Date: Thu, 5 Jan 2012 16:50:11 +0100 From: Petr Matousek <pmatouse@...hat.com> To: akuster <akuster@...sta.com> Cc: oss-security@...ts.openwall.com Subject: Re: CVE Request -- kernel: futex: clear robust_list on execve On Thu, Jan 05, 2012 at 05:33:47AM -1000, akuster wrote: > Could it be said that this issue was introduced by these two commits in > 2.6.16 ? > > 0771dfefc9e538f077d0b43b6dec19a5a67d0e70 > 34f192c6527f20c47ccec239e7d51a27691b93fc Looks correct. Petr > > - Armin > > On 01/04/2012 12:10 PM, Petr Matousek wrote: > > Move "exit_robust_list" into mm_release() and clear them > > > > We don't want to get rid of the futexes just at exit() time, we want to > > drop them when doing an execve() too, since that gets rid of the > > previous VM image too. > > > > Doing it at mm_release() time means that we automatically always do it > > when we disassociate a VM map from the task. > > > > Upstream patches: > > 8141c7f3e7aee618312fa1c15109e1219de784a7 > > fc6b177dee33365ccb29fe6d2092223cf8d679f9 > > > > Reference: > > https://bugzilla.redhat.com/show_bug.cgi?id=771764 > > -- Petr Matousek / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ