CVE-2011-0695 | Ubuntu

Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.

From the Ubuntu Security Team

Jens Kuehnel discovered that the InfiniBand driver contained a race condition. On systems using InfiniBand, a local attacker could send specially crafted requests to crash the system, leading to a denial of service.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	11.04 natty	Fixed 2.6.38-8.40
	10.10 maverick	Fixed 2.6.35-29.51
	10.04 LTS lucid	Fixed 2.6.32-32.62
	9.10 karmic	Ignored
	8.04 LTS hardy	Fixed 2.6.24-29.90
	6.06 LTS dapper	Not in release
linux-ec2	11.04 natty	Not in release
	10.10 maverick	Ignored
	10.04 LTS lucid	Fixed 2.6.32-316.30
	9.10 karmic	Ignored
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
linux-fsl-imx51	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Fixed 2.6.31-609.26
	9.10 karmic	Ignored
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
linux-lts-backport-maverick	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Fixed 2.6.35-30.54~lucid1
	9.10 karmic	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
linux-lts-backport-natty	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release
linux-mvl-dove	11.04 natty	Not in release
	10.10 maverick	Fixed 2.6.32-417.34
	10.04 LTS lucid	Fixed 2.6.32-217.34
	9.10 karmic	Ignored
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
linux-source-2.6.15	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not in release
	9.10 karmic	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Fixed 2.6.15-57.97
linux-ti-omap4	11.04 natty	Fixed 2.6.38-1208.11
	10.10 maverick	Fixed 2.6.35-903.23
	10.04 LTS lucid	Not in release
	9.10 karmic	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=29963437a48475036353b95ab142bf199adb909e Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=25ae21a10112875763c18b385624df713a288a05

References

Related Ubuntu Security Notices (USN)

USN-1164-1
Linux kernel vulnerabilities (i.MX51)
6 July 2011

USN-1202-1
Linux kernel (OMAP4) vulnerabilities
13 September 2011

USN-1160-1
Linux kernel vulnerabilities
28 June 2011

USN-1141-1
Linux kernel vulnerabilities
1 June 2011

USN-1162-1
Linux kernel vulnerabilities (Marvell Dove)
29 June 2011

USN-1146-1
Linux kernel vulnerabilities
9 June 2011

USN-1187-1
Linux kernel (Maverick backport) vulnerabilities
9 August 2011

USN-1111-1
Linux kernel vulnerabilities
5 May 2011

USN-1159-1
Linux kernel vulnerabilities (Marvell Dove)
13 July 2011

Other references

https://www.cve.org/CVERecord?id=CVE-2011-0695