CVE-2011-2518
Publication date 1 July 2011
Last updated 24 July 2024
Ubuntu priority
The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name.
From the Ubuntu Security Team
A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linux | 14.04 LTS trusty |
Not affected
|
| linux-armadaxp | 14.04 LTS trusty | Not in release |
| linux-ec2 | 14.04 LTS trusty | Not in release |
| linux-flo | 14.04 LTS trusty | Not in release |
| linux-fsl-imx51 | 14.04 LTS trusty | Not in release |
| linux-goldfish | 14.04 LTS trusty | Not in release |
| linux-grouper | 14.04 LTS trusty | Not in release |
| linux-lts-backport-maverick | 14.04 LTS trusty | Not in release |
| linux-lts-backport-natty | 14.04 LTS trusty | Not in release |
| linux-lts-backport-oneiric | 14.04 LTS trusty | Not in release |
| linux-maguro | 14.04 LTS trusty | Not in release |
| linux-mako | 14.04 LTS trusty | Not in release |
| linux-manta | 14.04 LTS trusty | Not in release |
| linux-mvl-dove | 14.04 LTS trusty | Not in release |
| linux-ti-omap4 | 14.04 LTS trusty | Not in release |
References
Related Ubuntu Security Notices (USN)
- USN-1380-1
- Linux kernel vulnerabilities
- 29 February 2012
- USN-1383-1
- Linux kernel (OMAP4) vulnerabilities
- 6 March 2012
- USN-1386-1
- Linux kernel (Natty backport) vulnerabilities
- 6 March 2012