1
PublicDateAtUSN: 2011-10-06
2
Candidate: CVE-2011-2905
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2905
6
http://www.debian.org/security/2011/dsa-2303
7
http://marc.info/?l=linux-kernel&m=131256355026183
8
https://usn.ubuntu.com/usn/usn-1239-1
9
https://usn.ubuntu.com/usn/usn-1242-1
10
https://usn.ubuntu.com/usn/usn-1245-1
11
https://usn.ubuntu.com/usn/usn-1241-1
12
https://usn.ubuntu.com/usn/usn-1243-1
13
https://usn.ubuntu.com/usn/usn-1244-1
14
https://usn.ubuntu.com/usn/usn-1240-1
15
https://usn.ubuntu.com/usn/usn-1253-1
16
https://usn.ubuntu.com/usn/usn-1279-1
17
https://usn.ubuntu.com/usn/usn-1281-1
18
https://usn.ubuntu.com/usn/usn-1285-1
20
Untrusted search path vulnerability in the perf_config function in
21
tools/perf/util/config.c in perf, as distributed in the Linux kernel before
22
3.1, allows local users to overwrite arbitrary files via a crafted config
23
file in the current working directory.
25
Christian Ohm discovered that the perf command looks for configuration
26
files in the current directory. If a privileged user were tricked into
27
running perf in a directory containing a malicious configuration file, an
28
attacker could run arbitrary commands and possibly gain privileges.
31
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2905
32
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632923
33
https://launchpad.net/bugs/869259
35
Discovered-by: Christian Ohm
39
break-fix: 0780060124011b94af55830939c86cc0916be0f5 aba8d056078e47350d85b06a9cabd5afcc4b72ea
40
upstream_linux: released (3.1~rc2)
41
hardy_linux: not-affected
42
lucid_linux: released (2.6.32-35.78)
43
maverick_linux: released (2.6.35-30.61)
44
natty_linux: released (2.6.38-13.52)
45
oneiric_linux: not-affected (3.0.0-9.12)
46
devel_linux: not-affected (3.0.0-9.12)
49
upstream_linux-ec2: released (3.1~rc2)
51
lucid_linux-ec2: released (2.6.32-319.39)
52
maverick_linux-ec2: ignored (binary supplied by "linux" now)
54
oneiric_linux-ec2: DNE
57
Patches_linux-mvl-dove:
58
upstream_linux-mvl-dove: released (3.1~rc2)
59
hardy_linux-mvl-dove: DNE
60
lucid_linux-mvl-dove: released (2.6.32-219.37)
61
maverick_linux-mvl-dove: released (2.6.32-419.37)
62
natty_linux-mvl-dove: DNE
63
oneiric_linux-mvl-dove: DNE
64
devel_linux-mvl-dove: DNE
66
Patches_linux-ti-omap4:
67
upstream_linux-ti-omap4: released (3.1~rc2)
68
hardy_linux-ti-omap4: DNE
69
lucid_linux-ti-omap4: DNE
70
maverick_linux-ti-omap4: released (2.6.35-903.26)
71
natty_linux-ti-omap4: released (2.6.38-1209.17)
72
oneiric_linux-ti-omap4: not-affected (3.0.0-1204.9)
73
devel_linux-ti-omap4: not-affected (3.0.0-1204.9)
75
Patches_linux-lts-backport-maverick:
76
upstream_linux-lts-backport-maverick: released (3.1~rc2)
77
hardy_linux-lts-backport-maverick: DNE
78
lucid_linux-lts-backport-maverick: released (2.6.35-30.61~lucid1)
79
maverick_linux-lts-backport-maverick: DNE
80
natty_linux-lts-backport-maverick: DNE
81
oneiric_linux-lts-backport-maverick: DNE
82
devel_linux-lts-backport-maverick: DNE
84
Patches_linux-fsl-imx51:
85
upstream_linux-fsl-imx51: released (3.1~rc2)
86
hardy_linux-fsl-imx51: DNE
87
lucid_linux-fsl-imx51: released (2.6.31-611.29)
88
maverick_linux-fsl-imx51: DNE
89
natty_linux-fsl-imx51: DNE
90
oneiric_linux-fsl-imx51: DNE
91
devel_linux-fsl-imx51: DNE
93
Patches_linux-lts-backport-natty:
94
upstream_linux-lts-backport-natty: released (3.1~rc2)
95
hardy_linux-lts-backport-natty: DNE
96
lucid_linux-lts-backport-natty: released (2.6.38-13.52~lucid1)
97
maverick_linux-lts-backport-natty: DNE
98
natty_linux-lts-backport-natty: DNE
99
oneiric_linux-lts-backport-natty: DNE
100
devel_linux-lts-backport-natty: DNE
102
Patches_linux-lts-backport-oneiric:
103
upstream_linux-lts-backport-oneiric: released (3.1~rc2)
104
hardy_linux-lts-backport-oneiric: DNE
105
lucid_linux-lts-backport-oneiric: not-affected
106
maverick_linux-lts-backport-oneiric: DNE
107
natty_linux-lts-backport-oneiric: DNE
108
oneiric_linux-lts-backport-oneiric: DNE
109
devel_linux-lts-backport-oneiric: DNE