CVE-2011-4611
Published: 15 December 2011
Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events.
From the Ubuntu Security Team
Maynard Johnson discovered that on POWER7, certain speculative events may raise a performance monitor exception. A local attacker could exploit this to crash the system, leading to a denial of service.
Notes
| Author | Note |
|---|---|
| jdstrand | may not apply to Ubuntu. See redhat bug |
| apw | note this can only affect power systems, therefore none of the arm branches can express the issue and so are not-affected |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
|
| lucid |
Released
(2.6.32-32.62)
|
|
| maverick |
Released
(2.6.35-29.51)
|
|
| natty |
Not vulnerable
(2.6.38-8.40)
|
|
| oneiric |
Not vulnerable
(2.6.39-0.1)
|
|
| precise |
Not vulnerable
(3.1.0-1.1)
|
|
| quantal |
Not vulnerable
(3.1.0-1.0)
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
Patches: Introduced by 4574910e5087085a1f330ff8373cee4503f5c77c |
||
|
linux-armadaxp Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Not vulnerable
(3.2.0-1600.1)
|
|
| quantal |
Not vulnerable
(3.2.0-1602.5)
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-ec2 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Released
(2.6.32-316.30)
|
|
| maverick |
Ignored
(end of life)
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Not vulnerable
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Released
(2.6.35-30.54~lucid1)
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Not vulnerable
(2.6.38-8.40~lucid1)
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Not vulnerable
(3.0.0-5.6~lucid1)
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Released
(2.6.32-217.34)
|
|
| maverick |
Released
(2.6.32-417.34)
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| maverick |
Not vulnerable
|
|
| natty |
Not vulnerable
(2.6.38-1208.11)
|
|
| oneiric |
Not vulnerable
(2.6.38-1309.13)
|
|
| precise |
Not vulnerable
(3.0.0-1401.2)
|
|
| quantal |
Not vulnerable
(3.0.0-1401.2)
|
|
| upstream |
Released
(2.6.39~rc1)
|
|
References
- https://ubuntu.com/security/notices/USN-1160-1
- https://ubuntu.com/security/notices/USN-1141-1
- https://ubuntu.com/security/notices/USN-1162-1
- https://ubuntu.com/security/notices/USN-1159-1
- https://ubuntu.com/security/notices/USN-1187-1
- https://www.cve.org/CVERecord?id=CVE-2011-4611
- NVD
- Launchpad
- Debian