Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
BID:51945
Info
Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
| Bugtraq ID: | 51945 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2011-4086 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 09 2012 12:00AM |
| Updated: | Apr 13 2015 10:23PM |
| Credit: | Red Hat Security Response Team |
| Vulnerable: |
Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE SUSE Linux Enterprise Server Unsupported Extras 11 SuSE SUSE Linux Enterprise Server for VMware 11 SP2 SuSE SUSE Linux Enterprise Server for VMware 11 SP1 SuSE SUSE Linux Enterprise Server 11 SP2 SuSE SUSE Linux Enterprise Server 11 SP1 SuSE SUSE Linux Enterprise High Availability Extension 11 SP2 SuSE SUSE Linux Enterprise High Availability Extension 11 SP1 SuSE Suse Linux Enterprise Desktop 11 SP2 SuSE Suse Linux Enterprise Desktop 11 SP1 Redhat MRG Realtime for RHEL 6 Server 2 Redhat Enterprise Linux Workstation Optional 6 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server Optional 6 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux HPC Node 6 Redhat Enterprise Linux Desktop Optional 6 Redhat Enterprise Linux Desktop 6 Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 OpenVZ Project OpenVZ 042stab055.16 OpenVZ Project OpenVZ 042stab055.10 OpenVZ Project OpenVZ 042stab053.5 OpenVZ Project OpenVZ 028stab095.1 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Avaya Voice Portal 5.1.2 Avaya Voice Portal 5.1.1 Avaya Voice Portal 5.1 SP1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.0 SP2 Avaya Voice Portal 5.0 SP1 Avaya Voice Portal 5.0 Avaya IQ 5.2 Avaya IQ 5.1.1 Avaya IQ 5.1 Avaya IQ 5 Avaya IP Office Application Server 8.0 Avaya IP Office Application Server 7.0 Avaya IP Office Application Server 6.1 Avaya IP Office Application Server 6.0 Avaya Communication Server 1000M Signaling Server 7.5 Avaya Communication Server 1000M Signaling Server 7.0 Avaya Communication Server 1000M Signaling Server 6.0 Avaya Communication Server 1000M 7.5 Avaya Communication Server 1000M 7.0 Avaya Communication Server 1000M 6.0 Avaya Communication Server 1000E Signaling Server 7.5 Avaya Communication Server 1000E Signaling Server 7.0 Avaya Communication Server 1000E Signaling Server 6.0 Avaya Communication Server 1000E 7.5 Avaya Communication Server 1000E 7.0 Avaya Communication Server 1000E 6.0 Avaya Aura System Platform 6.0.2 Avaya Aura System Platform 6.0.1 Avaya Aura System Platform 6.0 SP3 Avaya Aura System Platform 6.0 SP2 Avaya Aura System Platform 6.0 Avaya Aura System Platform 1.0 Avaya Aura System Manager 6.1.3 Avaya Aura System Manager 6.1.2 Avaya Aura System Manager 6.1.1 Avaya Aura System Manager 6.1 SP2 Avaya Aura System Manager 6.1 Sp1 Avaya Aura System Manager 6.1 Avaya Aura System Manager 6.0 SP1 Avaya Aura System Manager 6.0 Avaya Aura System Manager 5.2 Avaya Aura Session Manager 6.1.3 Avaya Aura Session Manager 6.1.2 Avaya Aura Session Manager 6.1.1 Avaya Aura Session Manager 6.1 SP2 Avaya Aura Session Manager 6.1 Sp1 Avaya Aura Session Manager 6.1 Avaya Aura Session Manager 6.0 SP1 Avaya Aura Session Manager 6.0 Avaya Aura Session Manager 5.2 SP2 Avaya Aura Session Manager 5.2 SP1 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 1.1 Avaya Aura Session Manager 1.0 Avaya Aura Presence Services 6.1.1 Avaya Aura Presence Services 6.1 Avaya Aura Presence Services 6.0 Avaya Aura Messaging 6.1 Avaya Aura Messaging 6.0.1 Avaya Aura Messaging 6.0 Avaya Aura Experience Portal 6.0 Avaya Aura Conferencing 6.0 Standard Avaya Aura Conferencing Standard Avaya Aura Conferencing 6.0 Standard Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Communication Manager Utility Services 6.2 Avaya Aura Communication Manager Utility Services 6.1 Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Communication Manager 6.0.1 Avaya Aura Communication Manager 6.0 Avaya Aura Application Server 5300 SIP Core 2.1 Avaya Aura Application Server 5300 SIP Core 2.0 Avaya Aura Application Enablement Services 5.2.1 Avaya Aura Application Enablement Services 6.1.1 Avaya Aura Application Enablement Services 6.1 Avaya Aura Application Enablement Services 5.2.3 Avaya Aura Application Enablement Services 5.2.2 Avaya Aura Application Enablement Services 5.2 |
| Not Vulnerable: |
OpenVZ Project OpenVZ 042stab057.1 OpenVZ Project OpenVZ 028stab098.1 |
Discussion
Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
The Linux kernel is prone to a local denial-of-service vulnerability.
Attackers can exploit this issue to trigger a kernel panic, denying service to legitimate users.
The Linux kernel is prone to a local denial-of-service vulnerability.
Attackers can exploit this issue to trigger a kernel panic, denying service to legitimate users.
Exploit / POC
Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
References:
References:
- (CVE-2011-4086) CVE-2011-4086 kernel: jbd2: unmapped buffer with _Unwritten or _ (Red Hat)
- Download/kernel/rhel5/028stab098.1 (OpenVZ Project)
- Download/kernel/rhel6/042stab057.1 (OpenVZ Project)
- kernel security and bug fix update (RHSA-2012-0107) (Avaya)
- Linux kernel Homepage (kernel.org)
- kernel security and bug fix update (RHSA-2012-0571) (Avaya)