Launchpad.net

CVE 2010-1187

The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.

Related bugs and status

CVE-2010-1187 (Candidate) is related to these bugs:

Bug #367499: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010

Summary				In	Importance	Status
	367499	BUG: unable to handle kernel NULL pointer dereference at 0000000000000010		linux (Ubuntu)	Medium	Fix Released
	367499	BUG: unable to handle kernel NULL pointer dereference at 0000000000000010		apparmor (Ubuntu)	Undecided	Invalid

Bug #458201: kernel stacktrace on volume detach in kvm guest

		In	Importance	Status
458201	kernel stacktrace on volume detach in kvm guest	qemu-kvm (Ubuntu)	Low	Invalid
458201	kernel stacktrace on volume detach in kvm guest	QEMU	Undecided	Invalid
458201	kernel stacktrace on volume detach in kvm guest	linux (Ubuntu)	Medium	Fix Released

Bug #485556: inotify oops with wd == 4096

		In	Importance	Status
485556	inotify oops with wd == 4096	linux (Ubuntu)	Medium	Fix Released
485556	inotify oops with wd == 4096	Linux	Medium	Expired
485556	inotify oops with wd == 4096	linux (Ubuntu Hardy)	Undecided	Fix Released
485556	inotify oops with wd == 4096	linux (Ubuntu Intrepid)	Undecided	Won't Fix
485556	inotify oops with wd == 4096	linux (Ubuntu Lucid)	Medium	Fix Released
485556	inotify oops with wd == 4096	linux (Ubuntu Jaunty)	Undecided	Fix Released
485556	inotify oops with wd == 4096	linux (Ubuntu Dapper)	Undecided	Won't Fix
485556	inotify oops with wd == 4096	linux (Ubuntu Karmic)	Undecided	Fix Released

Bug #529288: "Kernel Oops" - unable to handle kernel paging request at ffff880323279bf2 RIP is at aa_dfa_match_len+0xd9/0xf0

Summary				In	Importance	Status
	529288	"Kernel Oops" - unable to handle kernel paging request at ffff880323279bf2 RIP is at aa_dfa_match_len+0xd9/0xf0		linux (Ubuntu)	Low	Fix Released

Bug #530361: Support for DELL H200/H700/H800 SAS cards is missing in the CD/DVD installer for Lucid (mpt2sas)

Summary				In	Importance	Status
	530361	Support for DELL H200/H700/H800 SAS cards is missing in the CD/DVD installer for Lucid (mpt2sas)		linux (Ubuntu)	Low	Fix Released

Bug #532553: linux-image-2.6.32-302-ec2 is missing iptables module xt_recent

Summary				In	Importance	Status
	532553	linux-image-2.6.32-302-ec2 is missing iptables module xt_recent		linux-ec2 (Ubuntu)	Low	Fix Released

Bug #537168: [lucid] add support for Marvel 0x8431 (88E8059)

Summary				In	Importance	Status
	537168	[lucid] add support for Marvel 0x8431 (88E8059)		linux (Ubuntu)	Low	Fix Released

Bug #539730: [G72M] Screen corruption when using KMS. Dell Latitude D620 / Quadro NVS 110M/GeForce Go 7300

Summary				In	Importance	Status
	539730	[G72M] Screen corruption when using KMS. Dell Latitude D620 / Quadro NVS 110M/GeForce Go 7300		linux (Ubuntu)	High	Fix Released
	539730	[G72M] Screen corruption when using KMS. Dell Latitude D620 / Quadro NVS 110M/GeForce Go 7300		Nouveau Xorg driver	Medium	Fix Released

Bug #542950: [Needs noaccel quirk] Screen corruption on startup

Summary				In	Importance	Status
	542950	[Needs noaccel quirk] Screen corruption on startup		linux (Ubuntu)	High	Fix Released
	542950	[Needs noaccel quirk] Screen corruption on startup		linux (Ubuntu Lucid)	High	Fix Released

Bug #543617: Unmount of an fs with dirty cache buffers causes pathological slowdown

		In	Importance	Status
543617	Unmount of an fs with dirty cache buffers causes pathological slowdown	linux (Ubuntu)	High	Invalid
543617	Unmount of an fs with dirty cache buffers causes pathological slowdown	linux (Ubuntu Lucid)	High	Fix Released
543617	Unmount of an fs with dirty cache buffers causes pathological slowdown	Linux	Medium	Fix Released
543617	Unmount of an fs with dirty cache buffers causes pathological slowdown	linux (Fedora)	Medium	Won't Fix

Bug #544088: [needs noaccel quirk] Ubuntu 10.4 freezes on x-server start with Geforce 3 TI200

Summary				In	Importance	Status
	544088	[needs noaccel quirk] Ubuntu 10.4 freezes on x-server start with Geforce 3 TI200		linux (Ubuntu)	High	Fix Released

Bug #555261: BUG: scheduling while atomic: swapper/0/0x10010000

Summary				In	Importance	Status
	555261	BUG: scheduling while atomic: swapper/0/0x10010000		linux (Ubuntu)	Undecided	Fix Released

Bug #561425: [Lucid] pre-stable backports of important kvm patches

Summary				In	Importance	Status
	561425	[Lucid] pre-stable backports of important kvm patches		linux (Ubuntu)	Medium	Fix Released

Bug #562047: AppArmor sid wraps causing learning profile names to collide

Summary				In	Importance	Status
	562047	AppArmor sid wraps causing learning profile names to collide		linux (Ubuntu)	Undecided	Fix Released

Bug #562056: AppArmor fails to mediate deleted files

Summary				In	Importance	Status
	562056	AppArmor fails to mediate deleted files		linux (Ubuntu)	Undecided	Fix Released

Bug #562060: AppArmor has type-o in log message reporting scrubbing of environment variables

Summary				In	Importance	Status
	562060	AppArmor has type-o in log message reporting scrubbing of environment variables		linux (Ubuntu)	Undecided	Fix Released

Bug #562063: AppArmor can cause oops due to refcount error when exec fails

Summary				In	Importance	Status
	562063	AppArmor can cause oops due to refcount error when exec fails		linux (Ubuntu)	Undecided	Fix Released

See the

CVE page on cve.org for more details.

References

external: MDVSA-2010:198
external: http://git.kernel.org/...
external: https://bugzilla.redha...
external: 39120
external: 43315
external: [oss-security] 2010033...
external: oval:org.mitre.oval:de...
external: http://www.vmware.com/...
external: [oss-security] 2010033...
external: DSA-2053
external: 20110211 VMSA-2011-000...
external: 39830