Candidate: CVE-2009-3234
Description:
 "If we pass a big size data over perf_counter_open() syscall, the kernel 
 will copy this data to a small buffer, it will cause kernel crash."
References:
 http://www.openwall.com/lists/oss-security/2009/09/16/1
Ubuntu-Description:
Notes:
 kernel/perf_counter.c was introduced in commit 0793a61d (v2.6.31-rc1)
 brad spengler has working exploit code for this one, so high-urgency
Bugs:
upstream: released (2.6.31.1) [986ddf533c1dd6852196182084aefe1ca9eda34e], pending (2.6.32-rc2) [b3e62e3]
linux-2.6: released (2.6.31-1)
2.6.18-etch-security: N/A "vulnerable code not present"
2.6.24-etch-security: N/A "vulnerable code not present"
2.6.26-lenny-security: N/A "vulnerable code not present"
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
2.6.27-intrepid-security: