CVE-2011-2918

The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.

From the Ubuntu Security Team

The performance counter subsystem did not correctly handle certain counters. A local attacker could exploit this to crash the system, leading to a denial of service.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	11.10 oneiric	Not affected
	11.04 natty	Fixed 2.6.38-11.49
	10.10 maverick	Fixed 2.6.35-30.60
	10.04 LTS lucid	Fixed 2.6.32-34.73
	8.04 LTS hardy	Not affected
linux-ec2	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Ignored end of life
	10.04 LTS lucid	Fixed 2.6.32-318.37
	8.04 LTS hardy	Not in release
linux-fsl-imx51	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Fixed 2.6.31-610.28
	8.04 LTS hardy	Not in release
linux-lts-backport-maverick	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Fixed 2.6.35-30.60~lucid1
	8.04 LTS hardy	Not in release
linux-lts-backport-natty	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Fixed 2.6.38-11.49~lucid1
	8.04 LTS hardy	Not in release
linux-lts-backport-oneiric	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release
linux-mvl-dove	11.10 oneiric	Not in release
	11.04 natty	Not in release
	10.10 maverick	Fixed 2.6.32-418.35
	10.04 LTS lucid	Fixed 2.6.32-218.35
	8.04 LTS hardy	Not in release
linux-ti-omap4	11.10 oneiric	Not affected
	11.04 natty	Fixed 2.6.38-1209.15
	10.10 maverick	Fixed 2.6.35-903.24
	10.04 LTS lucid	Not in release
	8.04 LTS hardy	Not in release

Notes

jdstrand

https://lkml.org/lkml/2011/7/27/337 (reproducer) https://lkml.org/lkml/2011/7/28/284 (fix)

apw

mainline fix: a8b0ca17b80e92faab46ee7179ba9e99ccb61233 stable fix: 462fee3af72df0de7b60b96c525ffe8baf4db0f0 http://git.kernel.org/?p=linux/kernel/git/stable/linux-3.0.y.git;a=commit;h=462fee3af72df0de7b60b96c525ffe8baf4db0f0

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Introduced by 0793a61, fixed by a8b0ca1

Severity score breakdown

Parameter	Value
Base score	5.5 · Medium
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	None
Integrity impact	None
Availability impact	High
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

USN-1204-1
Linux kernel (i.MX51) vulnerabilities
13 September 2011

USN-1208-1
Linux kernel (Marvel DOVE) vulnerabilities
14 September 2011

USN-1219-1
Linux kernel (Maverick backport) vulnerabilities
29 September 2011

USN-1202-1
Linux kernel (OMAP4) vulnerabilities
13 September 2011

USN-1211-1
Linux kernel vulnerabilities
21 September 2011

USN-1203-1
Linux kernel (Marvel DOVE) vulnerabilities
13 September 2011

USN-1218-1
Linux kernel vulnerabilities
29 September 2011

USN-1227-1
Linux kernel vulnerabilities
11 October 2011

USN-1256-1
Linux kernel (Natty backport) vulnerabilities
9 November 2011

USN-1212-1
Linux kernel (OMAP4) vulnerabilities
21 September 2011

USN-1216-1
Linux kernel (EC2) vulnerabilities
26 September 2011

Cvss 3 Severity Score