Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 5 Jan 2012 16:53:36 +0100
From: Petr Matousek <pmatouse@...hat.com>
To: Greg KH <greg@...ah.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- kernel: futex: clear robust_list
 on execve

On Wed, Jan 04, 2012 at 02:23:03PM -0800, Greg KH wrote:
> On Wed, Jan 04, 2012 at 11:10:59PM +0100, Petr Matousek wrote:
> > Move "exit_robust_list" into mm_release() and clear them
> > 
> > We don't want to get rid of the futexes just at exit() time, we want to
> > drop them when doing an execve() too, since that gets rid of the
> > previous VM image too.
> > 
> > Doing it at mm_release() time means that we automatically always do it
> > when we disassociate a VM map from the task.
> > 
> > Upstream patches:
> > 8141c7f3e7aee618312fa1c15109e1219de784a7
> > fc6b177dee33365ccb29fe6d2092223cf8d679f9
> 
> In the future, could you reference which kernel contained these patches
> so I don't have to go look it up?  :)

I will try to include the kernel version next time.

Petr

> 
> For the record, the first one showed up in 2.6.28-rc5 and the second in
> 2.6.32-rc4.
> 
> thanks,
> 
> greg k-h

-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.