Novell Home

CVE-2011-0726

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-0726 at MITRE

Description

The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary.

NVD CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)

Novell/SUSE information

Novell Bugzilla entry: 701254

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
  • kernel-kdump >= 2.6.16.60-0.89.1
sles10-sp4-debuginfo.ppc
sles10-sp4.ppc
sle10-sp4-sdk.ppc
ZYPP Patch Nr: 7667
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
  • kernel-default >= 2.6.16.60-0.89.1
  • kernel-iseries64 >= 2.6.16.60-0.89.1
  • kernel-kdump >= 2.6.16.60-0.89.1
  • kernel-ppc64 >= 2.6.16.60-0.89.1
  • kernel-source >= 2.6.16.60-0.89.1
  • kernel-syms >= 2.6.16.60-0.89.1
sles10-sp4-debuginfo.ppc
sles10-sp4.ppc
sle10-sp4-sdk.ppc
ZYPP Patch Nr: 7667
SUSE Linux Enterprise SDK 10 SP3
  • kernel-debug >= 2.6.16.60-0.83.2
  • kernel-kdump >= 2.6.16.60-0.83.2
  • kernel-xen >= 2.6.16.60-0.83.2
  • kernel-xenpae >= 2.6.16.60-0.83.2
sles10-sp3-debuginfo.x86
sles10-sp3.x86
sle10-sp3-sdk.x86
ZYPP Patch Nr: 7734
SUSE Linux Enterprise Server 10 SP3
  • kernel-bigsmp >= 2.6.16.60-0.83.2
  • kernel-debug >= 2.6.16.60-0.83.2
  • kernel-default >= 2.6.16.60-0.83.2
  • kernel-kdump >= 2.6.16.60-0.83.2
  • kernel-kdumppae >= 2.6.16.60-0.83.2
  • kernel-smp >= 2.6.16.60-0.83.2
  • kernel-source >= 2.6.16.60-0.83.2
  • kernel-syms >= 2.6.16.60-0.83.2
  • kernel-vmi >= 2.6.16.60-0.83.2
  • kernel-vmipae >= 2.6.16.60-0.83.2
  • kernel-xen >= 2.6.16.60-0.83.2
  • kernel-xenpae >= 2.6.16.60-0.83.2
sles10-sp3-debuginfo.x86
sles10-sp3.x86
sle10-sp3-sdk.x86
ZYPP Patch Nr: 7734
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
  • kernel-default >= 2.6.16.60-0.89.1
  • kernel-smp >= 2.6.16.60-0.89.1
  • kernel-source >= 2.6.16.60-0.89.1
  • kernel-syms >= 2.6.16.60-0.89.1
  • kernel-xen >= 2.6.16.60-0.89.1
sle10-sp4-sdk.x86-64
sled10-sp4.x86-64
sles10-sp4.x86-64
sles10-sp4-debuginfo.x86-64
ZYPP Patch Nr: 7665
SLE SDK 10 SP4 for X86-64
  • kernel-debug >= 2.6.16.60-0.89.1
  • kernel-kdump >= 2.6.16.60-0.89.1
  • kernel-xen >= 2.6.16.60-0.89.1
sle10-sp4-sdk.x86-64
sled10-sp4.x86-64
sles10-sp4.x86-64
sles10-sp4-debuginfo.x86-64
ZYPP Patch Nr: 7665
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
  • kernel-debug >= 2.6.16.60-0.89.1
  • kernel-default >= 2.6.16.60-0.89.1
  • kernel-kdump >= 2.6.16.60-0.89.1
  • kernel-smp >= 2.6.16.60-0.89.1
  • kernel-source >= 2.6.16.60-0.89.1
  • kernel-syms >= 2.6.16.60-0.89.1
  • kernel-xen >= 2.6.16.60-0.89.1
sle10-sp4-sdk.x86-64
sled10-sp4.x86-64
sles10-sp4.x86-64
sles10-sp4-debuginfo.x86-64
ZYPP Patch Nr: 7665
SLE SDK 10 SP4 for IPF
  • kernel-debug >= 2.6.16.60-0.89.1
sles10-sp4-debuginfo.ia64
sle10-sp4-sdk.ia64
sles10-sp4.ia64
ZYPP Patch Nr: 7668
SUSE Linux Enterprise Server 10 SP4 for IPF
  • kernel-debug >= 2.6.16.60-0.89.1
  • kernel-default >= 2.6.16.60-0.89.1
  • kernel-source >= 2.6.16.60-0.89.1
  • kernel-syms >= 2.6.16.60-0.89.1
sles10-sp4-debuginfo.ia64
sle10-sp4-sdk.ia64
sles10-sp4.ia64
ZYPP Patch Nr: 7668
SUSE Linux Enterprise SDK 10 SP3
  • kernel-kdump >= 2.6.16.60-0.83.2
sles10-sp3-debuginfo.ppc
sle10-sp3-sdk.ppc
sles10-sp3.ppc
ZYPP Patch Nr: 7737
SUSE Linux Enterprise Server 10 SP3
  • kernel-default >= 2.6.16.60-0.83.2
  • kernel-iseries64 >= 2.6.16.60-0.83.2
  • kernel-kdump >= 2.6.16.60-0.83.2
  • kernel-ppc64 >= 2.6.16.60-0.83.2
  • kernel-source >= 2.6.16.60-0.83.2
  • kernel-syms >= 2.6.16.60-0.83.2
sles10-sp3-debuginfo.ppc
sle10-sp3-sdk.ppc
sles10-sp3.ppc
ZYPP Patch Nr: 7737
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
  • kernel-default >= 2.6.16.60-0.89.1
  • kernel-source >= 2.6.16.60-0.89.1
  • kernel-syms >= 2.6.16.60-0.89.1
sles10-sp4-debuginfo.s390x
sles10-sp4.s390x
ZYPP Patch Nr: 7664
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • kernel-bigsmp >= 2.6.16.60-0.89.1
  • kernel-default >= 2.6.16.60-0.89.1
  • kernel-smp >= 2.6.16.60-0.89.1
  • kernel-source >= 2.6.16.60-0.89.1
  • kernel-syms >= 2.6.16.60-0.89.1
  • kernel-xen >= 2.6.16.60-0.89.1
  • kernel-xenpae >= 2.6.16.60-0.89.1
sles10-sp4-debuginfo.x86
sle10-sp4-sdk.x86
sles10-sp4.x86
sled10-sp4.x86
ZYPP Patch Nr: 7666
SLE SDK 10 SP4 for x86
  • kernel-debug >= 2.6.16.60-0.89.1
  • kernel-kdump >= 2.6.16.60-0.89.1
  • kernel-xen >= 2.6.16.60-0.89.1
  • kernel-xenpae >= 2.6.16.60-0.89.1
sles10-sp4-debuginfo.x86
sle10-sp4-sdk.x86
sles10-sp4.x86
sled10-sp4.x86
ZYPP Patch Nr: 7666
SUSE Linux Enterprise Server 10 SP4 for x86
  • kernel-bigsmp >= 2.6.16.60-0.89.1
  • kernel-debug >= 2.6.16.60-0.89.1
  • kernel-default >= 2.6.16.60-0.89.1
  • kernel-kdump >= 2.6.16.60-0.89.1
  • kernel-kdumppae >= 2.6.16.60-0.89.1
  • kernel-smp >= 2.6.16.60-0.89.1
  • kernel-source >= 2.6.16.60-0.89.1
  • kernel-syms >= 2.6.16.60-0.89.1
  • kernel-vmi >= 2.6.16.60-0.89.1
  • kernel-vmipae >= 2.6.16.60-0.89.1
  • kernel-xen >= 2.6.16.60-0.89.1
  • kernel-xenpae >= 2.6.16.60-0.89.1
sles10-sp4-debuginfo.x86
sle10-sp4-sdk.x86
sles10-sp4.x86
sled10-sp4.x86
ZYPP Patch Nr: 7666
SUSE Linux Enterprise SDK 10 SP3
  • kernel-debug >= 2.6.16.60-0.83.2
sle10-sp3-sdk.ia64
sles10-sp3.ia64
sles10-sp3-debuginfo.ia64
ZYPP Patch Nr: 7735
SUSE Linux Enterprise Server 10 SP3
  • kernel-debug >= 2.6.16.60-0.83.2
  • kernel-default >= 2.6.16.60-0.83.2
  • kernel-source >= 2.6.16.60-0.83.2
  • kernel-syms >= 2.6.16.60-0.83.2
sle10-sp3-sdk.ia64
sles10-sp3.ia64
sles10-sp3-debuginfo.ia64
ZYPP Patch Nr: 7735
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise Server for SAP 10 SP3
  • kernel-debug >= 2.6.16.60-0.83.2
  • kernel-default >= 2.6.16.60-0.83.2
  • kernel-kdump >= 2.6.16.60-0.83.2
  • kernel-smp >= 2.6.16.60-0.83.2
  • kernel-source >= 2.6.16.60-0.83.2
  • kernel-syms >= 2.6.16.60-0.83.2
  • kernel-xen >= 2.6.16.60-0.83.2
sles10-sp3-debuginfo.x86-64
sles10-sp3.x86-64
sle10-sp3-sdk.x86-64
ZYPP Patch Nr: 7729
SUSE Linux Enterprise SDK 10 SP3
  • kernel-debug >= 2.6.16.60-0.83.2
  • kernel-kdump >= 2.6.16.60-0.83.2
  • kernel-xen >= 2.6.16.60-0.83.2
sles10-sp3-debuginfo.x86-64
sles10-sp3.x86-64
sle10-sp3-sdk.x86-64
ZYPP Patch Nr: 7729
SUSE Linux Enterprise Server 10 SP3
  • kernel-default >= 2.6.16.60-0.83.2
  • kernel-source >= 2.6.16.60-0.83.2
  • kernel-syms >= 2.6.16.60-0.83.2
sles10-sp3.s390x
sles10-sp3-debuginfo.s390x
ZYPP Patch Nr: 7736

List of products where fixes are in QA

© 2014 Novell