Candidate: CVE-2011-1020 Description: /proc/$pid/ leaks contents across setuid exec References: https://lkml.org/lkml/2011/2/7/368 Notes: jmm> a9712bc12c40c172e393f85a9b2ba8db4bf59509 already in 2.6.32.x, the rest is missing Bugs: upstream: released (2.6.39) [ca6b0bf0e086513b9ee5efc0aa5770ecb57778af, ec6fd8a4355cda81cd9f06bebc048e83eb514ac7, d6f64b89d7ff22ce05896ab4a93a653e8d0b123d, 2fadaef41283aad7100fa73f01998cddaca25833, a9712bc12c40c172e393f85a9b2ba8db4bf59509] 2.6.32-upstream-stable: ignored sid: released (2.6.39-1) 2.6.26-lenny-security: released (2.6.26-26lenny4) [bugfix/all/pagemap-close-races-with-suid-execve.patch, bugfix/all/proc-map-report-errors-sanely.patch, bugfix/all/close-race-in-proc-pid-environ.patch, bugfix/all/auxv-require-the-target-or-self-to-be-traceable.patch] 3.2-wheezy-security: N/A 2.6.32-squeeze-security: released (2.6.32-35squeeze1) [bugfix/all/pagemap-close-races-with-suid-execve.patch, bugfix/all/proc-map-report-errors-sanely.patch, bugfix/all/close-race-in-proc-pid-environ.patch, bugfix/all/auxv-require-the-target-or-self-to-be-traceable.patch, bugfix/all/proc-syscall-stack-personality-races.patch] 3.2-upstream-stable: N/A