[apparmor] [Bug 789409] Re: /proc/[PID]/attr/current overwrite Null pointer dereference

Launchpad Bug Tracker 789409 at bugs.launchpad.net
Mon Mar 5 16:34:29 UTC 2012


This bug was fixed in the package linux-ti-omap4 - 2.6.38-1209.22

---------------
linux-ti-omap4 (2.6.38-1209.22) natty-proposed; urgency=low

  * Release Tracking Bug
    - LP: #932673

  [ Upstream Kernel Changes ]

  * net: ip_expire() must revalidate route
    - LP: #922051
    - CVE-2011-1927
  * ARM: 6891/1: prevent heap corruption in OABI semtimedop
    - LP: #925373
    - CVE-2011-1759
  * Fix for buffer overflow in ldm_frag_add not sufficient
    - LP: #922371
    - CVE-2011-2182
  * oom: use pte pages in OOM score
    - LP: #922374
    - CVE-2011-2498
  * TOMOYO: Fix oops in tomoyo_mount_acl().
    - LP: #922377
    - CVE-2011-2518
  * AppArmor: fix oops in apparmor_setprocattr
    - LP: #789409
    - CVE-2011-3619
 -- Paolo Pisati <paolo.pisati at canonical.com>   Mon, 20 Feb 2012 11:59:21 +0100

** Changed in: linux-ti-omap4 (Ubuntu Natty)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1759

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2182

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2498

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2518

-- 
You received this bug notification because you are a member of AppArmor
Developers, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/789409

Title:
  /proc/[PID]/attr/current overwrite Null pointer dereference

Status in AppArmor Linux application security framework:
  Fix Released
Status in “linux” package in Ubuntu:
  Fix Released
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-natty” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-oneiric” package in Ubuntu:
  Invalid
Status in “linux-mvl-dove” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Invalid
Status in “linux” source package in Lucid:
  Invalid
Status in “linux-ec2” source package in Lucid:
  Invalid
Status in “linux-fsl-imx51” source package in Lucid:
  Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
  Fix Released
Status in “linux-lts-backport-natty” source package in Lucid:
  Fix Committed
Status in “linux-lts-backport-oneiric” source package in Lucid:
  Fix Committed
Status in “linux-mvl-dove” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “linux” source package in Natty:
  Fix Released
Status in “linux-ec2” source package in Natty:
  Invalid
Status in “linux-fsl-imx51” source package in Natty:
  Invalid
Status in “linux-lts-backport-maverick” source package in Natty:
  Invalid
Status in “linux-lts-backport-natty” source package in Natty:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Natty:
  Invalid
Status in “linux-mvl-dove” source package in Natty:
  Invalid
Status in “linux-ti-omap4” source package in Natty:
  Fix Released
Status in “linux” source package in Oneiric:
  Fix Committed
Status in “linux-ec2” source package in Oneiric:
  Invalid
Status in “linux-fsl-imx51” source package in Oneiric:
  Invalid
Status in “linux-lts-backport-maverick” source package in Oneiric:
  Invalid
Status in “linux-lts-backport-natty” source package in Oneiric:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Oneiric:
  Invalid
Status in “linux-mvl-dove” source package in Oneiric:
  Invalid
Status in “linux-ti-omap4” source package in Oneiric:
  Fix Committed
Status in “linux” source package in Precise:
  Fix Released
Status in “linux-ec2” source package in Precise:
  Invalid
Status in “linux-fsl-imx51” source package in Precise:
  Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
  Invalid
Status in “linux-lts-backport-natty” source package in Precise:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Precise:
  Invalid
Status in “linux-mvl-dove” source package in Precise:
  Invalid
Status in “linux-ti-omap4” source package in Precise:
  Invalid
Status in “linux” source package in Hardy:
  Invalid
Status in “linux-ec2” source package in Hardy:
  Invalid
Status in “linux-fsl-imx51” source package in Hardy:
  Invalid
Status in “linux-lts-backport-maverick” source package in Hardy:
  Invalid
Status in “linux-lts-backport-natty” source package in Hardy:
  Invalid
Status in “linux-lts-backport-oneiric” source package in Hardy:
  Invalid
Status in “linux-mvl-dove” source package in Hardy:
  Invalid
Status in “linux-ti-omap4” source package in Hardy:
  Invalid

Bug description:
  kernel/AppArmor local denial of service

  Break-Fix: - a5b2c5b2ad5853591a6cac6134cd0f599a720865

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/789409/+subscriptions



More information about the AppArmor mailing list