Upstream information

CVE-2011-2521 at MITRE

Description

The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service (panic) via the perf program.

SUSE information

Overall state of this security issue: Ignore

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.9
Vector AV:L/AC:L/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete

Note from the SUSE Security Team

This problem was introduced in Linux Kernel 2.6.39 development and fixed there. We did not ship a product based on this kernel revisions, so none of our products are affected.

SUSE Bugzilla entry: 704050 [CLOSED / INVALID]

No SUSE Security Announcements cross referenced.