CVE-2012-5374
Published: 18 February 2013
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value.
From the Ubuntu security team
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Not vulnerable
(3.11.0-12.19)
|
|
Patches: Introduced by 39279cc3d2704cfbf9c35dcb5bdd392159ae4625 Fixed by 9c52057c698fb96f8f07e7a4bcf4801a092bda89 |
||
linux-armadaxp Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
This package is not directly supported by the Ubuntu Security Team | ||
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-flo Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-goldfish Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
linux-grouper Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [see note])
|
|
linux-linaro-omap Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-linaro-shared Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-linaro-vexpress Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-quantal Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-raring Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-saucy Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-maguro Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [see note])
|
|
linux-mako Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
linux-manta Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was ignored [was needed now end-of-life])
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-qcm-msm Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.8~rc1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
Notes
Author | Note |
---|---|
jdstrand | Per kernel team, patch is too intrusive to backport |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5374
- http://www.openwall.com/lists/oss-security/2012/12/13/20
- http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs/
- https://usn.ubuntu.com/usn/usn-1944-1
- https://usn.ubuntu.com/usn/usn-1945-1
- https://usn.ubuntu.com/usn/usn-1947-1
- https://usn.ubuntu.com/usn/usn-1946-1
- https://usn.ubuntu.com/usn/usn-2017-1
- https://usn.ubuntu.com/usn/usn-2018-1
- NVD
- Launchpad
- Debian