Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 5 Jan 2012 16:50:11 +0100
From: Petr Matousek <pmatouse@...hat.com>
To: akuster <akuster@...sta.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- kernel: futex: clear robust_list
 on execve

On Thu, Jan 05, 2012 at 05:33:47AM -1000, akuster wrote:
> Could it be said that this issue was introduced by these two commits in
> 2.6.16 ?
> 
> 0771dfefc9e538f077d0b43b6dec19a5a67d0e70
> 34f192c6527f20c47ccec239e7d51a27691b93fc

Looks correct.

Petr

> 
> - Armin
> 
> On 01/04/2012 12:10 PM, Petr Matousek wrote:
> > Move "exit_robust_list" into mm_release() and clear them
> > 
> > We don't want to get rid of the futexes just at exit() time, we want to
> > drop them when doing an execve() too, since that gets rid of the
> > previous VM image too.
> > 
> > Doing it at mm_release() time means that we automatically always do it
> > when we disassociate a VM map from the task.
> > 
> > Upstream patches:
> > 8141c7f3e7aee618312fa1c15109e1219de784a7
> > fc6b177dee33365ccb29fe6d2092223cf8d679f9
> > 
> > Reference:
> > https://bugzilla.redhat.com/show_bug.cgi?id=771764
> > 

-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ