Openwall GNU/*/Linux 3.0 - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 5 Jan 2012 16:53:36 +0100
From: Petr Matousek <pmatouse@...hat.com>
To: Greg KH <greg@...ah.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- kernel: futex: clear robust_list
 on execve

On Wed, Jan 04, 2012 at 02:23:03PM -0800, Greg KH wrote:
> On Wed, Jan 04, 2012 at 11:10:59PM +0100, Petr Matousek wrote:
> > Move "exit_robust_list" into mm_release() and clear them
> > 
> > We don't want to get rid of the futexes just at exit() time, we want to
> > drop them when doing an execve() too, since that gets rid of the
> > previous VM image too.
> > 
> > Doing it at mm_release() time means that we automatically always do it
> > when we disassociate a VM map from the task.
> > 
> > Upstream patches:
> > 8141c7f3e7aee618312fa1c15109e1219de784a7
> > fc6b177dee33365ccb29fe6d2092223cf8d679f9
> 
> In the future, could you reference which kernel contained these patches
> so I don't have to go look it up?  :)

I will try to include the kernel version next time.

Petr

> 
> For the record, the first one showed up in 2.6.28-rc5 and the second in
> 2.6.32-rc4.
> 
> thanks,
> 
> greg k-h

-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ