Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 5 Jan 2012 16:50:11 +0100
From: Petr Matousek <pmatouse@...hat.com>
To: akuster <akuster@...sta.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- kernel: futex: clear robust_list
 on execve

On Thu, Jan 05, 2012 at 05:33:47AM -1000, akuster wrote:
> Could it be said that this issue was introduced by these two commits in
> 2.6.16 ?
> 
> 0771dfefc9e538f077d0b43b6dec19a5a67d0e70
> 34f192c6527f20c47ccec239e7d51a27691b93fc

Looks correct.

Petr

> 
> - Armin
> 
> On 01/04/2012 12:10 PM, Petr Matousek wrote:
> > Move "exit_robust_list" into mm_release() and clear them
> > 
> > We don't want to get rid of the futexes just at exit() time, we want to
> > drop them when doing an execve() too, since that gets rid of the
> > previous VM image too.
> > 
> > Doing it at mm_release() time means that we automatically always do it
> > when we disassociate a VM map from the task.
> > 
> > Upstream patches:
> > 8141c7f3e7aee618312fa1c15109e1219de784a7
> > fc6b177dee33365ccb29fe6d2092223cf8d679f9
> > 
> > Reference:
> > https://bugzilla.redhat.com/show_bug.cgi?id=771764
> > 

-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.