Bug#303140: CAN-2005-0937: DoS in futex handling
Package: kernel-source-2.6.8
Version: 2.6.8-15
Severity: important
Tags: security
Hi,
CAN-2005-0937 describes the following Denial-of-Service vulnerability:
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user
calls while holding the mmap_sem semaphore, which could allow local
users to cause a deadlock condition in do_page_fault by triggering
get_user faults while another thread is executing mmap or other functions.
Patch is available at:
http://linux.bkbits.net:8080/linux-2.6/cset@421cfc11zFsK9gxvSJ2t__FCmuUd3Q
Cheers,
Moritz
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)
Versions of packages kernel-source-2.6.8 depends on:
ii binutils 2.15-5 The GNU assembler, linker and bina
ii bzip2 1.0.2-5 high-quality block-sorting file co
ii coreutils [fileutils] 5.2.1-2 The GNU core utilities
Reply to: