])
linux-raspi2
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.2.0-1013.19)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(4.4.0-13.29~14.04.1)
linux-snapdragon
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1012.12)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-aws
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1001.10)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(4.4.0-1002.2)
linux-hwe-edge
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-hwe
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gke
Launchpad, Ubuntu, Debian 		Upstream
Released (3.5~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1003.3)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Notes

AuthorNote
jdstrand 
linux-armadaxp is maintained by OEM
sbeattie 
introduced in
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=90ed52ebe48181d3c5427b3bd1d24f659e7575ad

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading