Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 04 Jan 2012 15:18:54 -0700
From: Kurt Seifried <kseifrie@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- kernel: futex: clear robust_list
 on execve

On 01/04/2012 03:10 PM, Petr Matousek wrote:
> Move "exit_robust_list" into mm_release() and clear them
>
> We don't want to get rid of the futexes just at exit() time, we want to
> drop them when doing an execve() too, since that gets rid of the
> previous VM image too.
>
> Doing it at mm_release() time means that we automatically always do it
> when we disassociate a VM map from the task.
>
> Upstream patches:
> 8141c7f3e7aee618312fa1c15109e1219de784a7
> fc6b177dee33365ccb29fe6d2092223cf8d679f9
>
> Reference:
> https://bugzilla.redhat.com/show_bug.cgi?id=771764
>
Please use CVE-2012-0028 for this issue.

-- 

-- Kurt Seifried / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ