The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file.
http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0
http://www.openwall.com/lists/oss-security/2011/10/17/6
https://github.com/torvalds/linux/commit/a5b2c5b2ad5853591a6cac6134cd0f599a720865
OR
cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:rc7:*:*:*:*:*:* versions up to 3.0 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
74801 | openSUSE Security Update : kernel (openSUSE-SU-2012:1439-1) | Nessus | SuSE Local Security Checks | critical |
74658 | openSUSE Security Update : Kernel (openSUSE-SU-2012:0799-1) | Nessus | SuSE Local Security Checks | critical |
58289 | USN-1394-1 : Linux kernel (OMAP4) vulnerabilities | Nessus | Ubuntu Local Security Checks | high |
58268 | Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1387-1) | Nessus | Ubuntu Local Security Checks | high |
58264 | USN-1383-1 : linux-ti-omap4 vulnerabilities | Nessus | Ubuntu Local Security Checks | high |
58169 | Ubuntu 10.10 : linux vulnerabilities (USN-1379-1) | Nessus | Ubuntu Local Security Checks | medium |
56768 | Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1256-1) | Nessus | Ubuntu Local Security Checks | critical |
55923 | Ubuntu 11.04 : linux vulnerabilities (USN-1193-1) | Nessus | Ubuntu Local Security Checks | high |